ChannelLife Australia logo
Industry insider news for Australia's technology resellers
Story image

Fortinet introduces self-learning AI capabilities

By Shannon Williams
Wed 8 Jun 2022

Fortinet has announced FortiNDR, a new network detection and response offering that leverages powerful artificial intelligence and pragmatic analytics to enable faster incident detection and an accelerated threat response.

"With the introduction of FortiNDR, we're adding robust network detection and response to the Fortinet Security Fabric," says John Maddison, EVP of products and CMO at Fortinet. 

"Powered by purpose-built machine learning, deep learning, pragmatic analytics, and advanced AI capabilities, FortiNDR automatically detects and responds to abnormal network activity to thwart security incidents. Fortinet's full suite of detection and response offerings feature native integration for a coordinated response to empower security teams to move from a reactive to a proactive security posture," he says.

SecOps Teams Must Leverage AI to Stay Ahead of Threats

According to Fortinet, security operations teams are faced with advanced, persistent cybercrime that is more destructive and less predictable than ever before, an attack surface that continues to expand with hybrid IT architectures, and ongoing staff shortages due to the cybersecurity skills gap. 

Those using legacy security solutions are also challenged with overwhelming and tedious manual alert triage that pulls important resources away from high-priority tasks such as mitigating threats. As cybercriminals become more sophisticated, so too must an organisation's security tools.

FortiNDR Accelerates Threat Detection with Artificial Intelligence

With the introduction of FortiNDR, Fortinet is delivering full-lifecycle network protection, detection, and response powered by AI to:

Detect signs of sophisticated cyberattacks
With self-learning AI capabilities, machine learning, and advanced analytics, FortiNDR establishes sophisticated baselines of normal network activity for an organisation and identifies deviations that may indicate cyber campaigns in progress. Profiling can be based on IP/Port, Protocol/Behavior, Destination, Packet Size, Geography, Device Type and more. Taken together, this means earlier detection as organisations no longer need to rely on generic threat feeds, which depend on threats or components to become globally known in order to identify indications of compromise. 

Offload intensive human analyst functions with a Virtual Security Analyst
FortiNDR includes a Virtual Security Analyst (VSATM), which employs Deep Neural Networks the next-generation of AI, and is designed to offload human security analysts by analysing code generated by malicious traffic and determine its spread. VSATM comes pre-trained with more than 6 million malicious and safe features that can identify IT- and OT-based malware and classify it into threat categories. These features can accurately pinpoint patient zero and the lateral spread of multi-variant malware by analysing the entire malware movement. VSATM is also capable of identifying encrypted attacks, malicious web campaigns, weak cipher/protocols and classifying malware. 

Identify compromised users and agentless devices
Not all devices in an organisation (for example, personal, third party, IoT, or OT devices) can have an endpoint detection and response agent installed to detect a compromise. FortiNDR addresses this by deploying a dedicated network sensor to analyse traffic originating from all devices.

Coordinated Response with Security Fabric Integration

FortiNDR also features native integrations with the Fortinet Security Fabric as well as API integrations with third-party solutions for a coordinated response to discovered threats to minimise their impact. Common automations to speed response include quarantining devices generating anomalous traffic, enforcement with third party devices via an API framework, triggering an orchestrated process guided by SOAR, and more.

As the industry's highest performing cybersecurity mesh platform powered by FortiOS everywhere and a common management framework, the Fortinet Security Fabric enables broad visibility, seamless integration and interoperability between critical security elements, and granular control and automation.

Fortinet's Robust Portfolio of Detection and Response Solutions

FortiNDR rounds out Fortinet's existing portfolio of detection and response solutions, including managed detection and response (MDR), endpoint detection and response (EDR), and extended detection and response (XDR) solutions.

Organisations looking to add detection and response capabilities to their traditional prevention-oriented security controls can choose from:

FortiGuard MDR Service
For smaller organisations with a single IT/Security team (or larger organisations looking to offload first line alert monitoring and triage), managed detection and response (MDR) is a good option to add security monitoring capabilities without needing the specialised expertise to run it effectively. 

FortiEDR
For mid-size to mainstream organisations with dedicated (but small) security teams, endpoint detection and response (EDR) is a good option to add deep, host-level analysis that is necessary to identify the signs of ransomware activity on the endpoint. 

