Security Information and Event Management (SIEM)
FortiSIEM delivers powerful security information and event management (SIEM) with user and entity behavior analytics (UEBA)
Overview
FortiSIEM is designed to be the backbone of your security operations team, delivering capabilities ranging from automatically building your inventory of assets to applying cutting edge behavioral analytics to rapidly detect and respond to threats. FortiSIEM is the industry’s only security operations platform with a fully inbuilt configuration management database (CMDB).
FortiAI: Generative AI Power for FortiSIEM
FortiAI provides embedded generative AI assistance to guide and turbocharge FortiSIEM analysts actions during incident investigation, response, threat hunting, and more. FortiAI can automatically interpret security events, generating a detailed summary, potential impact, and remediation recommendations. Analysts can also query FortiAI in natural language to create rich reports and get product help. Built-in menu prompts make it simple for FortiSIEM analysts to invoke FortiAI help during typical workflow activities.
Read the FortiAI BlogWatch the Demo
Next-Generation SOC Automation
FortiGuard Labs threat intelligence experts work 24x7 to analyze the latest threats and build mitigations extremely fast. Combined with the latest AI-driven behavior anomaly detection capabilities such as UEBA, FortiSIEM protects against both known and unknown threats. Statistical models are leveraged to pick up deviations both strange and impossible, such as logins across geographical regions that would require superhero speeds (or stolen credentials).
New: Visual Threat Hunting Through Link Analysis
FortiSIEM brings together visibility, correlation, automated response, and remediation in a single, scalable solution. It reduces the complexity of managing network and security operations to effectively free resources, improve breach detection, and even prevent breaches. To power more effective threat hunting, FortiSIEM now includes new link graph technology which allows for easy visualization of relationships between users, devices, and incidents.
Features and Benefits
The modern SOC requires a SIEM that handles more than log aggregation, simple correlation rules, search, and compliance reporting. FortiSIEM builds upon those basics to provide unique capabilities to meet today’s SecOps needs.
Self-Learning Asset Inventory
Passive & active discovery methods, use of agents, FortiGates, & OT asset management systems
Real-Time Security Analytics
Correlation, UEBA ML engine, and over 1600 rules provide robust threat detection
Powered by Generative AI
FortiAI uses GenAI to guide, simplify, and automate security analyst activities
Osquery Endpoint Visibility
Seamless integration provides extended endpoint investigation and forensic monitoring
Deep Fabric Integration
Security Fabric integration across the Fortinet portfolio, and third-party solutions via robust APIs
Industry-Leading Threat Intelligence
Driven by over 500 researchers and AI fed by the world’s largest array of sensors
FortiSIEM Use Cases
Converged IT/OT SOC
FortiSIEM’s inbuilt CMDB synchs to OT asset systems and uses passive techniques for no-impact discovery, plus Purdue classification context.
SIEM-AS-A-SERVICE
FortiSIEM as SaaS lets Fortinet take on the burden of deployment and software administration.
REMOTE
FortiSIEM’s lightweight agent is perfect for collecting telemetry to track user behavior anamolies—even when disconnected and working remotely.
ON-PREMISES
FortiSIEM offers hardware and highly scalable virtual machines for those who prefer these solutions.
MULTI-CLOUD
Easy-to-manage automation in a single pane of glass integrates public and private cloud protections.
HYBRID
Our hybrid approach enables combining SaaS, cloud, VM, and HW in whatever combination you need.
Enterprise Analyst Validation
ESG Economic Validation on Fortinet SecOps Fabric
The Quantified Benefits of Fortinet Security Operations Solutions
As enterprises evolve, new technologies emerge, and cybercriminals introduce more sophisticated attacks, security leaders and their teams face a variety of challenges in securing the organization’s networks. This new report published by Enterprise Strategy Group details the benefits of using Fortinet Security Operations solutions, including improved operational efficiency and more effective risk management.
Download Report »
FortiGuard AI-Powered Security Services
The FortiGuard SOC/NOC Security suite offers advanced security technologies optimized for SOC and NOC teams. More focus is enabled through AI and automation for faster response to attacks.
Show All Services
Content Security
Web Security
Device Security
Application Security
SOC NOC Security
Case Studies
IDOPPRIL
Dominican Republic Government Institution Empowers an Integrated and Secure Network with the Fortinet Security Fabric
Temple College
Evolving from Firewalls to Comprehensive Security Posture with Fortinet Security Fabric
Jersey Mike’s Franchise Systems Inc.
Streamlining Secure Network Management by Leveraging FortiSwitch Across 2,500+ Restaurants
Grey County
Canadian County Consolidates Security Strategy with Fortinet to Deliver Top Services to the Community
Models and Specifications
CATEGORIES
| MODEL | EVENTS PER SECOND | STORAGE | DATA SHEET |
|---|---|---|---|
| FortiSIEM 500F |
5000 |
3 TB |
|
| FortiSIEM 500G |
5000 |
4 TB |
|
| MODEL | EVENTS PER SECOND | STORAGE | DATA SHEET |
|---|---|---|---|
| FortiSIEM 2000F |
15,000 |
36 TB |
|
| FortiSIEM 2000G |
20,000 |
32 TB + 4 TB NVMe |
|
| MODEL | EVENTS PER SECOND | STORAGE | DATA SHEET |
|---|---|---|---|
| FortiSIEM 3500G |
40,000 |
96 TB |
|
FortiCare Support & Professional Services
Fortinet is dedicated to helping our customers succeed, and every year FortiCare services help thousands of organizations get the most from their investments in Fortinet's products and services. To achieve this, FortiCare follows the life-cycle approach and provides unique services to help our customers in their success journeys.
