Fortinet Community

DescriptionThere are two areas of severity scoring within FortiInsight, one for the rule based Policies and another for the AI alerting. The Policy alerts severity level is controlled by the organisation. When a new policy is configured the severity ...

DescriptionThis article indicates the time it takes for the AI to develop a baseline.SolutionAI needs to see two weeks of behaviour from a user to form an effective baseline, and learn what 'normal' behaviour looks like for that user. The more data A...

DescriptionThis article describes how is FortiInsight used for threat hunting.SolutionFortiInsight records a forensic timeline of all endpoint submitted events and provides an extensive search capabilities across this event recording in order to carr...

DescriptionFortiInsight is designed to ingest event data from FortiInsight endpoint agents only. Agent coverage currently includes;Microsoft Windows (desktop and server)

DescriptionFortiInsight uses a combination of supervised and unsupervised feedback to help prevent false positives.Static tags are used to group related categories of events (which AI is capable of learning on a per-user basis). Supervised feedback c...