Skip to content Skip to navigation Skip to footer

Overview

FortiNDR enables full-lifecycle network protection, detection, and response. It leverages AI, ML, behavioral, and human analysis to analyze network traffic so security teams can spot attacker behavior and remediate the threat. FortiNDR provides network-traffic and file-based analysis, root-cause identification, scope of incidents, and the tools to remediate incidents quickly.

Clear Advantage Over Adversaries

To counter the sophistication of today’s cyberthreats and the volume of network activity where attackers can hide, Fortinet leverages artificial intelligence to reduce the time-intensive tasks a SOC analyst needs to perform. A machine learning (ML) model works to understand normal network activity and identifies deviations. It classifies code associated with abnormal traffic and performs an outbreak search to scope potential incidents. When integrated with other tools across the Fortinet Security Fabric, FortiNDR can initiate automatic responses to improve SOC efficiency.

Watch Now
video integrated ai powered ndr

Virtual and Human Security Analysis for Faster Response

FortiNDR offers a Virtual Security Analyst that can identify malicious network activity and files, resulting in real-time identification of advanced threats, including zero-day attacks. FortiNDR Cloud combines ML/AI with human analysis and expertise to improve your security posture and reduce false positives.

Features and Benefits

FASTER INCIDENT DETECTION

ML, deep learning, and other advanced analytics assess the “big data” of network activity

EFFICIENT INVESTIGATIONS

Automated threat hunting, streamlined workflows, playbooks accelerate in-house team triage

ACCELERATED THREAT RESPONSE

Dynamic threat-intelligence sharing enables automated and coordinated action

PROVEN AI

10+ years experience applying AI to threat data yields supervised & unsupervised detection models

HISTORICAL NETWORK VISIBILITY

Up to 365-day retention of enriched network metadata facilitates thorough investigations

OPEN PLATFORM APPROACH

Integration with the Fabric and APIs for third-parties ensure fit within security infrastructure

FortiNDR Use Cases

FortiNDR detects threats that may slip past traditional security solutions by using ML and AI, combined with FortiGuard intelligence, updates, and expertise.

icon ai analytics

NETWORK ANOMALY DETECTION

Monitor and profile traffic using ML models and other analytics from FortiGuard to identify potential intrusions.

icon threat hunting

THREAT HUNTING

Proactively search network metadata for signs and scope of cyber intrusion.

malware

ZERO-DAY MALWARE PROTECTION

Analyze unknown code, inline or out-of-band, to classify against 20+ attack classes using more than 6 billion file attributes.

Features FortiNDR (HW/VM) FortiNDR Cloud
Deployment On-prem SaaS
Security Analyst Virtual Security Analyst™ Guided-SaaS with TSM (Technical Success Manager)
Data Storage Location On-prem Cloud-based (US)
Data Retention Throughput/Disk-dependent 365 days
Investigation/Threat Hunting Outbreak search Guided playbooks and parallel hunting
NetFlow/IPFIX support Yes​ --
High Throughput Malware Scan / NFS Scanning Yes
ANN1 with On-prem learning		 Hash lookup
MITRE ATT&CK Framework Mapping Malware mapped to MITRE ATT&CK Framework Detections mapped to MITRE ATT&CK framework
Response Integration Fortinet Security Fabric
Third-party API (Rest)
MetaStream with Signals
Sensors Hardware - FortiNDR-3500F​
VM16 / VM32 (ESXi / KVM)​
AWS / Azure / GCP / Alibaba​		 Hardware - FortiNDRCloud-900F (Large sensor)​
Hardware - FortiNDRCloud-500F (Small sensor)​
Virtual sensors (AWS / Azure / ESXi / KVM)​
FortiGuard Labs Threat Research

1. Artificial Neural Networks

FortiNDR represents the future of AI-driven breach protection technology, designed for short-staffed Security Operation Center (SOC) teams to defend against various threats including advanced persistent threats through a trained Virtual Security Analyst™ that helps you identify, classify, and respond to threats including those well camouflaged. FortiNDR employs patent pending* Deep Neural Networks based on Advanced AI and Artificial Neural Network to provide sub-second investigation by harnessing deep learning technologies that assist you in an automated response to remediate different breeds of attacks.

Fortinet Security Fabric: Security Operations

Security Operations

To keep up with the volume, sophistication, and speed of today’s cyber threats, you need AI-driven security operations that can function at machine speed. Fortinet Security Operations enables advanced threat detection, response capabilities, centralized security monitoring, and optimization to easily be added across the entire Fortinet Security Fabric.

Find solution guides, eBooks, data sheets, analyst reports, and more. Go to Resource Center >

Learn more about Fortinet Network Detection and Response Contact Us >

Quick Links

links image 1 139x100

Free Product Demo

Explore key features and capabilities, and experience user interfaces.
resource center icon 139X159

Resource Center

Download from a wide range of educational material and documents.
links image 2 139x121

Free Trials

Test our products and solutions.
contact sales icon 139x85

Contact Sales

Have a question? We're here to help.
Also of Interest