Fortisoar: Common Soc Challenges
Fortisoar: Common Soc Challenges
Fortisoar: Common Soc Challenges
FortiSOAR™
Adaptive Security for SOC Teams and Enterprises
Too many alerts § Manage security alerts, incidents, indicators, assets and tasks
through a simplified, easy-to-use GUI
§ Increase SOC team productivity by eliminating false positives and
focusing only on the alerts that matter
§ Track ROI, MTTD, MTTR through customizable reports and
dashboards
Repetitive tasks § Automate within the Visual Playbook Designer, with 300+ security
platform integrations & 3000+ actions for automated workflows
and connectors
§ Minimize Human Error by employing clear, auditable playbooks
and custom modules to handle ever-changing investigation
requirements
Disparate tools § Scale your network security solution with a truly multi-tenant
distributed architecture, from a single, collaborative console
§ Identify real threats with automated false positive filtering and
predict similar threats and campaigns with FortiSOAR’s
recommendation engine
Key Features
Role-Based Incident Management Multi-Tenancy
FortiSOAR’s™ Enterprise Role-Based Incident Management FortiSOAR™ provides a truly distributed multi-tenant product
solution provides organizations with robust field level role-based offering with a scalable, resilient, secure and distributed
access control to manage sensitive data in accordance with SOC architecture, allowing MSSPs to offer MDR like services, while
policies and guidelines. supporting operations in Regional and Global SOC environments.
2
DATA SHEET | FortiSOAR™
Steps Manual
FortiSOAR
Fortinet Connectors FortiGate, FortiAnalyzer, FortiSIEM, FortiEDR, FortiSandbox, FortiMail, FortiGuard Webfilter lookup, FortiSOAR Custom Connector
Network & Firewall FortiGate, Cisco Meraki MX VPN Firewall, Infoblox DDI, CISCO Umbrella Enforcement, Cisco Meraki MX L7 Firewall, Empire, CISCO Firepower,
ForeScout, Zscaler,Imperva Incapsula, NetSkope, RSA Netwitness Logs And Packets, PaloAlto Firewall, CISCO ASA, SOPHOS UTM-9, Arbor
APS, F5 Big-IP, Proofpoint TAP, Check Point Firewall, CISCO Catalyst, Citrix NetScaler WAF, Sophos XG, Cisco Stealthwatch, Pfsense, Symantec
Messaging Gateway, PRTG, Centreon
Analytics & SIEM FortiSIEM, FortiAnalyzer, RSA Netwitness SIEM, Sophos Central, Rapid7 InsightIDR, LogPoint, Micro Focus ArcSight Logger, Alienvault USM
Anywhere, xMatters, Sumo Logic, LogRhythm, Syslog, Elasticsearch, McAfee ESM, IBM QRadar, ArcSight, Splunk, ReversingLabs A1000
Vulnerability Management Rapid7 Nexpose, Kenna, Qualys, Tripwire IP360, Symantec CCSVM, Tenable IO, ThreadFix, Tenable Security Center
Ticket Management ConnectWise Manage, Foresight, Zendesk, ServiceAide, Manage Engine Service Desk Plus, Salesforce, BMC Remedy AR System, OTRS, Request
Tracker, JIRA, Pagerduty, RSA Archer, Cherwell, ServiceNow
Endpoint Security Endgame, Trend Micro Control Manager, CrowdStrike Falcon, FireEye HX, Carbon Black Defense, Malwarebytes, McAfee EPO, Symantec EDR
Cloud, Microsoft WMI, TrendMicro Deep Security, Symantec EPM, Symantec DLP, WINRM, NetBIOS, Microsoft SCCM, Microsoft SCOM, CISCO
AMP, Carbon Black Protection Bit9, CYLANCE Protect, SentinelOne, Carbon Black Response, TANIUM
Threat Intel EmailRep, AlienVault USM Central, Trend Micro SMS, Malware Domain List, Infocyte, Attivo BOTsink, FireEye ISIGHT, Vectra, Phishing Initiative,
