跳到内容 跳过导航 跳转到页脚

人工智能的网络安全
FortiAI:虚拟安全分析师TM

亚秒威胁调查和应对

发现FortiAI, SecOps的自学AI
人工智能的网络安全<br />
FortiAI:虚拟安全分析师<sup>TM</sup> 横幅背景 旗帜点

概述

There is no question that cyberattacks and threats—ransomware, trojans, cryptomining, worms, etc.但它们也变得越来越复杂和危险. Cybercriminals are eagerly adopting new innovations such as artificial intelligence (AI) and automation via AI fuzzing, 自主学习 群的攻击,扩大 Malware-as-a-Service功能. 与此同时, overburdened security operations teams are stuck with traditional security resources and investigation procedures to combat the increasing volume of advanced polymorphic, 已知的, 和未知的威胁.

人工智能正在为网络安全解决方案铺平道路,以领先于不断变化的威胁. Fortinet FortiAI, 深度神经网络(DNN), 是业界最先进的人工智能安全解决方案吗. FortiAI is specifically designed to alleviate the tedious manual threat investigation of security alerts and threat response by identifying and classifying threats and malware outbreaks in sub-seconds and blocking them in the network.

FortiAI is offered as an on-premises hardware appliance designed for deployment at data centers and campuses.

视图:

形成的因素
2 RU
性能
每小时十万份文件,一秒内做出裁决
港口
2 × 10GE (RJ45)、1 × ge (RJ45)

FortiAI的虚拟设备可以部署在VMware和KVM平台上.

FortiAI-VM16
个vCPU
16芯
性能
14000个文件/人力资源
内存(最小/建议)
128 gb / 256 gb
FortiAI-VM32
个vCPU
32核
性能
22000个文件/人力资源
内存(最小/建议)
128 gb / 256 gb

As overburdened security operations teams struggle with increasingly volume and sophistication of threats, AI is key to reducing the workload of threat investigation and ultimately accelerating threat mitigation. 这个功能齐全的FortiAI:虚拟安全分析师TM 演示为用户提供了体验DNN的能力的机会,一个复杂的AI. The demo will explore how FortiAI self-learns and applies its intelligence to identify and classify threats in attack scenarios, as well as investigate threat campaigns and their lateral spread in a timeline with built-in context that is all delivered instantaneously. 

什么是人工智能网络安全?

它对网络安全有很多好处, 人工智能(AI)可以识别大量数据中的模式, enabling it to detect trends in malware features and make threat classifications much more rapidly than humans can. An AI-based virtual security operations (SecOps) analyst can rapidly detect and respond to security incidents, 协助人类分析师,使他们能够在更高的水平上操作. AI-powered cybersecurity technologies such as this can be a boon to short-staffed security teams affected by the global cybersecurity skills gap.

While Machine Learning (ML) is the most common type of AI used in cybersecurity designed to solve linear problems e.g. 针对特定的情况,更高效地完成任务, 深度学习(Deep Learning, DL)旨在解决更大的复杂问题, 通过模拟人脑神经元的运作来解决非线性问题.

AI-based learning algorithms fall into three categories: supervised, reinforced and unsupervised. A supervised ML algorithm must be trained on a large dataset of samples labeled as either benign or malicious. In contrast, Deep Neural Networks (DNN), a Deep Learning model uses reinforced learning i.e. 以奖励为基础的学习系统, 在训练前和后期过渡到无监督学习阶段.e. 自我学习,不需要一个标签数据集的训练和成熟. 更多的 importantly, lies in its ability to correlate various category of datasets to make decisions.

A 虚拟安全分析师 that can operate in unsupervised mode is a boon to lean SecOps teams that lack the experienced resources to analyze and investigate new threats fully within the shortest period of time. 因为DNN有天生的自学能力, it continuously adapts to the evolving cyber threat landscape including AI-powered cyber attacks (see diagram below).

 

虚拟安全分析师必须具备以下特征:

  1. 自学能力.e. 在人工智能成熟方面,是否仅仅依赖于基于云的更新
  2. 极高的检出率达99%以上
  3. 在机器速度的规模上执行
  4. 自动化检测-调查-响应威胁生命周期
  5. 经过训练的人工智能在第一天就可以部署
 

  

FortiAI:虚拟安全分析™产品细节

FortiGuard实验室, 福提奈威胁情报和研究小组的领导, 包括威胁研究人员, 分析师, 而工程师们则站在揭露新威胁的前沿. 这个小组通过。分享最新的威胁情报 社区博客, 威胁剧本 对于组织,作为威胁保护通过 情报服务以及通过开发新的基于威胁的技术. One of the most significant technologies built by FortiGuard实验室 in 2012—an AI system to detect and update protection against millions of malware samples seen each day.

FortiAI是FortiGuard实验室开发的人工智能的累积成果, and the first solution of its kind that embeds a sophisticated and mature deep learning model via DNN. FortiAI's patent-pending DNN approach learns about new threats on its own and helps organizations to adapt threat protection to new attacks instantaneously. 除了, FortiAI comes pre-trained with more than 6+ million malware features that can identify IT- and OT-based threats and classify them into malware categories. These features can also accurately pinpoint patient zero and lateral spread of a malware and its variants by analyzing the entire threat movement. FortiAI在安全Fabric中的广泛集成包括FortiGate, FortiWeb, Forti高飞, FortiSandbox, FortiSIEM, FortiAnalyzer和第三方安全解决方案,支持亚秒保护, 威胁调查和狩猎. Deploying FortiAI on-premises can help security operations teams solve the security resource crisis and rapidly accelerate the response to evolving threats.

特性和好处

选中标记图标

少花钱多办事

减轻了安全分析师的威胁调查和响应职责
高性能的图标

加速响应威胁

次秒内嵌阻塞配对MITRE ATT&CK调查结果
分析图标

改善安全状况

适应新的攻击和干扰恶意软件爆发
最高税率图标

证明了人工智能

Mature deep learning model leveraged since 2012 comes pre-trained with 6+ million malware features
图标的安全结构

开放平台的方法

Security Fabric integration across the Fortinet portfolio, and 3rd party solutions via robust API
恶意软件防护

统一IT-OT零日威胁防护

保护IT和OT环境免受威胁

FortiAI:虚拟安全分析师™新闻

FORTIAI V1.5.1版本

FortiAI通过FortiGate提供内联亚秒网络保护, 使用FortiSIEM和FortiAnalyzer进行威胁搜索, 以及业内最好的威胁保护软件FortiSandbox. 更多的细节可以在发布说明中找到.

FortiAI v1.5版本

FortiAI offers deeper integration with Security Fabric including a FortiAI widget within FortiGate Fabric GUI, 以及使用Forti高飞实现ai驱动的响应编排用例. 更多的细节可以在发布说明中找到.

FortiAI v1.4个版本

FortiAI整合MITRE ATT&CK框架的调查视图,并扩展了对Fabric的ICAP和STIX支持. 欲了解更多信息,请查看最新的发布说明.

FortiAI v1.3版本

FortiAI引入了许多新功能, 包括病毒爆发搜索和恶意软件相似引擎, 调查加班威胁的能力, 以及隔离威胁的能力.