Fortinet Introduces Machine Learning Capabilities to its FortiWeb Web Application Firewall for Advanced Behavioral Threat Detection
NATIONAL HARBOR, Md.,
“With a staggering 48 percent of data breaches being caused by hacking web application vulnerabilities, it’s clear that cybercriminals are increasingly targeting public and internal web applications. Current technologies such as intrusion prevention systems and existing web application security solutions only provide basic protection against these threats.
- The new innovations to FortiWeb provide a dramatic increase in detecting web application threats with nearly 100 percent accuracy.
- Increased threat detection accuracy enables faster response times for “set and forget” automated blocking, eliminating the need for staff reviews of alerts before taking action.
- Seamless integration with the Fortinet Security Fabric delivers advanced threat protection with file scanning of application attachments, simplified deployment and shared threat intelligence, as well as integration with third party services for extensive vulnerability protection.
Unprotected web applications have become attractive targets for cybercriminals looking for easy entry points into enterprise networks. Web application vulnerabilities can lead to data breaches or shut down mission-critical systems, which is why many organizations are choosing to leverage web application firewalls (WAFs) to protect their network. Traditionally, WAFs have relied on application learning (AL) for anomaly and threat detection, but in today’s dynamic threat landscape, AL has proven to have limitations that lead to false positive attack detections and require a significant amount of time to manage for already bogged down security teams.
The newly introduced capabilities in the FortiWeb Web Application Firewall address these issues by introducing machine learning capabilities for better threat detection, faster response times and easier management. Unlike AL, which uses a one-layer approach to detect anomalies based on simply matching inputs to what it has observed and treating every variation as a threat, FortiWeb now uses a two-layer approach of AI-based machine learning and statistical probabilities to detect anomalies and threats separately. The first layer builds the mathematical model for each learned parameter and then triggers anomalies for abnormal requests. The second will then verify if the anomaly is an actual threat or if it is a benign variance (false positive). These new innovations allow FortiWeb to provide nearly 100 percent application threat detection accuracy while requiring virtually no resources to deploy and finetune settings.
Further bolstering Fortinet’s WAF offering, FortiWeb leverages nearly six years of AI and machine learning development from
“Fortinet and TNP have been our network security partners for many years. As the threats have continued to evolve, especially with the increase in the use of web-based business applications, we have found the Fortinet Security Fabric products, including FortiWeb, have helped us to quickly adapt and meet new challenges. The fact that all
- Read more detailed product information about FortiWeb Web Application Firewalls.
- Read the blog for more information about this announcement.
- Sign up for the weekly FortiGuard Threat Intelligence Briefs and the
FortiGuard Threat Intelligence Service.
- Read more about the Fortinet Security Fabric and the Third Generation of Network Security.
Fortineton Twitter, LinkedIn, YouTube, and Instagram.
Copyright © 2018 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiCare, FortiManager, FortiAnalyzer, FortiOS, FortiASIC, FortiMail, FortiClient, FortiSIEM, FortiSandbox, FortiWiFi, FortiAP, FortiSwitch, FortiWeb, FortiADC, FortiWAN, and FortiCloud. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments. This news release may contain forward-looking statements that involve uncertainties and assumptions, such as statements regarding technology releases among others. Changes of circumstances, product release delays, or other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this press release. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and expressly disclaims any obligation to update these forward-looking statements.
Source: Fortinet, Inc.