FortiAI-Assist for FortiSIEM
AI-Powered Security Solutions

Overview:

FortiAI-Assist for FortiSIEM

FortiAI-Assist guides and optimizes the FortiSIEM analyst experience across incident investigation, response, threat hunting, and more. FortiAI-Assist can automatically interpret security events, generating a detailed summary, potential impact, and remediation recommendations. Analysts can also query FortiAI-Assist in natural language to create complex database queries, build rich reports, and execute many product functions. Built-in menu prompts make it simple for FortiSIEM analysts to invoke FortiAI-Assist help during typical workflow activities.

Executive Summary

FortiSIEM truly delivers next-gen SIEM with enterprise-wide IT/OT event collection, advanced detection analytics, a rich user experience, and a unique CMDB, all powered by the latest in automation and AI. Delivering out-of-the-box value, complete flexibility, and ultimate scale, it’s the ideal solution for organizations of any size.

The heart of SIEM value is TDIR. FortiSIEM uniquely detects attacks using UEBA, over 2800 IT/OT correlation rules, and customer-controlled machine learning models. Analyst investigation and rapid response is powered by risk prioritization, real-time threat intelligence, native automation, and complete incident management, all powered by FortiAI-Assist.

FortiAI-Assist GenAI

FortiAI-Assist is natively built into common FortiSIEM workflows to guide, simplify, and automate analyst activities. These include event analysis, incident management tasks, and query building and guidance. FortiAI-Assist for FortiSIEM offers the choice of the latest OpenAI and Microsoft Azure OpenAI large language models (LLMs), utilizing a standard retrievalaugmented generation (RAG) method to privatize, augment, shape, and ensure the accuracy of responses and actions.

Features:

Key features and capabilities of FortiSIEM include:

• Built-in IT/OT CMDB: Passive and active discovery, plus continuous monitoring of asset health and performance.
• Real-Time Security Analytics: Robust IT/OT threat detection with UEBA engine, customizable ML, and 2800+ correlation rules.
• Built-in SOAR automation: Rich, flexible automation speeds threat investigation and response, and any analyst task.
• Powered by FortiAI-Assist: Guided, simplified, and automated security with FortiAI-Assist GenAI.
• OSquery endpoint visibility: Extended endpoint investigation and forensic monitoring with seamless integration.
• Broad Integrations: Support for hundreds of third-party solutions plus value-added capabilities for Fortinet products.

FortiSIEM Deployment Options and Use Cases

SaaS

FortiSIEM Cloud is hosted in 19 locations throughout the world.

Software VM

FortiSIEM VM software is available for on-prem or cloud deployment.

Hardware appliances

FortiSIEM purpose-built HW appliances option for on-prem deployment.

Hybrid Cloud Connectivity

SaaS, cloud, and on-prem solutions can be combined to meet your needs.

Multi-location support

Collectors and endpoint agents can be deployed across any environment.

MSSP/Enterprise ready

Distributed processing, scale, and MSSP-grade features help meet even the most demanding needs.

FortiAI-Assist Use Cases

Automated Alert Triage

Prioritizes notifications based on risk, context, and historical patterns; suppresses duplicate alerts; only flags high-confidence threats.

Adaptive Threat Hunting

Scans logs, network traffic, and user behavior to search for threats without waiting for human input.

Root-Cause Tracing

Identifies an attack's origin, method, and impact using AI-driven reasoning.

Auto Configuration

Generates and corrects CLI and Jinja scripts in seconds with FortiAI Script Assistant, validating existing ones and recommending fixes for optimized operations.

Policy Creation

Allows quick policy change script generation, eliminating repetitive labor and human errors.

LAN/WAN Optimization

Enhances visibility and automation, reducing issue resolution time across LAN and SD-WAN through AI-assisted monitoring and trend analysis.

Documentation:

Download the FortiAI-Assist for FortiSIEM Data Sheet (PDF).

Pricing Notes:

• All prices displayed are Ex-VAT. 20% VAT is added during the checkout process.
• Hardware plus ASE FortiCare and FortiGuard 360 Protection
  Hardware unit, 24x7 Comprehensive Support, Advanced Services Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, 360 Services Bundle (SD-WAN Orchestrator, SD-WAN Cloud Assisted Monitoring, SD-WAN Overlay Controller VPN, FortiManager Cloud, FortiAnalyzer Cloud, Fortinet SOCaaS, IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox, Application Control, Web & Video Filtering, Antispam, Security Rating, IoT Detection, Industrial Security and FortiConverter Service) plus term of contract
• Hardware plus 24x7 FortiCare and FortiGuard Enterprise Protection
  Hardware Unit, 24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Enterprise Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering, Antispam, Security Rating, Industrial Security and FortiConverter Service) plus term of contract
• Hardware plus 24x7 FortiCare and FortiGuard Unified Threat Protection (UTP)
  Hardware Unit, 24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, UTP Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering and Antispam Service) plus term of contract
• 360 Protection (SD-WAN Orchestrator, SD-WAN Cloud Monitoring, FMG/FAZ Cloud, IPAM, IPS, AMP, App Ctrl, Web & Video Filtering, AS, Security Rating, IoT Detection, Industrial Security, FortiConverter Svc, and ASE FortiCare)
  24x7 Comprehensive Support, Advanced Services Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, 360 Services Bundle (SD-WAN Orchestrator, SD-WAN Cloud Assisted Monitoring, SD-WAN Overlay Controller VPN, FortiManager Cloud, FortiAnalyzer Cloud, Fortinet SOCaaS, IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox, Application Control, Web & Video Filtering, Antispam, Security Rating, IoT Detection, Industrial Security and FortiConverter Service)
• Enterprise Protection (IPS, Advanced Malware Protection, Application Control, Web & Video Filtering, Antispam, Security Rating, IoT Detection, Industrial Security, FortiConverter Svc, and 24x7 FortiCare)
  24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Enterprise Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering, Antispam, Security Rating, Industrial Security and FortiConverter Service)
• Unified Threat Protection (UTP) (IPS, Advanced Malware Protection, Application Control, Web & Video Filtering, Antispam Service, and 24x7 FortiCare)
  24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, UTP Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering and Antispam Service)
• Advanced Threat Protection (IPS, Advanced Malware Protection Service, Application Control, and 24x7 FortiCare)
  24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Advanced Threat Protection Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct Service, Application Control)
• 24x7 FortiCare Contract
  24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Application Control
• ASE FortiCare (24x7 plus Advanced Services Ticket Handling)
  24x7 Comprehensive Support, Advanced Services Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Application Control.
• Prices are for one year of Premium RMA support. Usual discounts can be applied.
• Annual contracts only. No multi-year SKUs are available for these services.
• Contact Fortinet Renewals team for upgrade quotations for existing FortiCare contracts.
• Pricing and product availability subject to change without notice.