Fortinet Integration: Advanced Monitoring and NDR with Automated Response

October 8, 2020
Sam Martin
Product Marketing Specialist
Fortinet Integration: Advanced Monitoring and NDR with Automated Response

Security teams need accurate and continuous monitoring for threat activity across all environments, but it can be tedious—even impossible—to assess every alert. A modern cybersecurity approach utilizes automated responses to detect and stop attackers before they succeed.

We’re thrilled to announce a partnership with Fortinet to integrate the Cognito Platform and FortiGate next-generation firewalls to detect, respond, and block cyberattacks in cloud, data center, Internet of things (IoT) and enterprise networks.

The Cognito Platform from Vectra sends security insights and context about network detection and response (NDR) to FortiSIEM, which enables security professionals to detect threat behaviors in real-time and proactively hunt down attackers. Using AI-derived machine learning algorithms, the Cognito platform captures, analyzes and stores metadata from relevant logs, cloud events and all network traffic—from cloud/Software-as-a -service (SaaS) and data center workloads to user and IoT devices.

Next, the metadata is enriched with deep security insights and context about every attack and sent to FortiSIEM, enabling security professionals to stop in-progress attacks early, fast and with certainty. The integration of the Cognito Platform with FortiSOAR also provides automated playbooks, incident triaging and real-time threat remediation. This integration strengthens zero-trust network access by monitoring identities and privileged access transactions to detect abuse and account compromise.

By automating manual, low-level security tasks, the Cognito Platform reduces the workload of security professionals and gives them more time to focus on critical requirements like threat hunting and incident investigations.

The Cognito Platform applies AI-derived machine learning algorithms to automatically detect and respond to in-progress cyberattack behaviors in cloud/SaaS, data center, IoT, and enterprise networks. Attack behaviors that pose the greatest risk with the highest degree of certainty are automatically prioritized, enabling security professionals to immediately determine where to start remediation, hunting and investigating.

When an attack behavior is detected, the Cognito Platform automatically notifies FortiGate next-generation firewalls to pinpoint and block the source and destination devices. This stops attacks and enables security analysts to eliminate the threat before data is damaged or stolen.

Together, Vectra and Fortinet deliver greater infrastructure visibility by combining AI-driven NDR—including privilege and identity-aware analytics—with next-generation firewall capabilities and instant remediation.

To learn more, take a look at the solution brief.

FAQs