Threatcrowd, ThreatConnect, CRITS, McAfee Threat Intelligence Exchange, Facebook ThreatExchange, Intel 471, Soltra Edge, Anomali STAXX,
Recorded Future, AlienVault OTX, MISP, DARKTRACE, IBM X-Force, ANOMALI THREATSTREAM, BluVector, ThreatQuotient
DevOps AWS Athena, AWS S3, Twilio, IBM BigFix, AWS EC2
Sandbox FortiSandbox, GitLab, ThreatSTOP, Intezer Analyze, FireEye AX, CISCO Threat Grid, URLSCAN.Io, Joe Sandbox Cloud, Koodous, Trend Micro
DDAN, Symantec CAS, HYBRID-ANALYSIS, VMRAY, PaloAlto WildFire, Malwr, Lastline, SecondWrite, Cuckoo
Email & Email Security GSuite For GMail, Microsoft Exchange, SMTP, IMAP, Mimecast, Symantec Email Security Cloud, FireEye EX, CISCO ESA
Investigation FortiAnalyzer, FortiSIEM, FortiMail, Securonix SNYPR, Symantec ICDx, Symantec Security Analytics, NMAP Scanner, Protectwise, PhishTank,
CloudPassage Halo, TruSTAR, Have I Been Pwned, Farsight Security DNSDB, Cofense PhishMe, RSA Netwitness
* FortiSOAR can be integrated with many other vendors and technologies in addition to those listed here.
3
DATA SHEET | FortiSOAR™
Order Information
Product SKU Description
FortiSOAR Subscription License FC-10-SRVMS-385-02-DD One year subscription for FortiSOAR Enterprise Edition - 2 User Logins included plus 24x7 FortiCare support
FC-10-SRVMS-386-02-DD One year subscription for FortiSOAR Multi Tenant Edition - 2 User Logins Included plus 24x7 FortiCare support
FC-10-SRVMS-387-02-DD One year subscription for FortiSOAR Multi Tenant Edition - Dedicated Tenant - 1 User Login Included plus 24x7 FortiCare support
FC-10-SRVMS-388-02-DD One year subscription for FortiSOAR Multi Tenant Edition - Regional SOC Instance - 2 User Login Included plus 24x7 FortiCare support
FC-10-SRVMS-384-02-DD One year subscription for FortiSOAR User Seat License - One Additional User Logins plus 24x7 FortiCare support
FortiSOAR Perpetual License LIC-FSRENT-2 FortiSOAR Enterprise Edition - 2 User Logins Included (Perpetual License)
LIC-FSRMTT-2 FortiSOAR Multi Tenant Edition - 2 User Logins Included (Perpetual License)
LIC-FSRMTD-1 FortiSOAR Multi Tenant Edition - Dedicated Tenant - 1 User Login Included (Perpetual License)
LIC-FSRMTR-2 FortiSOAR Multi Tenant Edition - Regional SOC Instance - 2 Users Login Included (Perpetual License)
LIC-FSRAUL-1 FortiSOAR User Seat License - Additional User Logins (Perpetual License) - add-on by 1
FC1-10-SRVMP-248-02-DD FortiCare 24x7 support for FortiSOAR Enterprise Edition
FC2-10-SRVMP-248-02-DD FortiCare 24x7 support for FortiSOAR Multi Tenant Edition
FC3-10-SRVMP-248-02-DD FortiCare 24x7 support for FortiSOAR Multi Tenant - Dedicated Tenant
FC4-10-SRVMP-248-02-DD FortiCare 24x7 support for FortiSOAR Multi Tenant - Regional SOC Instance
www.fortinet.com
Copyright © 2020 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law
trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results
may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to
the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event,
only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests.
Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version
of the publication shall be applicable. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without
notice, and the most current version of the publication shall be applicable.
FST-PROD-DS-SOAR FSR-DAT-R02-202005