Artificial Intelligence, especially Generative AI, is causing a stir everywhere, and cybersecurity is no exception. In this midst of all the hype, however, it’s important to remember that machine learning and AI have long played a role in protecting organizations.
In a recent conversation with Alex Samonte, Field CTO at Fortinet, I had the opportunity to explore the current AI applications being applied to cybersecurity and gain insight into the approaches Fortinet employs to stay ahead of the evolving threat landscape. In this Tech Note, I will provide an overview of the key concepts we discussed and offer a deeper look at the trends, challenges, and strategies shaping the current state of AI in cybersecurity—with a focus on FortiGuard AI-Powered Security Services.
Leveraging AI for Enhanced Security
AI has played a critical role in cybersecurity for years, and Fortinet has been at the forefront of AI innovation in this space for more than a decade.
One area in which AI plays a critical role is in advanced threat detection. AI is particularly good at recognizing patterns, and this aids significantly in identifying anomalous behavior and malicious code. And now, as the sheer volume of data generated by systems has surpassed human processing capabilities, AI plays a vital role in pre-processing this information, enabling real-time responses to cyberthreats and reducing the risk of breaches.
Incident response is another area where AI has had a significant impact. Given the ongoing cyber skills shortage, there’s a critical lack of experienced analysts, just as we’re seeing a dramatic influx of alerts that demand time to investigate and remediate. AI is especially suited to supporting stretched SOC teams by conducting initial triage and helping connect dots across disparate log files.
These are just two ways Fortinet uses AI to support and sustain cybersecurity efforts. AI implementations across the Fortinet Security Fabric, the company’s unified cybersecurity platform, also aid in zero-day threat detection, help identify and remediate sophisticated attacks, and enable IT teams to refine and resolve networking and security issues before they impact the organization.
FortiGuard AI-Powered Security Services
Given the number of vendors jumping on the AI bandwagon, it’s essential to understand that effective AI solutions do not appear overnight. Creating a beneficial AI-powered cybersecurity solution requires years of investment and access to large amounts of relevant data to train algorithms. Most vendors simply didn’t have the time or resources to develop this technology themselves, or they decided too late that they needed an AI offering to remain competitive, so they have turned to third-party vendors for their solutions.
Fortinet, on the other hand, began developing AI systems more than a decade ago. These years of careful development have allowed them to produce advanced AI systems that are deeply integrated into their cybersecurity and networking portfolio and are capable of addressing a spectrum of security needs. A primary focus of that AI is on threat intelligence, with FortiGuard Labs serving as the nerve center of data collection and analysis from millions of threat sensors deployed worldwide. Insights from FortiGuard Lab inform Fortinet’s suite of FortiGuard AI-Powered Security Services, which span a wide variety of cybersecurity technologies, including firewalls, intrusion prevention (IPS), antivirus (AV), spam and mail filtering, web application firewalls, and distributed denial-of-service (DDoS) protection.
The staggering volume of threat intelligence and data inundating Fortinet customers—and FortiGuard Labs themselves—was the catalyst for Fortinet’s early investments in AI and machine learning. To manage this influx, artificial neural nets (ANNs) with billions of nodes were designed, developed, and deployed to provide the computational power needed to categorize and sort the exponentially growing volume of information generated by malware and criminal activity. This approach also includes the use of confidence levels to enable precise determinations of whether the data being analyzed is benign or malicious.
Don’t Count the Humans Out Just Yet
Leveraging AI to advance cybersecurity doesn’t mean the machines have taken over. Fortinet recognizes the importance of using human intelligence in tandem with AI. This strategic collaboration ensures that AI and ML do the groundwork before a human being signs off on any final actions within the network that require a high degree of confidence or another layer of assessment. This is of particular importance when AI models yield inconclusive results.
Trust in AI and machine learning in the security domain cannot be absolute. Humans still need to vet certain AI-driven conclusions and AI-suggested remediation plans to ensure the accuracy and relevance of threat information.
The Bottom Line
Fortinet’s long history of leveraging AI/ML within cybersecurity—and delivering some of the first AI-powered solutions and services to customers in the industry—positions Fortinet as a trailblazer in the cybersecurity landscape. The more than forty unique AI-powered offerings across its Security Fabric platform and the thoughtful way it augments AI/ML with human intelligence underscores Fortinet’s commitment to providing adaptive and effective cybersecurity solutions.
As threats, tools, and technologies evolve, Fortinet stands ready to address these challenges with innovative solutions—like its FortiGuard AI-Powered Security Services—that bridge the gap between AI innovation and the enduring importance of human expertise.
Learn more about Fortinet’s efforts with FortiGuard Labs and FortiGuard AI-Powered Security Services. For more, head to Fortinet’s website.