Fortinet announces AI-based XDR solution for the complete automation of threat detection, investigation and response. FortiXDR is the only extended detection and response solution that independently manages cyber attacks from identification to resolution.
Fortinet, a global leader in comprehensive, integrated and automated cybersecurity solutions, has released FortiXDR, a new Extended Detection and Response (XDR) solution designed to reduce complexity, accelerate threat detection and respond to coordinate cyber attacks across the company. FortiXDR is the only solution in the industry that uses artificial intelligence (AI) to investigate cyber-attacks - a key advantage in responding to security incidents. The solution is based on the cloud-native FortiEDR endpoint platform and extends both a company's security fabric and protection against threats, which is based on the security services of FortiGuard Labs. This enables FortiXDR to fully automate corporate security processes that would normally have to be carried out by experienced security analysts. In this way, threats can be blocked more quickly across the entire attack surface.
XDR solutions overcome security challenges
The large number of security products that companies typically use leads to an unmanageable amount of security information, which in turn can mask threats. Security teams struggle to identify and respond to cyber attacks. That is why the majority of companies are currently planning to consolidate their security providers or in the next two to three years.
Many companies tend to merge on the basis of an XDR solution. Gartner defines XDR as “a security incident detection and response platform that automatically collects data from multiple security solutions and relates them to each other” .1 XDR is therefore an intelligent and automated method for traditionally isolated solutions in a central system to network.
While XDR solutions alleviate some of the vendor complexity challenges, most of them focus on alert collection across products. This means that they still require considerable manual intervention on the part of the IT managers, who are already overburdened due to the lack of qualified cybersecurity staff. Security teams need an XDR solution that automates the entire process - from the detection to the investigation of special features to the rectification of security incidents.
Fortinet combines XDR with artificial intelligence
In contrast to other solutions, FortiXDR is AI-supported thanks to a patent-pending Dynamic Control Flow Engine and is continuously developed with the expertise of the incident response specialists as well as the threat data and research results of FortiGuard Labs. The solution first processes, organizes and analyzes the various security information exchanged via the Fortinet Security Fabric. The information is then converted into so-called high fidelity security incidents. An AI engine then examines this in exactly the same way as an experienced security analyst does in order to classify the threat and assess its extent. Finally, the best possible reactions can be determined and automatically implemented in order to quickly resolve confirmed security incidents.
The main advantages of FortiXDR include
- The number of alerts is drastically reduced across all products - on average by 77 percent or more.
- Complex tasks that require experts with specialized tools to take 30 minutes or more are completed in seconds. Human errors are eliminated.
- Individual security products are consolidated centrally, which enables an automated and coordinated response to security incidents.
- The intelligent investigation of incidents is completely automated, instead of relying on scarce human resources.
Accelerate detection and response
FortiXDR brings together more telemetry data from the different levels of a company than any other solution. This increases the likelihood of identifying attacks and classifying them correctly. In addition, FortiXDR supports more levels of the cyber kill chain and more responses to effectively mitigate the consequences of an attack than third-party solutions. Companies thereby reduce the average time to detection (mean time to detection) and the average time to response (mean time to response) and at the same time increase security operations efficiency and security status. Finally, with FortiXDR, companies reduce the risk of overlooking a serious cyber attack by ransomware, phishing or other methods and at the same time relieve small security teams.
FortiXDR and the Fortinet Security Fabric
The Fortinet Security Fabric uses the global security services of FortiGuard Labs as a platform approach to intercept as many attacks as possible across the entire digital attack surface. The platform also offers an optimal basis for XDR with a common data structure, end-to-end telemetry, central transparency, native integration and seamless interaction. With FortiXDR, automated analysis, security incident investigations and pre-defined responses can be implemented immediately.
More on this at Fortinet.com
About Fortinet Fortinet (NASDAQ: FTNT) protects the most valuable resources of some of the largest companies, service providers and government agencies worldwide. We offer our customers complete transparency and control over the expanding attack surface as well as the ability to meet ever higher performance requirements now and in the future. Only the Fortinet Security Fabric platform can address the most critical security challenges and protect data across the entire digital infrastructure, whether in network, application, multi-cloud or edge environments. Fortinet is # 1 when it comes to the most commonly shipped security appliances. More than 455.000 customers trust Fortinet to protect their brands. Both a technology company and a training company, the Fortinet Network Security Expert (NSE) Institute has one of the largest and most comprehensive cyber security training programs in the industry. More information on this at www.fortinet.de, in the Fortinet blog or at FortiGuard Labs.