Fortinet launches autonomous XDR solution based on artificial intelligence

It is an extended detection and response solution that can autonomously manage cyber incidents, from identification to resolution.

Fortinet has announced the new Extended Detection and Response (XDR) solution, FortiXDR, designed to reduce complexity, accelerate detection, and coordinate response to cyber-attacks across the organization. ForiXDR claims to be the only solution of its kind that leverages artificial intelligence (AI) for investigative efforts critical to incident response.

By extending FortiEDR's cloud-native endpoint platform, the organization's security architecture and its threat protection powered by FortiGuard Labs security services are enhanced. Specifically, FortiXDR can fully automate security operations processes, typically managed by highly experienced security analysts to mitigate threats very quickly across the entire attack surface.

In relation to this launch, John Maddison, Product EVP, and CMO at Fortinet, pointed out that “cybercriminals are using sophisticated and increasingly intelligent tools to attack the vulnerable perimeters of the network, which are created as a consequence of the digitization. That's why organizations need to execute smarter and faster security operations to combat sophisticated and organized cybercrime.FortiXDR is the only XDR solution that leverages artificial intelligence to emulate manual research so organizations can stay current. Applied across the entire Security Fabric platform, it helps companies keep up with today's changing threat landscape, even for organizations limited by human or material resources. "

XDR solutions solve critical security challenges

The large number of security solutions that companies often deploy has resulted in an unmanageable volume of information that can actually serve to mask threats, making it difficult for security teams to detect and respond to cyberattacks. As a result, most organizations are currently or planning in the next two to three years to consolidate security vendors.

Many organizations are leaning towards consolidation based on an XDR solution. Gartner defines XDR as "a security incident detection and response platform that automatically collects and correlates data from multiple security products." XDR provides an intelligent and automated way to join traditionally isolated solutions into a single system.

However, while XDR solutions can help overcome some of the challenges related to vendor complexity, most focus on the correlation of alerts between products and still require significant manual intervention from teams, which are already on edge. your chances due to the cybersecurity skills gap. Security teams need an XDR solution that can automate the entire process, from detection to event investigation to security incident remediation.

Fortinet brings Artificial Intelligence to XDR

Unlike other solutions, FortiXDR is powered by AI using a dynamic flow control engine - patent-pending - and continuously trained by FortiGuard Labs threat data and research, as well as the expertise of its incident response services. . The solution begins by leveraging the diverse security information shared through the Fortinet Security Fabric architecture for correlation and analysis, turning it into high fidelity security incidents. They are then investigated by the AI ​​engine, as an experienced security analyst would, to arrive at a final classification of the threat and its scope. Finally, the best possible contextual responses are defined that can be automatically implemented to quickly remediate confirmed incidents.

Among the main benefits of FortiXDR are:

• Drastically reduces the number of alerts on all products: 77% or more on average.
• Manage complex tasks in seconds that would take experts with specialized tools 30 minutes or more. And without human error.
• Allows the consolidation of independent security products and automated and coordinated response.
• Automate intelligent incident investigation so you don't have to rely on scarce human resources

Reduce detection and response time

FortiXDR can assimilate telemetry from more aspects of the organization than any other solution, increasing the ability to properly detect and classify attacks. It also covers more stages in the cyber attack chain and supports more response points to mitigate the impact of an attack more effectively than competitive solutions. All of this enables organizations to reduce mean time to detection (MTTD) and mean time to response (MTTR) while improving the efficiency of security operations and security posture.

As a result, FortiXDR enables organizations to reduce the risk of overlooking potentially harmful cyberattacks such as ransomware, phishing, and more while easing the workload on the most limited security teams.