Bangalore: FortiXDR — Fortinet’s newly unveiled AI-backed new security solution that can autonomously manage cyber incidents from identification to remediation.
According to Fortinet, the new AI-backed FortiXDR is designed to reduce complexity, speed detection, and coordinate response to cyberattacks across the organisation. The solution of its kind to leverage artificial intelligence (AI) for the investigation effort critical to incident response.
FortiXDR can fully automate security operations processes typically, which experienced security analysts handle to mitigate threats.
On the XDR front, Fortinet is the latest security vendor to launch AI-backed XDR solution. However, other security vendors like Palo Alto and Trend Micro also have already launched their XDR solutions last year.
They too leverage artificial intelligence, behaviour analytics, end-user profiling, machine learning, cloud data lake and other data-driven cognitive technologies.
A patent-pending AI-backed Dynamic Control Flow Engine is at the core of this solution. FortiXDR continually gets trained using FortiGuard Labs’ threat data and research along with the frontline incident responders’ expertise.
The solution starts by leveraging the diverse security information shared across the Fortinet Security Fabric for correlation and analysis, converting them into high fidelity security incidents.
Then the AI engine investigates to come to a final threat classification and scope. Finally, the best possible contextual responses are defined and can be automatically implemented to quickly remediate confirmed incidents.
FortiXDR can ingest telemetry from more aspects of an organisation than any other solution. This increases the chance of detecting and properly classifying attacks. It covers the cyber kill chain stages with a wider response to mitigate the attack impact effectively than other solutions.
This all enables organisations to reduce mean time to detection (MTTD) and mean time to response (MTTR). And improve security operations efficiency and security posture.
For organisations with more staff, solutions and systemic process, FortiSIEM adds multi-vendor visibility while FortiSOAR orchestrates response. This family of products deliver the right-fit solution to organisations of any size. And help teams reduce the risk potential of security incidents by blocking more, detecting sooner, and responding faster.
Key benefits of FortiXDR include:
• Dramatically reduces the number of alerts across products—by 77% or more on average.
• Handles complex tasks in seconds that would take experts with specialized tools 30 minutes or more to accomplish. And without human error.
• Enables the consolidation of independent security products and an automatic, coordinated response.
• Fully automates intelligent incident investigation rather than relying on scarce human resources.
Organisations need smarter, faster security operations to combat sophisticated, organised cybercrime, according to Rajesh Maurya, Regional VP India & SAARC – Fortinet.
“FortiXDR is the only XDR solution that leverages artificial intelligence to replicate the hands-on investigation that otherwise leaves organisations playing catch up,” said Maurya.
“Applied across the Security Fabric platform, it helps enterprises keep pace with today’s accelerating threat landscape, even for organisations limited by small teams and few tools,” he added.
Enterprises typically deploy a large number of security products which result in an unmanageable volume of security information. That can actually mask threats, leaving security teams struggling to detect and respond to cyberattacks. A majority of organisations are either currently or planning in the next two to three years to consolidate security vendors.
While XDR solutions can ease some of the challenges related to vendor complexity, most focus on cross-product alert correlation. And still, require the significant manual intervention of teams already stretched thin due to the cyber skills gap.
“We know that even experienced security professionals struggle with a range of threat detection and response challenges. As per the research, two thirds (67%) of organisations manage threat detection and response using an assortment of point tools,” said Jon Oltsik, Senior Principal Analyst – ESG Research.
“Nearly half report they rely on manual processes for threat detection and response and struggle with the daily volume of security alerts, so it’s not surprising that 23% are already working on an XDR project and a further 70% expect to have the budget to invest in XDR over the next 12 months,” added Oltsik.
(Image source – Fortinet)