FortiNDR
For larger organisations or robust security teams who have already implemented EDR, network detection and response adds broader analytics and anomaly detection across network segments or even the entire organisation, insight into activity from devices without agents (whether IoT or unmanaged devices), and faster deployment with zero impact to production systems. 

FortiXDR
For organisations with multiple Fortinet security controls, extended detection and response adds curated detection analytics, AI-powered alert investigation and automatable incident response.

Related stories
Top stories
Story image
Tech job moves
Tech job moves - Bitdefender, Cohesity, Fortinet & MODIFI
We round up all job appointments from June 27-30, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
SOTI
Australian consumers loyal to retailers who deliver speed and visibility
SOTI finds extensive order visibility and speed are the most important factors for turning one-off customers into loyal, long-term buyers.
Story image
Online shopping
Consumers want speed, visibility in return for brand loyalty
72% of Australian shoppers want complete online order visibility and 63% are loyal to retailers who deliver goods the fastest.
Story image
Robotics
Evonik relies on Getac F110 tablet to control autonomous robot
The aim of the project is to evaluate the practicality of an automated robotic maintenance and inspection solution in the chemical industry.
Story image
Hybrid Cloud
HPE GreenLake advances hybrid cloud experience with new services
"The innovations unveiled today further build on our vision to provide the market with an unmatched platform to spur innovation and drive transformation.”
Story image
Internet of Things
ManageEngine wins big in IDC MarketScape assessment
ManageEngine's Endpoint Central service has been recognised as a leader by IDC MarketScape in several categories including Internet of Things device deployments and UEM software for SMEs.
Story image
Dicker Data
EXCLUSIVE: Why women in IT makes good business sense - Dicker Data
The Federal government wants to bolster female participation in the tech industry to at least 40% by 2030. Here's how one homegrown Australian company has already reached that goal.
Story image
BitTitan
How to achieve your monthly recurring revenue goals
Monthly recurring revenue (MRR) is the ultimate goal, the most important issue on which anyone in the IT channel should focus.
Story image
Civil Defence
OutSystems platform chosen as part of ADF contract
"To be included in this project is a reflection of our ability to deliver secure, modern digital outcomes for defence at an incredible pace."
Story image
Data
MYOB improves data visibility and user access with Snowflake
"Solutions such as Snowflake allow us to better understand our customers and make evidence-based decisions on what features work best for them."
Story image
MSP
Video: 10 Minute IT Jams - An update from CyberArk
Olly Stimpson joins us today to discuss the importance of MSP programmes and how MSP partners are experiencing success with CyberArk.
Supply chain
Discover the 4 critical priorities for wholesale distribution businesses in FY23. Are you worried about how supply chain issues may affect your business in 2023?
Link image
Story image
Sustainability
Honeywell launches new carbon energy management software for buildings
The new Carbon & Energy Management service allows building owners to track and optimise energy performance against carbon reduction goals, down to a device or asset level.
Story image
WatchGuard Technologies
Ransomware volume doubled 2021 total by end of Q1 2022
Ransomware detections in the first quarter of this year doubled the total volume reported for 2021, according to a new report. 
Story image
Cybersecurity
Zero trust security adoption rises 27% in just two years
A survey of WAN managers has revealed that multi-factor authentication and single sign-on are the top zero trust features implemented.
Story image
Oracle Cloud
Commvault, Oracle to deliver Metallic Data Management as a Service
"We are excited to partner with Commvault and enable our customers to restore and recover their most mission-critical cloud data."
Story image
Design
Hands-on review: Phillips Hue starter kit
The set-up was one of the simplest I have ever had to do. It is also where the products shine. I was able to connect the bridge, the three lightbulbs and the strip within 10 min.
Story image
Public Cloud
Public cloud services revenues top $400 billion in 2021
"For the next several years, leading cloud providers will play a critical role in helping enterprises navigate the current storms of disruption."
Story image
Data Protection
Five signs your business is ready to move to the cloud
Many organisations are thinking about moving to the cloud. But what are the signs you are ready, and what are the reasons to move?
Story image
Ransomware
Secureworks reveals new information on BRONZE STARLIGHT threat group
New research from Secureworks has uncovered new information on the Chinese threat group BRONZE STARLIGHT and how they are using targeted ransomware to initiate complicated attacks.
Story image
Macquarie Data Centres
Macquarie deal to pioneer CO2-cutting data centre tech in Australia
