Fortinet Adds Machine Learning Algorithms to WAF

Fortinet today at the Gartner Security & Risk Management Summit 2018 announced it has infused machine learning algorithms and user-behavioral analytics in its web application firewall to identify nearly 100 percent of all cyberthreats.

John Maddison, senior vice president of products and solutions for Fortinet, said version 6.0 of the company’s FortiWeb Web Application Firewall (WAF) software employs machine learning algorithms to identify both known and unknown threats. That latter capability is enabled by applying algorithms against the user behavior data being collected to identify anomalies indicative of a new, unknown threat being introduced into the IT environment.

Historically, WAFs have relied on application learning (AL) to identify anomalies and known threats. But Maddison said that approach generates too many security alerts, which ultimately leads to a state of alert fatigue that makes it easy for cybersecurity professionals to miss or ignore critical information.

Machine learning algorithms provide a more effective means for detecting threats, Maddison said, with statistical probabilities to detect anomalies and threats separately. Machine learning algorithms build the mathematical model for each learned parameter and then triggers anomalies for abnormal requests. The second set of algorithms then verify if the anomaly is an actual threat or if it is a benign variance (false positive). These new innovations allow FortiWeb to provide nearly 100 percent application threat detection accuracy that eliminates the need to continually fine-tune WAF settings, he said.

Maddison noted those capabilities will take cybersecurity professionals out of the business of constantly monitoring security alerts. Instead, they will be able to automate blocking. The FortiWeb WAF software is also integrated with Fortinet Security Fabric that both scans application attachments and provides access to a mechanism for sharing cybersecurity threat information with third-party applications and services, he said.

Fortinet also announced it has completed the acquisition of Bradford Networks, a provider of agentless endpoint security software for internet of things (IoT) environments, to extend its security fabric.

IT organizations can elect to deploy FortiWeb WAF software on FortiWeb via hardware appliances, virtual machines for all the major hypervisor platforms, on public clouds such as Amazon Web Services (AWS) and Microsoft Azure, and a hosted cloud-based solution.

Regardless of how cybersecurity professionals may view artificial intelligence (AI), increased volume of more sophisticated attacks is making it increasingly difficult for themto manually keep pace. More challenging still, a chronic shortage of cybersecurity professionals means most organizations are not able to roll out secure applications as quickly as the senior leadership of most companies would like. Unless machine learning algorithms and other forms of AI are embedded into platforms such as firewalls, it’s unlikely most organizations will be able to survive cybersecurity attacks that themselves are being infused with AI to more efficiently target specific vulnerabilities.

Of course, there are going to be cybersecurity professionals that might view AI as an existential threat to their existence. But it’s unlikely AI will every replace the need for cybersecurity professionals, Rather, AI will even the odds to point where cybersecurity professionals, in fact, may enjoy more job security as cybersecurity breaches get discovered, contained and then removed faster than ever.

Featured eBook
The Main Pillars of The DevOps Toolchain

The Main Pillars of The DevOps Toolchain

Software companies often have a problem closing the gap between what the customer orders and what the engineers deliver. Usually, the main cause of this difficulty is the separation of the development environment and the production environment. After all, when an engineer only has access to the development environment, they will focus on delivering results there ... Read More
Michael Vizard

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 36 posts and counting.See all posts by mike-vizard