FortiGuard AI automates threat intelligence analysis and detection to stay ahead of the rapidly expanding threat landscape
Fortinet (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced at its global partner and user conference, Accelerate 18, the next generation of threat intelligence and detection with the release of FortiGuard AI. FortiGuard AI is built into Fortinet’s threat intelligence services platform and delivers automated threat analysis and detection to ensure customer Security Fabric solutions are continually updated to protect against the latest threats across a rapidly expanding threat landscape.
- FortiGuard AI is a self-evolving threat detection system that uses machine learning and continuous training to autonomously collect, analyze, and classify threats with a high degree of accuracy and at machine speed.
- FortiGuard AI is integrated into Fortinet’s threat intelligence services platform to power all of the advanced threat detection capabilities that FortiGuard services share across the Security Fabric.
- Fortinet also announced new User Entity and Behavioral Analysis (UEBA) capabilities, and the launch of FortiGuard Threat Intelligence Service (TIS) as an enterprise service offering.
Training Machines to Defend Against a New Generation of Automated Cyber Threats
Cybercriminals have been increasingly leveraging automated threats to overwhelm cybersecurity defenses and the trend of adopting artificial intelligence and automation in cyberattacks is expected to increase in 2018 and beyond; creating an arms race for security solutions that can operate at ever-increasing speed and scale.
Fortinet’s FortiGuard Labs consists of 215 expert researchers, analysts, and engineers in 31 countries leveraging cutting-edge technology to analyze threat data from a global network of more than three million security sensors. Predicting the increases in speed and scale needed to defend against automated cyberattacks, FortiGuard engineers started building an automated machine learning system capable of rapidly and accurately processing its massive volume of threat data to identify new threats.
Under constant development and trained using supervised learning techniques for over five years, FortiGuard AI analyzes millions of threat samples per week. The samples are processed by over five billion processing nodes which identify the unique malicious and clean features of each sample. Using advanced algorithms, FortiGuard AI proactively determines if a new sample poses a threat and generates threat intelligence that updates defensive signatures across the entire Fortinet Security Fabric.
Threat Intelligence at Machine Speed and Scale
The speed, scale, and accuracy of FortiGuard AI enhances Fortinet’s leading threat intelligence services that deliver real-time updates and proactive threat protections to the Fortinet Security Fabric.
Along with the release of FortiGuard AI, Fortinet is also announcing updates to the FortiGuard Threat Intelligence Service (TIS) and the addition of new behavior analysis capabilities for FortiSIEM:
- FortiGuard TIS: Launched as a beta in 2017, FortiGuard TIS is now available as an enterprise service that delivers cloud-based threat intelligence metrics and activity trends specific to an organization’s unique threat landscape. FortiGuard TIS enables CISOs to instantly understand what is happening across the global threat landscape to prioritize resources and fine-tune security policies for their infrastructure.
- FortiSIEM User and Entity Behavior Analysis (UEBA): Fortinet is also leveraging machine learning to enhance its advanced detection with new UEBA features in FortiSIEM version 5.0, which learns patterns in typical user behavior like location, time of day, devices used, and specific servers accessed. FortiSIEM can then automatically notify security operations teams when anomalous activity like concurrent logins from separate locations, users accessing corporate data in the middle of the night, and excessive logins to rarely used servers occur.
“Increasingly, cybercriminals and adversarial nations leverage automated and polymorphic techniques to increase the speed and scale of their malicious activity, while evading detection by creating hundreds of zero-day variants and resulting in overwhelmed defenders. Enterprises need a way to address such techniques and increase the attackers’ costs while reducing their own operating expenses. Fortinet Labs’ five-year investment in automated analysis and detection of polymorphic threats has resulted in FortiGuard AI, a giant leap towards achieving that goal. FortiGuard AI analyzes and identifies threats with speed, agility, and accuracy to provide proactive threat detection at machine speed and scale. This frees threat analysts and network operators to focus on critical threat research and higher-order problems, reduces exposure to zero-day attacks, and minimizes the risk to Fortinet customers while increasing the attacker’s costs.” Phil Quade, chief information security officer at Fortinet.
Fortinet Accelerate 18 Global Partner and User Conference
Fortinet has made several significant announcements today at its annual global partner and user conference, Accelerate 18, including the release of its FortiOS 6.0 network security operating system, as well as new technology alliance partners joining its Fabric-Ready Partner program. For more information on news from the event, visit:https://www.fortinet.com/corporate/about-us/newsroom/press-releases.html.
“Helping our mutual channel partners stay one step ahead of the constantly evolving cybersecurity market is a commitment Fortinet and Ingram Micro share. We’ve collaborated closely to deliver advanced security solutions for those partners, pairing offerings such as FortiGuard AI with our expertise throughout the security sales cycle. Our objective is to provide channel partners with the technology, services and support they need to serve as trusted security advisors in today’s increasingly hostile threat landscape.”
– Eric Kohl, vice president, advanced solutions & networking, Ingram Micro
“New zero-day threats like WannaCry have resulted in rapidly spreading outbreaks that give little time for organizations to react and today’s threat landscape is evolving faster than many organizations can keep up with. The security of our patients’ data is paramount and the new release of FortiGuard’s threat intelligence services will ensure that our security solutions are automatically updated to defend against the latest breaking threats. We are looking forward to utilizing FortiGuard AI to increases our confidence in being able to detect and secure our data against a dynamic threat landscape at increasing speed and scale.”
– Tom Stafford, Chief Information Officer, Halifax Health
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network – today and into the future. Only the Fortinet Security Fabric architecture can deliver security features without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 330,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.