Fortinet Integration: Advanced Monitoring and NDR with Automated Response

Fortinet Integration: Advanced Monitoring and NDR with Automated Response

Fortinet Integration: Advanced Monitoring and NDR with Automated Response

Sam Martin
October 8, 2020

Security teams need accurate and continuous monitoring for threat activity across all environments, but it can be tedious – even impossible – to assess every alert. A modern cybersecurity approach utilizes automated responses to detect and stop attackers before they succeed.

We’re thrilled to announce a partnership with Fortinet to integrate the Cognito platform and FortiGate next-generation firewalls to detect, respond, and block cyberattacks in cloud, data center, Internet of things (IoT) and enterprise networks.

The Cognito platform from Vectra sends security insights and context about network detection and response (NDR) to FortiSIEM, which enables security professionals to detect threat behaviors in real-time and proactively hunt down attackers. Using AI-derived machine learning algorithms, the Cognito platform captures, analyzes and stores metadata from relevant logs, cloud events and all network traffic – from cloud/Software-as-a -ervice (SaaS) and data center workloads to user and IoT devices.

Next, the metadata is enriched with deep security insights and context about every attack and sent to FortiSIEM, enabling security professionals to stop in-progress attacks early, fast and with certainty. The integration of the Cognito platform with FortiSOAR also provides automated playbooks, incident triaging and real-time threat remediation. This integration strengthens zero-trust network access by monitoring identities and privileged access transactions to detect abuse and account compromise.

By automating manual, low-level security tasks, the Cognito platform reduces the workload of security professionals and gives them more time to focus on critical requirements like threat hunting and incident investigations.

The Cognito platform applies AI-derived machine learning algorithms to automatically detect and respond to in-progress cyberattack behaviors in cloud/SaaS, data center, IoT, and enterprise networks. Attack behaviors that pose the greatest risk with the highest degree of certainty are automatically prioritized, enabling security professionals to immediately determine where to start remediation, hunting and investigating.

When an attack behavior is detected, the Cognito platform automatically notifies FortiGate next-generation firewalls to pinpoint and block the source and destination devices. This stops attacks and enables security analysts to eliminate the threat before data is damaged or stolen.

Together, Vectra and Fortinet deliver greater infrastructure visibility by combining AI-driven NDR – including privilege and identity-aware analytics – with next-generation firewall capabilities and instant remediation.

To learn more, take a look at the solution brief.

About the author

Sam Martin

Sam Martin is a product marketing specialist at Vectra. She's worked in high tech in a variety of areas, including sales enablement, analyst relations, and partner marketing. Her love of language and communication informs how she creates content for sales, marketing, and social media, allowing her to leverage both visual and written mediums to craft accessible messaging and compelling stories.

Author profile and blog posts

Most recent blog posts from the same author


Vectra SOC 2 Type 2 Compliance Reinforces Commitment to Data Privacy and Protection

March 11, 2021
Read blog post

cPacket Networks Integration: Deliver NDR with Fast Forensics

September 24, 2020
Read blog post
Threat detection

Cloud Identity Detections with Azure AD

February 11, 2021
Read blog post