FortiAI VM (virtual machine) is the next generation of Fortinet's malware detection technology in virtual machine format. FortiAI VM uses Artificial Neural Networks (ANN) with the following benefits:
- Deliver sub-second malware detection and verdict.
- Analyze malware scientifically by classifying malware based on features, for example, ransomware, downloader, coinminer, and so on.
- Trace the origins of the attack, for example, worm infection.
- Take advantage of Fortinet's Security Fabric with FortiGate NGFW to quarantine infected hosts with malware.
Unlike traditional defenses where malware detection relies on antivirus engines and signatures updates, FortiAI is pretrained with over 20 million clean and malicious files, so that FortiAI can make use of millions of features right out of the box. FortiAI VM can operate in two modes: sniffer mode and integrated mode (with FortiGate).
Key advantages of FortiAI VM include the following:
- Reduce malware identification time from minutes to seconds, unlike traditional technology like sandboxing where behaviors are extracted from file execution when the file is run in a VM within the sandbox. FortiAI does not need to run or execute a file to obtain a verdict.
- Provide extensive information about the malware attack by identifying the features used in the malware. This helps SOC analysts to determine the intention of the malware or attack.
- Correlate and link the source of attack, for example, finding the source of the worm infection over SMB, so that SOC analysts can act and fix the original problem—the patient-zero on the network.
- Show the big picture to assist in the threat investigation of malware attack forensic data for incident analysis.
- Enforce security with FortiGate NGFW as part of the Fortinet Security Fabric.