Macquarie Data Centres has signed a multi-year deal with ResetData, an Australian first provider using Submer data centre technology. 
Story image
Awards
Microsoft names A/NZ Partner of the Year award winners
The awards recognise partners across the globe for their innovative use of Microsoft technologies to help customers succeed.
Story image
Identity and Access Management
Ping Identity named a Leader in Access Management
Ping Identity has been named a leader in the 2022 KuppingerCole Leadership Compass report for Access Management. 
Productivity
Discover the 5 ways your ERP may be letting you down. Is your current system outdated, difficult to manage, and costing you a fortune?
Link image
Story image
Hybrid workforce
Why hybrid working is here to stay and how to ace it
Citrix's new report reveals hybrid workers are more productive and engaged at work than their office and completely remote counterparts.
Story image
Manufacturing
Sutton Tools deploys Infor M3 CloudSuite for manufacturing
Sutton Tools has also implemented the Infor OS cloud operating platform, including Infor Intelligent Open Network and Mongoose.
Story image
Cloudian
Cloudian, Vertica to deliver on-premise data warehouse platform
"We’re enabling our customers to capitalise on a leading object storage platform and maximise the value of their digital assets.”
Story image
Payroll
How New South Wales state departments achieved cloud migration success
State departments in New South Wales are heading to the cloud to achieve better workflow solutions, and one company is paving the way for their success.
Story image
Cybersecurity
Zscaler launches co-located data centres in Canberra and Auckland
The investment will offer public and private sector enterprises greater resilience in support of their zero trust cybersecurity posture.
Story image
Microsoft
ASI Solutions named finalist of Microsoft Surface Partner of the Year
"ASI Solutions has a strong Microsoft focus, building value by helping customers maximise investment in modern workplace solutions."
Story image
Cybersecurity
Vulnerable APIs costing businesses billions every year
Large companies are particularly vulnerable to the security risks associated with exposed or unprotected APIs as they accelerate digital transformation.  
Story image
Enterprise Resource Planning / ERP
Five ways your ERP is letting you down and why its time for a change
Wiise explains while moving to a new system may seem daunting, the truth is that legacy systems could be holding your business back.
Story image
Accounting
Four factors to consider when choosing the right job accounting solution
Progressive job-based businesses can achieve success by strengthening their ability to quantify every cost attributable to the delivery of an outcome for a customer.
Story image
Microsoft
TO THE NEW unveils A/NZ Managed Services for Microsoft Azure
TO THE NEW has released Managed Services for Microsoft Azure to meet the growing demand in the A/NZ market and globally.
Digital Transformation
Discover the 5 signs your business is ready for a cloud-based ERP. Is your business being left behind as more of your competitors switch to the cloud?
Link image
Story image
Cybersecurity
FIDO Alliance releases guidelines for optimising UX with FIDO Security Keys
The new guidelines aim to accelerate multi-factor authentication deployment and adoption with FIDO security keys.
Story image
Microsoft
SAS wins Microsoft ISV 2022 Partner of the Year award
"We formed the SAS and Microsoft strategic partnership with a shared goal of making it easier for customers to drive better decisions in the cloud."
Story image
Hybrid Cloud
Advent One acquires Layer 8 Networks, complements hybrid cloud offering
The acquisition comes at a time of surging demand in hybrid cloud, network virtualisation and network security.
Story image
Citrix
The best ways to attract young talent during labour shortages
New research from Citrix reveals hybrid working and ventures into the metaverse are top of mind for Gen Z workers.
Story image
Wiise
Four things wholesale distributors need to consider for FY2023
In a post-pandemic world, there are many things for a distribution business to juggle. ERP solutions company Wiise narrows down what companies should focus on.
Story image
Infrastructure
Oracle Cloud Infrastructure expands distributed cloud services
“Distributed cloud is the next evolution of cloud computing, and provides customers with more flexibility and control in how they deploy cloud resources."
Story image
Salesforce
Data crucial to capture shoppers' wallets post-COVID
First-party data strategies key to driving personalisation, customer satisfaction, and long-lasting relationships according to a new report.
Story image
Samsung
Monitors are an excellent incentive for getting employees back
The pandemic has taught us that hybrid working is a lot easier than we would’ve thought, so how can the office be made to feel as comfortable as home? The answer could be staring you in the face right now.
Project management
Discover the 4 crucial factors for choosing the right job-costing solution. Is your team struggling to cost jobs and keep projects running on budget?
Link image