Fortinet today expanded the scope of its platform for security operations center ( SOC ) teams by introducing generative artificial intelligence ( GenAI ) capabilities as well as additional integrations with third-party platforms and other Fortinet services.
Fortinet’s senior vice president for products and solutions, , stated that these additions to the FortiAnalyzer platform are a part of an ongoing effort to streamline workflows, such as giving access to , a relational Artificial tool the company recently introduced.
Additionally, FortiAnalyzer makes use of a data lake embedded within the Fortinet Security Fabric to improve threat intelligence by combining integrations with FortiGuard Indicator of Compromise ( IoC ) and Outbreak Detection subscription services.
There is also today local integration with FortiAuthenticator, FortiSandbox, FortiWeb, FortiMail and VirusTotal services and a set of prebuilt automation packages that provide access to the latest event managers, scripts and third-party log syntaxes that have been made available.
Lastly, Fortinet is integrating with third-party software and providers to make it simpler for security experts to gather the data to analyze.
The overall objective is to use AI to quickly identify high-priority alerts, as well as the important function handlers, relationship rules, and reports needed to better implement zero-trust policies in a way that is accessible to a wider range of organizations, Shah said.
The only way to close this gap is to rely more on security operations centers ( SOCs ) to automate a wider range of tasks because of the ongoing shortage of cybersecurity expertise. Prior to this, developing the level of automation required a level of development skills that the majority of cybersecurity teams lacked. However, with the rise of relational AI, it’s becoming apparent that a far wider range of analysis tasks can now be automated. For instance, an AI agent can be trained to describe the degree of severity that might be related to a particular threat.
Although it’s still early days in terms of the use of AI in cybersecurity procedures, it’s clear that much of the manual work that once impregnated cybersecurity groups ‘ ability to effectively respond to threats will be significantly reduced. That’s important because the risks that organizations are now encountering are, thanks in part to the rise of AI, increasing in volume, frequency and intelligence, noted Shah. Companies are basically then locked in an AI arms race with opponents, he added.
At the same time, security teams are coming to the same conclusion after some initial AI suspicion: they would much prefer to have access to AI tools than to remain carrying out their duties without them. In a time when a cyberattack can cause the most damage in a matter of days, the chances of succeeding without AI are just too great.
The problem, of course, is finding the financing needed to gain and build AI tools and platforms. The only thing more costly is a storm of successful attacks that wreck havoc at a level that makes investing in AI seem relatively minor.