Business & Technology

Introducing FortiAnalyzer 7.6

Redefining Security Operations with Advanced AI Integration

By Max Zeumer | July 17, 2024

The release of FortiAnalyzer 7.6 is a significant milestone in Fortinet’s ongoing commitment to innovation, delivering advanced features and integrations that streamline operations and fortify security. FortiAnalyzer 7.6 empowers security teams and helps address the evolving challenges of the modern threat landscape with several key new features:

  • FortiAI GenAI assistant: Simplify threat hunting and event analysis with advanced AI-driven capabilities and natural language processing.
  • Visual data analysis: Generate graphical representations and charts to visualize log data, making it easier to identify patterns and anomalies.
  • Preconfigured security automation: Includes monthly updates with preconfigured automation tools, including reports, event handlers, and incident response playbooks.

Strategic Impact on Businesses

FortiAnalyzer 7.6 delivers significant strategic benefits to businesses. It enhances operational efficiency, reducing the burden on security teams so they can focus on core tasks. Organizations can respond to threats more quickly and effectively using AI-driven analytics, preconfigured automation, and intuitive visualization tools in FortiAnalyzer. FortiAnalyzer 7.6 helps businesses stay ahead of the evolving threat landscape and remain secure and competitive in today’s digital world by reducing manual tasks and providing actionable intelligence.

Figure 1: FortiAI in the FortiAnalyzer user experience threat summary

Harnessing the Power of the FortiAI GenAI Assistant

One of the standout features of FortiAnalyzer 7.6 is the deepened integration of the Fortinet FortiAI GenAI assistant. FortiAI is a context-aware GenAI security assistant that transforms how security professionals operate and interact with threat data. It makes complex analysis and response tasks more intuitive and accessible. FortiAI voice command capabilities simplify threat hunting and event analysis. Analysts can easily issue commands for querying data, identifying threats, and generating reports.

The power of natural language processing means even those with limited technical training can quickly navigate vast datasets to pinpoint potential threats. The AI capabilities help accelerate review and response cycles and empower security teams to handle detection, analysis, and mitigation tasks with unprecedented speed and accuracy.

Figure 2: FortiAI in FortiAnalyzer, rendering a bar chart of blocked threats by destination IP

Visualize Log Data with the Power of Graphical Representations

Understanding log data is critical for effective threat management, and FortiAnalyzer 7.6 makes this process more intuitive with advanced visualization capabilities. The new graphical user interface includes enhanced charts, widgets, and dashboards that provide an interactive way to analyze log data. Analysts can use graphical representations and charts to make sense of log data, quickly identifying patterns, anomalies, and trends. This visual approach to log analysis enhances understanding and accelerates the decision-making process.

Visualizations can be produced using voice commands. For example, analysts can say, “Render a pie chart for blocked threats by destination IP” or “Show a bar chart of malware activities by threat type.” These visual aids provide clear, actionable insights, helping teams to pinpoint areas of concern and prioritize their response efforts.

SOAR Cyber Forensics Help Uncover the Truth Behind Incidents

The FortiAI capabilities included in FortiAnalyzer are transformative for cyber forensics. By systematically analyzing digital evidence, FortiAI can examine various systems, logs, and artifacts to uncover the how and why behind security incidents. This deep dive into digital forensics offers security teams a comprehensive understanding of incidents to make more informed decisions and precise responses.

Analysts can leverage AI-driven insights to reconstruct attack vectors, understand attacker methodologies, and determine the impact of security breaches. This level of detail aids in immediate response efforts and informs future preventive measures, fortifying overall security.

Figure 3: Threat hunting in FortiAnalyzer with FortiAI

SIEM Network Telemetry Analysis Turns Data into Actionable Intelligence

FortiAnalyzer 7.6 enhances security information event management (SEIM) network telemetry analysis with robust tools to analyze and interpret vast amounts of log data. The integration of FortiAI makes this process even more powerful. Analysts can use natural language queries to retrieve log statistics based on specified filters, groupings, and time ranges. For example, to gain instant insight into network security events, an analyst can issue a command such as, “Show me threats without blocking happening on risky destinations” or “Give me the statistics of malware activities detected today by threat name.”

Being able to easily perform detailed network telemetry analysis helps security teams stay ahead of potential threats. By quickly identifying and reacting to suspicious activities, organizations can take a proactive approach to threat management and mitigate risks before they escalate into full-blown incidents. 

Figure 4: FortiAnalyzer Security Automation Service

Preconfigured Security Automation Saves Time

In the fast-paced world of cybersecurity, time is a precious commodity. Security teams often find themselves overwhelmed with more work than they have the resources to handle. Building custom security automation can be time-consuming and resource-intensive, so FortiAnalyzer 7.6 now offers curated preconfigured automation updates every month. This feature ensures that security teams can access the latest automation tools and configurations without building them from scratch.

Preconfigured automation includes premium reports, event handlers, advanced correlation rules, third-party log parsers, automation connectors, data enrichment, and incident response playbooks. These tools enable teams to quickly implement adequate security measures, streamline workflows, and focus on higher-priority tasks. By automating routine tasks, FortiAnalyzer 7.6 allows security teams to enhance their efficiency and effectiveness, ensuring they can respond promptly and effectively to threats.

Envision the Future with FortiAnalyzer 7.6

Fortinet remains committed to the continuous development and expansion of our AI-enhanced solutions. FortiAnalyzer 7.6 is a significant step forward, redefining security operations with advanced automation, AI integration, and seamless updates. FortiAnalyzer 7.6  offers advanced features and AI-driven capabilities to empower security teams to be more proactive, efficient, and effective in defending against today’s sophisticated threats.

Learn more about how FortiAnalyzer can transform your operations by reading the FortiAnalyzer Solution Brief.