IBM Security QRadar SOAR

 View Only

QRadar SOAR & Fortinet Security: Accelerate and Strengthen Your Security Posture

By Nick Barrett posted Fri February 17, 2023 03:44 PM


The Fortinet and IBM Security Alliance offers security industry leadership with best-in-class solution offerings. Fortinet is a Global IBM Security Alliance Partner with managed security services, consulting services, and technology solutions that offer comprehensive and unparalleled security protection. As part of IBM Security’s continued investments in our QRadar SOAR integrations and partnerships, we have increased app development around Fortinet’s suite of security solutions to augment the orchestration and automation capabilities of QRadar SOAR. Below is a summary of the current Fortinet solutions available on the IBM App Exchange for QRadar SOAR:

  • FortiWeb: Security teams are inundated with evolving threats on a daily basis. One solution to mitigate this is FortiWeb: a web application firewall that protects web applications and APIs from attacks that target known and unknown exploits. By integrating FortiWeb with QRadar SOAR, security analysts can leverage FortiWeb’s machine learning capabilities to better defend applications from known vulnerabilities and from zero-day threats, while maintaining regulatory compliance . This integration provides security teams the necessary transparency and context to better understand their holistic security posture, while empowering users to take action on FortiWeb findings from within the QRadar SOAR console. Configure, test, and update firewall protocols to understand gaps in coverage and strengthen your organization’s network. 

  • FortiGate Firewall: When it comes to network security, visibility and actionable insights are crucial for success. FortiGate Firewall empowers security analysts with the deep visibility and security required to maintain and secure applications, users and devices. Through the QRadar SOAR and FortiGate Firewall integration, security teams can take action on customized firewalls and manage complex policies all from one unified console. 

  • FortiSandbox: Your organization’s information technology (IT) and operational technology (OT) environments are complex, but the method to which you chose to protect it does not have to be. FortiSandbox is a third-generation malware sandbox, powered by machine learning and deep learning, designed to integrate with any security infrastructure. FortiSandbox enables automated protection across your entire environment. This automation enables immediate threat response and reduces reliance on security resources. Through the QRadar SOAR and FortiSandbox integration, security analysts can gain the visibility necessary to not only understand, but protect, their IT and OT environments.

  • FortiManager: FortiManager empowers security analysts to centrally manage network and security policies across an organization’s Fortinet devices - all from a unified console. By integrating QRadar SOAR with FortiManager, security analysts can benefit from increased operational efficiency, accelerated zero-touch provisioning, and streamlined workflows. Take action on firewall addresses, firewall policies, device groups, and more. 

  • FortiEDR (New!): FortiEDR is a lightweight solution, bringing together state of the art malware detection and prevention capabilities. It delivers real-time, automated endpoint protection with the power to orchestrate incident response across any communication device. This includes workstations, servers, and cloud workloads with current and legacy operating systems, as well as manufacturing and OT systems. Analysts have access to several Threat Hunting Capabilities and can take action on functionality such as updating the mode of policy to either Simulation or Prevention and changing specific rules inside the policy to either Block or Log.

Explore the individual Fortinet x QRadar SOAR integrations available on our IBM App Exchange. As always, your feedback is appreciated. Please don't hesitate to reach out with any questions to