Vectra and Fortinet: Advanced monitoring and NDR with automated response


Learn all about our partnership.

Download Integration Brief

Advanced threats, security teams need accurate and continuous monitoring for threat activity across all environments, and automated response that quickly stops attackers before they succeed.

With the adoption of zero trust and a security perimeter that has dissipated in cloud services, a modern cybersecurity approach is required for immediate detection and response to threats in cloud, data center, IoT, and enterprise infrastructures.

Vectra and Fortinet enable security teams to quickly expose hidden threat behaviors, pinpoint the specific hosts and accounts at the center of a cyberattack, and block the threat before data is damaged or stolen.

Why integrate Fortinet with Vectra AI?

FortiGate NGFWs from Fortinet enable security-driven networking and consolidate industry-leading security capabilities such as intrusion prevention system (IPS), web filtering, secure sockets layer (SSL) inspection, and automated threat protection.

Powered by AI-driven FortiGuard Labs, FortiGate NGFWs deliver proactive threat protection with high-performance inspection of both clear-text and encrypted traffic to stay ahead of the rapidly expanding threat landscape. Unified data and analytics are collected from diverse sources, including logs, performance metrics, security alerts, and configuration changes.

The unique architecture of the Fortinet Security Fabric unifies these security technologies across the digital network, including multicloud, endpoints, email and web applications, and network access points, into a single security system integrated through a combination of open standards and a common operating system.

These Fortinet security technologies are then enhanced through the integration of advanced NDR technologies – such as the Vectra platform– and a unified correlation, management, orchestration, and analysis system.

Key benefits include:

  • Automatically detect and respond to hidden attacks in cloud, data center, IoT and enterprise networks using behavior-based machine learning detection algorithms.
  • Increase efficiency by feeding triaged Cognito platform detections with security-enriched insights to FortiSIEM for faster, more conclusive investigations and threat hunting.
  • Strengthen zero-trust network access by monitoring identity and privileged access transactions to detect privilege abuse and account compromise.
  • Leverage the award-winning Cognito NDR platform and FortiGate NGFWs to detect, respond and block cyberattacks in cloud, data center, IoT, and enterprise networks.
  • Increase SOC team productivity via FortiSOAR security orchestration, automated playbooks and incident triaging.

To accelerate response time, the Cognito NDR platform integrates and shares the same context and insights with third-party security solutions – including FortiSIEM, FortiSOAR, and FortiGate next-generation firewalls (NGFWs) – for end-to-end threat management. FortiSIEM allows analysts to hunt for signs of an attack, using security insights and context from the Cognito NDR platform. And FortiSOAR integrates with the Cognito to provide automated playbooks, incident triaging and real-time threat remediation.

When Vectra detects attacker behaviors, it automatically notifies Fortinet FortiGate next-generation firewall to block the sourceand destination devices. This stops attacks and enables security analysts to conduct faster investigations.
Vectra AI threat detections seen through the FortiSIEM dashboard.
Vectra's threat detections seen through the FortiSIEM dashboard.