Skip to content Skip to navigation Skip to footer

AI Powered Cybersecurity
FortiAI: Virtual Security AnalystTM

Sub-second Threat Investigation and Response

Discover FortiAI, a self-learning AI for SecOps
AI Powered Cybersecurity<br />
FortiAI: Virtual Security Analyst<sup>TM</sup> banner background banner dots

Overview

There is no question that cyberattacks and threats—ransomware, trojans, cryptomining, worms, etc.—are here to stay, but they are also becoming increasingly sophisticated and dangerous. Cybercriminals are eagerly adopting new innovations such as artificial intelligence (AI) and automation via AI fuzzing, self-learning swarm-based attacks, and expanded Malware-as-a-Service capabilities. Meanwhile, overburdened security operations teams are stuck with traditional security resources and investigation procedures to combat the increasing volume of advanced polymorphic, known, and unknown threats.

AI is paving the way for cybersecurity solutions to stay ahead of evolving threats. Fortinet FortiAI, powered by Deep Neural Networks (DNN), is the industry’s most sophisticated AI security solution. FortiAI is specifically designed to alleviate the tedious manual threat investigation of security alerts and threat response by identifying and classifying threats and malware outbreaks in sub-seconds and blocking them in the network.

FortiAI is offered as an on-premises hardware appliance designed for deployment at data centers and campuses.

View by:

Form Factor
2 RU
Performance
100,000 files/hour with sub-second verdict
Ports
2 x 10GE (RJ45), 1 xGE (RJ45)

The virtual appliance of FortiAI can be deployed on VMware and KVM platforms.

FortiAI-VM16
vCPU
16 cores
Performance
14,000 files/hr
Memory (Minimum/Recommended)
128GB/256GB
FortiAI-VM32
vCPU
32 cores
Performance
22,000 files/hr
Memory (Minimum/Recommended)
128GB/256GB

What is AI-Powered Cybersecurity?

Among its many benefits to cybersecurity, Artificial Intelligence (AI) can identify patterns in massive amounts of data, enabling it to detect trends in malware features and make threat classifications much more rapidly than humans can. An AI-based virtual security operations (SecOps) analyst can rapidly detect and respond to security incidents, assisting human analysts and enabling them to operate at a higher level. AI-powered cybersecurity technologies such as this can be a boon to short-staffed security teams affected by the global cybersecurity skills gap.

While Machine Learning (ML) is the most common type of AI used in cybersecurity designed to solve linear problems e.g. perform a task more efficiently and effectively for a specific situation, Deep Learning (DL) is designed to solve larger complex, non-linear problems by modelling the operation of neurons in the human brain.

AI-based learning algorithms fall into three categories: supervised, reinforced and unsupervised. A supervised ML algorithm must be trained on a large dataset of samples labeled as either benign or malicious. In contrast, Deep Neural Networks (DNN), a Deep Learning model uses reinforced learning i.e. an award-based system of learning, during its pre-training and later transitions to unsupervised learning i.e. self-learning, that does not require a labeled dataset for training and maturity. More importantly, lies in its ability to correlate various category of datasets to make decisions.

A Virtual Security Analyst that can operate in unsupervised mode is a boon to lean SecOps teams that lack the experienced resources to analyze and investigate new threats fully within the shortest period of time. Because of DNN’s innate ability to self-learn, it continuously adapts to the evolving cyber threat landscape including AI-powered cyber attacks (see diagram below).

 

A virtual security analyst must have certain characteristics:

  1. Ability to self-learn i.e. does not rely solely on cloud-based updates for AI maturity
  2. Extremely high detection rate of 99% and above
  3. Performs at scale with machine speeds
  4. Automates detection-investigation-response threat lifecycle
  5. Pre-trained AI ready for deployment on day-1
 

  

FortiAI: Virtual Security Analyst™ Product Details

FortiGuard Labs, Fortinet’s leading threat intelligence and research team, consists of threat researchers, analysts, and engineers are in the forefront of exposing new threats. This team shares their latest threat intelligence via community blogs, threat playbooks for organizations, as threat protection via intelligence services, and by developing new threat-based technologies. One of the most significant technologies built by FortiGuard Labs in 2012—an AI system to detect and update protection against millions of malware samples seen each day.

FortiAI is the cumulative effort of the AI developed by FortiGuard Labs, and the first solution of its kind that embeds a sophisticated and mature deep learning model via DNN. FortiAI's patent-pending DNN approach learns about new threats on its own and helps organizations to adapt threat protection to new attacks instantaneously. In addition, FortiAI comes pre-trained with more than 6+ million malware features that can identify IT- and OT-based threats and classify them into malware categories. These features can also accurately pinpoint patient zero and lateral spread of a malware and its variants by analyzing the entire threat movement. FortiAI broad integration within Security Fabric includes FortiGate, FortiWeb, FortiSOAR, FortiSandbox, FortiSIEM, FortiAnalyzer and 3rd party security solutions that enables sub-second protection, threat investigation and hunting. Deploying FortiAI on-premises can help security operations teams solve the security resource crisis and rapidly accelerate the response to evolving threats.

Features and Benefits

checkmark icon

Do More with Less

Offloads a security analyst’s threat investigation and response duties
high performance icon

Accelerate Threat Response

Sub-second inline blocking paired with MITRE ATT&CK investigation results
analytics icon

Improved Security Posture

Adapt to new attacks and disrupts malware outbreaks
top rate icon

Proven AI

Mature deep learning model leveraged since 2012 comes pre-trained with 6+ million malware features
Icon security fabric

Open Platform Approach

Security Fabric integration across the Fortinet portfolio, and 3rd party solutions via robust API
Malware Protection

Unified IT-OT Zero-day Threat Protection

Protects both IT and OT environments from threats

FortiAI: Virtual Security Analyst™ News

FORTIAI V1.5.1 RELEASE

FortiAI offers inline sub-second network protection with FortiGate, threat hunting with FortiSIEM and FortiAnalyzer, and best-in-industry threat protection with FortiSandbox. Additional details can be found in the release notes.

FortiAI v1.5 Release

FortiAI offers deeper integration with Security Fabric including a FortiAI widget within FortiGate Fabric GUI, and enabling AI-driven Response Orchestration use-case with FortiSOAR. Additional details can be found in the release notes.

FortiAI v1.4 Release

FortiAI integrates MITRE ATT&CK framework in its investigation view and expands Fabric support with ICAP, and STIX. For more information, please review the latest release notes.

FortiAI v1.3 Release

FortiAI introduces a number of new features, including outbreak search and malware similarity engine, the ability to investigate OT threats, and the ability to quarantine threats.