FortiAI-Assist for FortiSOAR
AI-Powered Security Solutions

Overview:

FortiAI-Assist for FortiSOAR

FortiSOAR unburdens security teams overloaded with too many tools to manage, too many alerts to investigate, and too many manual and repetitive processes that slow response. Using FortiSOAR, you can centralize, standardize, and automate IT/OT security operations and any critical enterprise function. With broad integrations, rich use-case functions, hundreds of pre-built workflows, and simple playbook creation, FortiSOAR supports best-in-class procedures tailored to your specific needs.

FortiSOAR enables organizations to centralize, standardize, and automate IT/ OT security operations and critical enterprise functions. With broad integrations, rich use-case functions, hundreds of prebuilt workflows, and simple playbook creation, FortiSOAR supports best-in-class procedures tailored to your specific needs. FortiSOAR is the security operations hub that connects tools and automates processes to help protect your organization from attack.

Executive Summary

Security operations center (SOC) teams everywhere are overloaded with investigating alerts and responding to threats, stitching together data from dozens of tools to investigate and remediate incidents. Most teams struggle to keep pace, slowing their ability to discover serious attacks. Network operations center (NOC) and operational technology (OT) teams face monitoring and maintenance challenges, furthering security risks. Leading organizations and managed security service providers (MSSPs) use FortiSOAR security orchestration, automation, and response to unify and optimize these critical workflows, ensuring better security while driving efficient IT/OT operations.

FortiSOAR enables organizations to centralize, standardize, and automate IT/ OT security operations and critical enterprise functions. With broad integrations, rich use-case functions, hundreds of prebuilt workflows, and simple playbook creation, FortiSOAR supports best-in-class procedures tailored to your specific needs. FortiSOAR is the security operations hub that connects tools and automates processes to help protect your organization from attack.

The Automation Imperative

Security teams are overloaded with too many tools to manage, too many alerts to investigate, and too many manual or repetitive processes—all of which slow down response times. Despite analyst efforts and SOC budget spending, typical incident detection and response performance remains inadequate to protect organizations against today’s attackers.

Features:

Key features and capabilities of FortiSOAR include:

• Security incident response: Centralized and automated alert triage, enrichment, investigation, collaboration, and incident response actions with hundreds of integrations and playbooks to support SOC, NOC, and OT efficiency.
• Case and workforce management: Complete solution for managing and tracking task assignments, work queues, and shift calendaring.
• Asset and vulnerability management: Combines risk-based asset views, vulnerability status, task management, and mitigation playbooks.
• Compliance automation and reporting: Automates tasks, tracking, and reporting for IT/OT compliance management.
• OT security management: Extended integrations and functions meet OT-specific monitoring and playbook automation requirements.
• Generative AI assistance and recommendations: FortiAI and the Recommendation Engine inform and speed analyst investigation, response, and more.
• Built-in threat intelligence: Enriched investigations and threat hunting powered by FortiGuard Labs global intelligence and public sources.
• FortiSOAR Content Hub and Community: Expanding library of connectors, playbooks, solutions, videos, and community contributions.
• No- and low-code playbook creation: Patented visual drag-and-drop design experience with rapid development modes for custom playbooks without coding skills.
• Flexible deployment options: SaaS, on-premises, public cloud hosting, or trusted MSSP partners, all with the same robust functionality.

FortiAI-Assist Use Cases

Automated Alert Triage

Prioritizes notifications based on risk, context, and historical patterns; suppresses duplicate alerts; only flags high-confidence threats.

Adaptive Threat Hunting

Scans logs, network traffic, and user behavior to search for threats without waiting for human input.

Root-Cause Tracing

Identifies an attack's origin, method, and impact using AI-driven reasoning.

Auto Configuration

Generates and corrects CLI and Jinja scripts in seconds with FortiAI Script Assistant, validating existing ones and recommending fixes for optimized operations.

Policy Creation

Allows quick policy change script generation, eliminating repetitive labor and human errors.

LAN/WAN Optimization

Enhances visibility and automation, reducing issue resolution time across LAN and SD-WAN through AI-assisted monitoring and trend analysis.

Documentation:

Download the FortiAI-Assist for FortiSOAR Data Sheet (PDF).

Pricing Notes:

• All Prices are Inclusive of GST
• Hardware plus FortiCare Premium and FortiGuard Enterprise Protection
  Hardware Unit, FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Enterprise Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering, Antispam, Security Rating, Industrial Security and FortiConverter Service) plus term of contract
• Hardware plus FortiCare Premium and FortiGuard SMB Protection
  Hardware Unit, FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, SMB Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering , Antispam and FortiGate Cloud subscription service) plus term of contract
• Hardware plus FortiCare Premium and FortiGuard Unified Threat Protection (UTP)
  Hardware Unit, FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, UTP Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering and Antispam Service) plus term of contract
• Enterprise Protection (IPS, Advanced Malware Protection, Application Control, Web & Video Filtering, Antispam, Security Rating, IoT Detection, Industrial Security, FortiConverter Svc, and FortiCare Premium)
  FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Enterprise Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering, Antispam, Security Rating, Industrial Security and FortiConverter Service)
• SMB Protection (IPS, Advanced Malware Protection, Application Control, Web & Video Filtering, Antispam, plus FortiGate Cloud subscription and FortiCare Premium)
  FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, SMB Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering, Antispam and FortiGate Cloud subscription service)
• Unified Threat Protection (UTP) (IPS, Advanced Malware Protection, Application Control, Web & Video Filtering, Antispam Service, and FortiCare Premium)
  FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, UTP Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering and Antispam Service)
• Advanced Threat Protection (IPS, Advanced Malware Protection Service, Application Control, and FortiCare Premium)
  FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Advanced Threat Protection Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct Service, Application Control)
• FortiCare Essential Support
  FortiCare Essential Ticket Handling, Hardware Replacement, Firmware and General Upgrades, Application Control
• FortiCare Premium Support
  FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Application Control
• FortiCare Elite Support
  FortiCare Premium Support with FortiCare Elite Ticket Handling.
• Prices are for one year of Premium RMA support. Usual discounts can be applied.
• Annual contracts only. No multi-year SKUs are available for these services.
• Contact Fortinet Renewals team for upgrade quotations for existing FortiCare contracts.
• Pricing and product availability subject to change without notice.