FortiEDR How to update antimalware heuristics without updating the software vesion
I am now studying the technical docs related to the FortiEDR solution. The documentation specifically points out that its antimalware engine is SIGNATURELESS, which is pretty much different from conventional AV. Anyway, there must be some sort of heuristics (Indicators of Compromise, Indicators of Attack,...) built into the product. Obviously, these heuristics should regularly be actualized.
What confuses me a bit is that the docs explain in much detail how to update the software itself (from one version to another) but it says nothing as to how to update heuristics only (while leaving the program modules intact). Is there any mechanism of updating solely antimalware interception logic?
I think I have looked through all of the tickets, but I haven't found such general info. I may have missed something, though. For example, new heuristics come out and they naturally need to be propagated to the collectors running on protected endpoints so that the collectors would have actualized viral patterns in order to spot new threats even in the autonomous mode.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.