Skip to content Skip to navigation Skip to footer


FortiNDR enables full-lifecycle network protection, detection, and response. It leverages AI, ML, behavioral, and human analysis to analyze network traffic so security teams can spot attacker behavior and remediate the threat. FortiNDR provides network-traffic and file-based analysis, root-cause identification, scope of incidents, and the tools to remediate incidents quickly.

Clear Advantage Over Adversaries

To counter the sophistication of today’s cyberthreats and the volume of network activity where attackers can hide, Fortinet leverages artificial intelligence to reduce the time-intensive tasks a SOC analyst needs to perform. A machine learning (ML) model works to understand normal network activity and identifies deviations. It classifies code associated with abnormal traffic and performs an outbreak search to scope potential incidents. When integrated with other tools across the Fortinet Security Fabric, FortiNDR can initiate automatic responses to improve SOC efficiency.

Watch Now

Virtual and Human Security Analysis for Faster Response

FortiNDR offers a Virtual Security Analyst that can identify malicious network activity and files, resulting in real-time identification of advanced threats, including zero-day attacks. FortiNDR Cloud combines ML/AI with human analysis and expertise to improve your security posture and reduce false positives.

Features and Benefits


ML, deep learning, and other advanced analytics assess the “big data” of network activity


Automated threat hunting, streamlined workflows, playbooks accelerate in-house team triage


Dynamic threat-intelligence sharing enables automated and coordinated action


10+ years experience applying AI to threat data yields supervised & unsupervised detection models


Up to 365-day retention of enriched network metadata facilitates thorough investigations


Integration with the Fabric and APIs for third-parties ensure fit within security infrastructure

FortiNDR Use Cases

FortiNDR detects threats that may slip past traditional security solutions by using ML and AI, combined with FortiGuard intelligence, updates, and expertise.

Features FortiNDR (HW/VM) FortiNDR Cloud
Deployment On-prem SaaS
Security Analyst Virtual Security Analyst™ Guided-SaaS with TSM (Technical Success Manager)
Data Storage Location On-prem Cloud-based (US)
Data Retention Throughput/Disk-dependent 365 days
Investigation/Threat Hunting Outbreak search Guided playbooks and parallel hunting
NetFlow/IPFIX support Yes​ --
High Throughput Malware Scan / NFS Scanning Yes
ANN1 with On-prem learning
Hash lookup
MITRE ATT&CK Framework Mapping Malware mapped to MITRE ATT&CK Framework Detections mapped to MITRE ATT&CK framework
Response Integration Fortinet Security Fabric
Third-party API (Rest)
MetaStream with Signals
Sensors Hardware - FortiNDR-3500F​
VM16 / VM32 (ESXi / KVM)​
AWS / Azure / GCP / Alibaba​
Hardware - FortiNDRCloud-900F (Large sensor)​
Hardware - FortiNDRCloud-500F (Small sensor)​
Virtual sensors (AWS / Azure / ESXi / KVM)​
FortiGuard Labs Threat Research

1. Artificial Neural Networks

FortiNDR represents the future of AI-driven breach protection technology, designed for short-staffed Security Operation Center (SOC) teams to defend against various threats including advanced persistent threats through a trained Virtual Security Analyst™ that helps you identify, classify, and respond to threats including those well camouflaged. FortiNDR employs patent pending* Deep Neural Networks based on Advanced AI and Artificial Neural Network to provide sub-second investigation by harnessing deep learning technologies that assist you in an automated response to remediate different breeds of attacks.

Fortinet Security Fabric: Security Operations

Security Operations

To keep up with the volume, sophistication, and speed of today’s cyber threats, you need AI-driven security operations that can function at machine speed. Fortinet Security Operations enables advanced threat detection, response capabilities, centralized security monitoring, and optimization to easily be added across the entire Fortinet Security Fabric.

Find solution guides, eBooks, data sheets, analyst reports, and more. Go to Resource Center >

Learn more about Fortinet Network Detection and Response Contact Us >