Sertalink

/sales@sertalink.com  BE: +32(0)3/337.17.01.    LUX: +352(0)27/94.06.59.

Sertalink

Virtual Security Analyst

Homepage/ IT Security Audit & Advisory / MDR For Microsoft

AI Powered Cybersecurity FortiAI: Virtual Security Analyst

Sub-second Threat Investigation and Response

What is AI-Powered Cybersecurity?

Among its many benefits to cybersecurity, Artificial Intelligence (AI) can identify patterns in massive amounts of data, enabling it to detect trends in malware features and make threat classifications much more rapidly than humans can. An AI-based virtual security operations (SecOps) analyst can rapidly detect and respond to security incidents, assisting human analysts and enabling them to operate at a higher level. AI-powered cybersecurity technologies such as this can be a boon to short-staffed security teams affected by the global cybersecurity skills gap.

While Machine Learning (ML) is the most common type of AI used in cybersecurity designed to solve linear problems e.g. perform a task more efficiently and effectively for a specific situation, Deep Learning (DL) is designed to solve larger complex, non-linear problems by modelling the operation of neurons in the human brain.

AI-based learning algorithms fall into three categories: supervised, reinforced and unsupervised. A supervised ML algorithm must be trained on a large dataset of samples labeled as either benign or malicious. In contrast, Deep Neural Networks (DNN), a Deep Learning model uses reinforced learning i.e. an award-based system of learning, during its pre-training and later transitions to unsupervised learning i.e. self-learning, that does not require a labeled dataset for training and maturity. More importantly, lies in its ability to correlate various category of datasets to make decisions.

Un Virtual Security Analyst that can operate in unsupervised mode is a boon to lean SecOps teams that lack the experienced resources to analyze and investigate new threats fully within the shortest period of time. Because of DNN’s innate ability to self-learn, it continuously adapts to the evolving cyber threat landscape including AI-powered cyber attacks (see diagram below).

A virtual security analyst must have certain characteristics:

    1. Ability to self-learn i.e. does not rely solely on cloud-based updates for AI maturity
    2. Extremely high detection rate of 99% and above
    3. Performs at scale with machine speeds
    4. Automates detection-investigation-response threat lifecycle
    5. Pre-trained AI ready for deployment on day-1

FortiAI: Virtual Security Analyst Overview

There is no question that cyberattacks and threats—ransomware, trojans, cryptomining, worms, etc.—are here to stay, but they are also becoming increasingly sophisticated and dangerous. Cybercriminals are eagerly adopting new innovations such as artificial intelligence (AI) and automation via AI fuzzing, self-learning swarm-based attacks, and expanded Malware-as-a-Service capabilities. Meanwhile, overburdened security operations teams are stuck with traditional security resources and investigation procedures to combat the increasing volume of advanced polymorphic, known, and unknown threats.

AI is paving the way for cybersecurity solutions to stay ahead of evolving threats. Fortinet FortiAI, powered by Deep Neural Networks (DNN), is the industry’s most sophisticated AI security solution. FortiAI is specifically designed to alleviate the tedious manual threat investigation of security alerts and threat response by identifying and classifying threats and malware outbreaks in sub-seconds and blocking them in the network.

FortiAI: Virtual Security Analyst Product Details

FortiGuard Labs, Fortinet’s leading threat intelligence and research team, consists of threat researchers, analysts, and engineers are in the forefront of exposing new threats. This team shares their latest threat intelligence via community blogs, threat playbooks for organizations, as threat protection via intelligence services, and by developing new threat-based technologies. One of the most significant technologies built by FortiGuard Labs in 2012—an AI system to detect and update protection against millions of malware samples seen each day.

FortiAI is the cumulative effort of the AI developed by FortiGuard Labs, and the first solution of its kind that embeds a sophisticated and mature deep learning model via DNN. FortiAI’s patent-pending DNN approach learns about new threats on its own and helps organizations to adapt threat protection to new attacks instantaneously. In addition, FortiAI comes pre-trained with more than 6+ million malware features that can identify IT- and OT-based threats and classify them into malware categories. These features can also accurately pinpoint patient zero and lateral spread of a malware and its variants by analyzing the entire threat movement. FortiAI integrates with FortiGate, FortiWeb, FortiSOAR and 3rd party security solutions to automatically block these threats. Deploying FortiAI on-premises can help security operations teams solve the security resource crisis and rapidly accelerate the response to evolving threats.

Features  & Benefits

Do More with Less

Offloads a security analyst’s threat investigation and response duties

Accelerate Threat Response

Accurate threat detection and MITRE ATT&CK investigation results delivered in a second

Improved Security Posture

Adapt to new attacks and disrupts malware outbreaks

Proven AI

Mature deep learning model leveraged since 2012 comes pre-trained with 6+ million malware features

Open Platform Approach

Security Fabric integration with FortiGate, FortiWeb, FortiSOAR to block threats and is API-ready

Unified IT-OT Zero-day Threat Protection

Protects both IT and OT environments from threats

X