FortiWeb Machine Learning

Hello Frank,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Hello Frank,

We are still looking for someone to help you.

We will come back to you ASAP.

Regards,

Hi Fakaul,

Well this Machine learning is basically to create a Threat Model and is used for Bot detection or Anomaly detection kind of Threats.

It actually supplements the traditional protection mechanism.  
Bot Detection is definitely  on of rewards of implementing. It do take some time to build based on the input of your traffic. 

FortiWeb employs two layers of machine learning to detect malicious attacks.
 The first layer uses the Hidden Markov Model (HMM) and monitors access to the application and collects data to build a mathematical model behind every parameter and HTTP method. Once completed, it will verify every request against the model to determine whether it's an anomaly or not.
Once the first layer of machine learning triggers a request as an anomaly, FortiWeb will use the second layer of machine learning to verify whether it's a real attack or just a benign anomaly that should be ignored. To do so, FortiWeb includes pre-built trained threat models. Each represents a certain attack category, such as SQL Injection, Cross-site Scripting, and so on. Each threat model is already trained based on analysis of thousands of attack samples. Threat models are continuously updated using the FortiWeb Security Service. 
Maybe you can get some more info from here: https://docs.fortinet.com/document/fortiweb/6.3.7/administration-guide/193258/machine-learning
So if you have any specific issue concerning implementation/configs/troubleshooting then maybe you can open one ticket using your FortiADC serial number and TAC can help you further in this. 
I hope this Answers your query. If you have further question on this, do reply back, I will try to answer best to my knowledge