Fortinet FortiSOAR
Adaptive Security for SOC Teams and Enterprises
Click here to jump to pricing!
Please Note: All Prices are Inclusive of GST
Overview:
FortiSOAR™ is a holistic Security Orchestration, Automation and Response workbench, designed for SOC teams to efficiently respond to the ever-increasing influx of alerts, repetitive manual processes, and shortage of resources. This patented and customizable security operations platform provides, automated playbooks and incident triaging, and real-time remediation for enterprises to identify, defend and counter attacks. FortiSOAR™ optimizes SOC team productivity by seamlessly integrating with over 300+ security platforms and 3000+ actions. This results in faster responses, streamlined containment and reduced mitigation times, from hours to seconds.
Highlights & Features:
FortiSOAR enables SOC teams to quickly and securely:
- Manage security alerts, incidents, indicators, assets and tasks through a simplified, easy-to-use GUI
- Increase SOC team productivity by eliminating false positives and focusing only on the alerts that matter
- Track ROI, MTTD, MTTR through customizable reports and dashboards
- Automate within the Visual Playbook Designer, with 300+ security platform integrations & 3000+ actions for automated workflows and connectors
- Minimize Human Error by employing clear, auditable playbooks and custom modules to handle ever-changing investigation requirements
- Scale your network security solution with a truly multi-tenant distributed architecture, from a single, collaborative console
- Identify real threats with automated false positive filtering and predict similar threats and campaigns with FortiSOAR's recommendation engine
- Eliminate Repetitive Tasks through automation, correlation of incidents, threat intelligence & vulnerability data
- Improve efficiency & effectiveness of SOC processes by customizing and employing FortiSOAR's automation templates to save time and resources
- Reduce security incident discovery times from hours to seconds
Key Features:
Role-Based Incident Management
FortiSOAR's™ Enterprise Role-Based Incident Management solution provides organizations with robust field level role-based access control to manage sensitive data in accordance with SOC policies and guidelines.
Easily manage alerts and incidents in a customizable filter grid view with automated filtering, to keep analysts focused on real threats. Execute dynamic actions and playbooks on alerts and incidents and analyze correlated threat data in an intuitive user interface.
FortiSOAR's Recommendations Engine predicts various fields such as severity, asset, user, based on previously identified cases, aiding the SOC analyst in grouping and linking them together to identify duplicates and campaigns involving similar alerts, common threats and entities
Role-Based Dashboards & Reporting
Role-based dashboards and reporting, empowers SOC teams to measure, track and analyze investigations and SOC performance granularly with quantifiable metrics.
FortiSOAR's™ ready-made library of industry standard, personafocused dashboard templates, intuitive drag and drop visual layout builders, ensures SOC teams have the best tools to optimize their time and resources. Comprehensive charts, listings, counters and performance metrics help create rich views and informative data models. FortiSOAR also provides Industry-standard reports for Incident Closure, Incident Summary, Weekly Alert and Incident Progress, IOC Summary and many others. Track metrics such as MTTR, MTTD over various NIST approved incident phases, analyst loads, escalation ratios, Automation ROI's and other SOC performance metrics.
Multi-Tenancy
FortiSOAR™ provides a truly distributed multi-tenant product offering with a scalable, resilient, secure and distributed architecture, allowing MSSPs to offer MDR like services, while supporting operations in Regional and Global SOC environments.
With the ability to run automation workflows on specific tenants remotely, handling unique customer environments & product diversity becomes streamlined. FortiSOAR also involves tenants in case of approval requirements to control data flow to the master nodes. Other tenant features include creating tenant-specific alerts, incident views, reports and dashboards, and filter views.
Visual Playbook Builder
FortiSOAR's™ Visual Playbook Designer allows SOC teams to design, develop, debug, control and use playbooks in the most efficient manner.
The intuitive design includes a drag and drop interface to string multiple steps together, using 300+ OOB workflow integrations, , 3000+ automated actions, a comprehensive expression library for easy development, playbook simulation and referencing, ability to execute code in workflows like python, versioning, privacy control, crash recovery, advanced step controls like looping, error handling, notifications and more.
