Description
FortiNDR Cloud SaaS Network Detection & Response
FortiNDR Cloud is a SaaS-based Network Detection and Response (NDR) platform that uses AI, machine learning, behavioural analytics, and expert analysis to detect malicious activity across hybrid, multi-cloud, and distributed environments. It provides deep network visibility with 365-day historical metadata retention for investigation and threat hunting.
Key Highlights
-
365-day traffic visibility for retrospective analysis
-
AI + FortiGuard Labs intelligence to reduce false positives
-
Coverage of 90%+ MITRE ATT&CK techniques
-
Guided-SaaS model with dedicated Technical Success Manager (TSM) support
-
Fortinet Security Fabric + third-party integrations
What it Delivers
-
Real-time detection of anomalous and malicious behaviour
-
Risk scoring to help prioritise response
-
Automated + manual quarantine and response actions
-
Guided Queries for structured threat hunting
-
Retrospective analysis to uncover previously missed threats
Integrations
Works with Fortinet tools and third-party platforms including:
-
FortiGate
-
FortiEDR
-
FortiSIEM
-
FortiSOAR
-
Splunk
-
CrowdStrike
-
Microsoft Sentinel
-
Cortex
Deployment Model
-
SaaS platform (US or EU data residency)
-
Uses physical or virtual sensors to ingest traffic
-
Subscription-based licensing (metered by throughput)
-
Includes unlimited VM sensors (physical sensors sold separately)
Sensor Options (Quick Snapshot)
-
500G (Small) up to 14 Gbps metadata processing
-
900G (Large) up to 18 Gbps
-
2540G (Extra Large) up to 38 Gbps
-
Virtual sensors supported (AWS, Azure, ESXi, Hyper-V, GCP, KVM)
FortiNDR Cloud delivers AI-driven detection, deep historical visibility, guided expertise, and orchestrated response helping security teams detect and respond to threats earlier, with fewer false positives.
View data sheet: FortiNDR Cloud Data Sheet