Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Release Notes

    2024.10.0
    2024.10.0
    2024.9.0
    2024.7.0
    2023.0.0

    05 November 2024 version 2024.10.0

    05 November 2024 version 2024.10.0

    New terminology

    We have updated our terminology to be consistent with standard industry terms so that our documentation and user interface is more intuitive and accessible.

    Please be aware we have changed the names of several modules in the portal:

    • Rules are now referred to as Detections or Detectors.

    • Subscriptions are now Notifications.

    • Signatures are now referred to as Query or Queries.

    • Playbooks are now named Guided Queries.

    New functionality

    Login with FortiCloud

    You can now log into the FortiNDR Cloud portal using your FortiCloud account. You must have a valid FortiCloud account that matches an existing FortiNDR Cloud account to use this option.

    Improved functionality

    Sensors

    We have also added a new Decommission Pending status to the Sensors page.

    Account Management

    PCAP encryption keys

    PCAP encryption keys are now validated in the Account Management > Settings page.

    Accounts

    A Last Login filter has been added to the Accounts page. This feature is only applicable to users with access to multiple accounts. You can use this filter to view which accounts are in use to determine if an account should be deleted.

    MITRE ATT&CK Matrix

    We have added a Download Coverage Details button to the MITRE ATT&CK Matrix dashboard. Click the button to download the coverage details as a CSV file which contains the Date Updated, Name, Primary Attack ID, Secondary Attack ID and Description.

    Modules

    We have added a confirmation message when disabling an integration to prevent disabling an integration by accident.

    Detections

    Triage detections

    We have updated the Detection Status filter logic in the Triage Detections page:

    • All: Returns all detections the user has access to regardless of whether or not it was triggered in the current account.
    • Idle: Returns all detections that have been triggered in the current account but are not currently active.
    • Active: Returns all active detections.

    Detections table

    We have added a Detection Source column to the Detections Table which is determined by the detector's query. Note that Suricata and Observation are the only sources that are displayed at this time, otherwise the field is empty.

    We have also added three new Date Range Type options (Active Date, Creation Date, and Resolution Date). The date displayed in the date picker will be displayed in the Entity Panel.

    Global Search

    We have added a Detections Coverage section to the Global Search results which shows matches in the detector name, description or technique ID regardless of the detector status.

    Other improvements and updates

    • The Fit Width options has been added to the following pages:

      • Triage Detections Detail

      • Triage Device

      • Detection Table

      • Sensors

      • User List

    • the Zscaler sensor download has been removed. Zscaler integration is now via cloud upload.

    Previous
    Next

    05 November 2024 version 2024.10.0

    05 November 2024 version 2024.10.0

    New terminology

    We have updated our terminology to be consistent with standard industry terms so that our documentation and user interface is more intuitive and accessible.

    Please be aware we have changed the names of several modules in the portal:

    • Rules are now referred to as Detections or Detectors.

    • Subscriptions are now Notifications.

    • Signatures are now referred to as Query or Queries.

    • Playbooks are now named Guided Queries.

    New functionality

    Login with FortiCloud

    You can now log into the FortiNDR Cloud portal using your FortiCloud account. You must have a valid FortiCloud account that matches an existing FortiNDR Cloud account to use this option.

    Improved functionality

    Sensors

    We have also added a new Decommission Pending status to the Sensors page.

    Account Management

    PCAP encryption keys

    PCAP encryption keys are now validated in the Account Management > Settings page.

    Accounts

    A Last Login filter has been added to the Accounts page. This feature is only applicable to users with access to multiple accounts. You can use this filter to view which accounts are in use to determine if an account should be deleted.

    MITRE ATT&CK Matrix

    We have added a Download Coverage Details button to the MITRE ATT&CK Matrix dashboard. Click the button to download the coverage details as a CSV file which contains the Date Updated, Name, Primary Attack ID, Secondary Attack ID and Description.

    Modules

    We have added a confirmation message when disabling an integration to prevent disabling an integration by accident.

    Detections

    Triage detections

    We have updated the Detection Status filter logic in the Triage Detections page:

    • All: Returns all detections the user has access to regardless of whether or not it was triggered in the current account.
    • Idle: Returns all detections that have been triggered in the current account but are not currently active.
    • Active: Returns all active detections.

    Detections table

    We have added a Detection Source column to the Detections Table which is determined by the detector's query. Note that Suricata and Observation are the only sources that are displayed at this time, otherwise the field is empty.

    We have also added three new Date Range Type options (Active Date, Creation Date, and Resolution Date). The date displayed in the date picker will be displayed in the Entity Panel.

    Global Search

    We have added a Detections Coverage section to the Global Search results which shows matches in the detector name, description or technique ID regardless of the detector status.

    Other improvements and updates

    • The Fit Width options has been added to the following pages:

      • Triage Detections Detail

      • Triage Device

      • Detection Table

      • Sensors

      • User List

    • the Zscaler sensor download has been removed. Zscaler integration is now via cloud upload.

    Previous
    Next