Fortinet adds machine learning capabilities to its FortiWeb WAF
Two-step AI-based machine learning improves attack detection accuracy to its web application firewall
The latest version of Fortinet’s web application firewall (WAF) software will utilise machine learning for behavioural-based threat detection in web applications.
FortiWeb Web Application Firewall (WAF) 6.0 will also offer seamless integration with the Fortinet Security Fabric to deliver better threat protection with file scanning of application attachments, simplified deployment and shared threat intelligence, as well as integration with third party services for extensive vulnerability protection.
John Maddison, senior vice president of products and solutions, Fortinet, noted that a staggering 48% of data breaches are caused by hacking web application vulnerabilities. “Current technologies such as intrusion prevention systems and existing web application security solutions only provide basic protection against these threats. Fortinet has combined our AI-based machine learning capabilities with our FortiWeb WAF to protect web-based applications from attacks targeting known and unknown exploits with near 100% threat detection accuracy. It also benefits from automated management and seamless integration with the Fortinet Security Fabric.”
Unprotected web applications have become attractive targets for cybercriminals looking for easy entry points into enterprise networks. Web application vulnerabilities can lead to data breaches or shut down mission-critical systems, which is why many organisations are choosing to leverage web application firewalls (WAFs) to protect their network. Traditionally, WAFs have relied on application learning (AL) for anomaly and threat detection, but in today’s dynamic threat landscape, AL has proven to have limitations that lead to false positive attack detections and require a significant amount of time to manage for already bogged down security teams.
The newly introduced capabilities in the FortiWeb Web Application Firewall address these issues by introducing machine learning capabilities for better threat detection, faster response times and easier management. Unlike AL, which uses a one-layer approach to detect anomalies based on simply matching inputs to what it has observed and treating every variation as a threat, FortiWeb now uses a two-layer approach of AI-based machine learning and statistical probabilities to detect anomalies and threats separately.
The first layer builds the mathematical model for each learned parameter and then triggers anomalies for abnormal requests. The second will then verify if the anomaly is an actual threat or if it is a benign variance (false positive).
FortiWeb is available in four form factors including hardware appliances, virtual machines for all the major hypervisor platforms, public cloud options for AWS and Azure, and a hosted cloud-based solution.