Technical Support Services
Various per-device options are available for efficient operations. FortiCare Elite option provides a 15-minute response time for critical products.
Advanced Support
Various per-account white glove services are available to reduce disruption and increase productivity with operational reviews by designated experts.
Professional Services
Our multi-vendor experts can design and deploy a complete best practice-based solution to help you meet your network or security objectives and adopt new capabilities.
RMA
Priority RMA options are available across the product family for expedited replacement of defective hardware to meet your availability objectives.
Resources
Data Sheets
eBook
Solution Briefs
Videos
Analyst Reports
Fortinet Advisor: GenAI Assistant for FortiSIEM »
See how Fortinet's new GenAI assistant, Fortinet Advisor, guides and turbocharges the FortiSIEM analyst experience across incident investigation, response, report creation, and more.
Fortinet Management and Analytics Solution »
Learn about security’s biggest gap and how the NOC-SOC approach helps close that gap.
StratoZen Simplifies SIEM, SOC and Compliance with FortiSIEM »
SIEMs can be difficult, SOCs are expensive, and the related compliance is a pain. StratoZen reduces or eliminates these challenges for their clients by using FortiSIEM as part of their SOC and SIEM “as a service” solutions.
FortiSIEM 5.0 »
Learn about the new features in FortiSIEM 5.0 – CMDB, UEBA and SOAR Orchestration. Learn how you can do more with less, harmonizing security and networking operations to business focused outcomes.
Ecosystem
Amazon Web Services
AWS services are trusted by more than a million active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructures, make them more agile, and lower costs.
Learn more on the Fortinet-AWS alliance
Armis, Inc.
Armis the leading unified asset visibility and security platform designed to address the new threat landscape that connected devices create. Our real-time and continuous protection sees the full context of all managed, unmanaged, and IoT devices, including medical devices, operational technology, and industrial control systems.
- Blog - FortiGate Integration
- Blog - Armis and Fortinet Partnership
- Armis FortiSOAR
- Partner Interview Video
- Solution Brief - Security
- Solution Brief - Healthcare
ATAR Labs
ATAR Labs builds next-generation SOAR platform ATAR. Together with Fortinet, SOC teams become more agile and respond to complex threats and defend their infrastructure. Automatic processes deployed and orchestrated from ATAR, and enforcement, and detection from Fortinet creates an integrated operation to achieve a secure environment.
Brocade
Brocade networking solutions help the world's leading organizations turn their networks into platforms for business innovation. With solutions spanning public and private data centers to the wireless network edge, Brocade is leading the industry in its transition to the New IP network infrastructures required for today's era of digital business.
Cisco
Cisco is the worldwide leader in IT that helps companies seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected.
Citrix
Citrix is leading the transition to software-defining the workplace, uniting virtualization, mobility management, networking, and SaaS solutions to enable new ways for businesses and people to work better.
Claroty
Claroty's ICS Security Platform passively protects industrial networks and assets from cyberattack; ensuring safe and continuous operation of the worlds most critical infrastructures without compromising the safety and security of personnel or expensive industrial assets. 2018 S4 ICS Challenge winner!
Cloud Range
Cloud Range is the industry’s leading cyber preparedness simulation platform that reduces exposure to cyber risk across the organization. Fortinet and Cloud Range have partnered to provide cybersecurity teams with full-service, live-fire simulation exercises designed explicitly for OT/ICS, IT, IoT, and converged environments.
CrowdStrike, Inc.
CrowdStrike has redefined security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk — endpoints and cloud workloads, identity, and data.
CyGlass, Inc
CyGlass is an AI based SaaS security platform that uses network data to uncover, pinpoint, and respond to advanced cyber threats that have evaded traditional security controls.
Training & Certifications
Fortinet Certified Professional - Security Operations
In this course, you will learn about FortiSIEM initial configurations, architecture, and the discovery of devices on the network. You will also learn how to collect performance information and aggregate it with syslog data to enrich the overall view of the health of your environment.
Fortinet Certified Solution Specialist - Security Operations
In this course, you will learn how to use FortiSIEM in a multi-tenant environment. You will learn about rules and their architecture, how incidents are generated, how baseline calculations are performed, the different methods of remediation available, and how the MITRE ATT&CK framework integrates with FortiSIEM.
Fortinet Certified Solution Specialist - OT Security
Learn how to design, deploy, administrate, and monitor FortiGate, FortiNAC, FortiAnalyzer, and FortiSIEM devices to secure OT infrastructures. These skills will provide you with a solid understanding of how to design, implement, and operate an OT security solution based on Fortinet products.
Other Training
In this two-day course, you will learn how to create custom parsers to extend FortiSIEM’s scope to as-yet unknown devices and custom applications whose log formats would not otherwise be understood by FortiSIEM.
