Fortinet speeds threat detection with improved FortiAnalyzer

The package also now integrates with FortiAI, the vendor’s genAI assistant, to better support analytics and telemetry to help security teams speed threat investigation and response, the vendor stated.

“FortiAI identifies the threats that need analysis from the data collected by FortiAnalyzer, primarily collected from FortiGates. By automating the collection, analysis, and response processes, FortiAI helps organizations detect threats faster, minimizing alert fatigue and reducing response times,” wrote Kimberly Becan, senior director of security operations solutions at Fortinet, in a blog about the AI capabilities of FortiAI and ForitAnalyzer.

“The impact is significant: Instead of spending hours filtering through alerts, security analysts can ask AI-driven queries like ‘What are the most critical threats from the past 24 hours?’ or ‘Which malware bypassed security controls today?’ and receive instant, prioritized insights,” Becan wrote.

With an intuitive, AI-powered conversational interface, FortiAI embedded within FortiAnalyzer enables security professionals to surface relevant threats and assess their context quickly. By streamlining alert triage, organizations improve efficiency, optimize IT resources, and minimize security gaps, Becan wrote.

Other new features include prebuilt SOC automation content packs to bring security teams the latest event handlers, playbooks, and third-party log parsers, such as Armis Platform and Microsoft Office 365. The idea is to let security teams contain and remediate threats with minimal manual intervention, Shah stated.

Current FortiAnalyzer customers with FortiGuard subscription services have access to the new features and capabilities now. Content packs are updated regularly so that organizations keep pace with emerging threats and can expand SOC coverage as needs evolve, Fortinet stated.