FortiSOAR's extensible platform provides the ability to define new modules with customization of fields, views, and permissions, and creation of smart automated workflows and playbooks on top of them, simplifying the analyst's ability to support solutions for vulnerability and threat management as well as regulation and compliance.
Benefits:
Connectors and Inegrations
FortiSOAR 3rd Party Connectors & Integrations provide unlimited access to hundreds of products including desktop security software, directories, network infrastructure, and other third-party security systems maximizing your ROI and providing unparalleled visibility and control across your network through Security Orchestration, Automation and Response (SOAR). FortiSOAR seamlessly integrates with other vendors and technologies. The following are a sample of the connectors that FortiSOAR integrates with:
FortiSOAR | |
---|---|
Network & Firewall |
FortiOS, Cisco Meraki MX VPN Firewall, Infoblox DDI, CISCO Umbrella Enforcement, Empire, CISCO Firepower, ForeScout, Zscaler,Imperva Incapsula, NetSkope, RSA Netwitness Logs And Packets, PaloAlto Firewall, CISCO ASA, SOPHOS UTM-9, Fortigate Firewall, Arbor APS, F5 Big-IP, Proofpoint TAP, Check Point Firewall, CISCO Catalyst, Citrix NetScaler WAF, Sophos XG, Cisco Stealthwatch, Pfsense, Symantec Messaging Gateway |
Vulnerability Management |
Rapid7 Nexpose, Kenna, Qualys, Tripwire IP360, Symantec CCSVM, Tenable IO, ThreadFix, Tenable Security Center |
Ticket Management |
ConnectWise Manage, Foresight, Zendesk, ServiceAide, Manage Engine Service Desk Plus, Salesforce, BMC Remedy AR System, OTRS, Request Tracker, JIRA, Pagerduty, RSA Archer, Cherwell, ServiceNow |
DevOps |
AWS Athena, AWS S3, Twilio, IBM BigFix, AWS EC2 |
Endpoint Security |
Endgame, Trend Micro Control Manager, CrowdStrike Falcon, FireEye HX, Carbon Black Defense, Malwarebytes, McAfee EPO, Symantec EDR Cloud, Microsoft WMI, TrendMicro Deep Security, Symantec EPM, Symantec DLP, WINRM, NetBIOS, Microsoft SCCM, Microsoft SCOM, CISCO AMP, Carbon Black Protection Bit9, CYLANCE Protect, SentinelOne, Carbon Black Response, TANIUM |
Threat Intel |
EmailRep, AlienVault USM Central, Trend Micro SMS, Malware Domain List, Infocyte, Attivo BOTsink, FireEye ISIGHT, Vectra, Phishing Initiative, Threatcrowd, ThreatConnect, CRITS, McAfee Threat Intelligence Exchange, Facebook ThreatExchange, Intel 471, Soltra Edge, Anomali STAXX, Recorded Future, AlienVault OTX, MISP, DARKTRACE, IBM X-Force, ANOMALI THREATSTREAM, BluVector, ThreatQuotient |
Analytics |
Fortinet FortiSIEM, RSA Netwitness SIEM, Sophos Central, Rapid7 InsightIDR, LogPoint, Micro Focus ArcSight Logger, Alienvault USM Anywhere, xMatters, Sumo Logic, LogRhythm, Syslog, Elasticsearch, McAfee ESM, IBM QRadar, ArcSight, Splunk |
Fortinet Connectors |
FortiMail, FortiEDR, FortiAnalyzer, FortiGate, FortiSandbox, FortiGuard Webfilter lookup, FortiOS |
* FortiSOAR can be integrated with other vendors and technologies in addition to those listed here. |
Documentation:
Download the Fortinet FortiSOAR Datasheet (PDF).
Pricing Notes:
- All Prices are Inclusive of GST
- FortiCare Premium Support
FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, VPN, and Traffic Management - Prices are for one year of Premium RMA support. Usual discounts can be applied.
- Annual contracts only. No multi-year SKUs are available for these services.
- Contact Fortinet Renewals team for upgrade quotations for existing FortiCare contracts.
- Pricing and product availability subject to change without notice.
Our Price: Request a Quote
Our Price: Request a Quote
Our Price: Request a Quote
Our Price: Request a Quote
Our Price: Request a Quote
Our Price: Request a Quote