Fortinet Strengthens Security Operations Platform with Unified SOC, Agentic AI, and Enhanced Endpoint Security
Fortinet has announced significant enhancements to its Security Operations platform, aiming to streamline operations and improve response capabilities against increasingly sophisticated, AI-driven cyber threats. These updates were unveiled at Fortinet Accelerate 2026, showcasing next-generation advancements that include expanded Agentic AI functionalities, a preview of FortiSOC, and enhancements to managed services and endpoint security through FortiEndpoint.
Ken Xie, Founder, Chairman of the Board, and Chief Executive Officer at Fortinet, emphasized the urgency of adapting security operations to the rapid evolution of cyber threats. He stated, “As attackers weaponise AI to accelerate reconnaissance, exploit development and social engineering, security operations must function with the same speed and coordination.” Fortinet’s advancements aim to provide a unified, AI-powered security operations platform that offers a scalable architecture across its defense framework, enabling organizations to build, extend, or optimize their Security Operations Centers (SOCs) through a single architecture that spans self-managed, cloud, and managed deployments.
Advancing Security Operations for an AI-Accelerated Threat Landscape
The current cybersecurity landscape presents numerous challenges for security teams. They must defend against an expanding attack surface that includes endpoints, identity, cloud, email, and networks, all while grappling with skills shortages, alert overload, and fragmented tooling. The Fortinet Security Operations Platform addresses these challenges by unifying telemetry, analytics, threat intelligence, and response across the kill chain. This integration reduces complexity and accelerates investigations without necessitating operational rebuilds.
The latest release strengthens four core areas for organizations:
- SOC modernization
- Agentic AI execution
- FortiGuard managed services
- Simplified endpoint security
FortiSOC and FortiAI: Unifying Cloud SOC and Advancing Agentic Operations
The maturation of security operations often leads to tool sprawl and workflow fragmentation, which can hinder team efficiency. At Accelerate 2026, Fortinet previewed FortiSOC, a cloud-delivered offering that integrates the core capabilities of FortiAnalyzer, FortiSIEM, FortiSOAR, and FortiTIP into a single service. This integration is complemented by the expansion of FortiAI, which introduces new agentic workflows across security operations.
FortiSOC facilitates log ingestion, normalization, correlation, automation, case management, behavioral analytics, and identity-focused investigations through a unified console and data model. It integrates telemetry from both Fortinet and third-party environments. Built-in SOC best practices, shaped by Fortinet’s global SOC operations, are embedded alongside AI and machine learning capabilities to enhance analysis and response. Simplified subscription licensing and elastic cloud scalability streamline deployment, while future enhancements in endpoint and continuous threat exposure management (CTEM) will be incorporated into the FortiSOC experience.
Fortinet is also expanding FortiAI across FortiAnalyzer, FortiSIEM, FortiSOAR, and FortiSOC to transition from interactive copilots to agentic execution. This evolution connects telemetry, tools, and response actions across the SOC. Key enhancements include a dedicated agent that automates alert triage, investigation, threat hunting, and Model Context Protocol (MCP) support, ensuring continuity across detection, investigation, and response workflows.
FortiGuard SOC-as-a-Service: Strengthening Managed Coverage
For organizations requiring continuous monitoring and escalation, Fortinet has enhanced its FortiGuard SOC-as-a-Service. This extension of the unified SOC architecture incorporates Fortinet’s expertise and curated intelligence. Notable enhancements include support for third-party log sources for multivendor monitoring, expanded Security Fabric integrations, and FortiNDR telemetry to improve detection fidelity. Additionally, FortiCNAPP telemetry extends cloud visibility, bolstering investigation confidence across hybrid environments.
FortiEndpoint: Simplifying Endpoint Security in the AI Era
Endpoints continue to be a primary attack vector and a source of operational complexity. Fortinet’s unified endpoint security enhancements through FortiEndpoint aim to consolidate multiple endpoint products, reduce agent sprawl, simplify licensing and management, and strengthen protection against emerging threats, including potential misuse of AI applications.
Enhancements include a single-agent unification across Zero Trust Network Access (ZTNA), Secure Access Service Edge (SASE), Endpoint Protection Platform (EPP), Endpoint Detection and Response (EDR), and Data Loss Prevention (DLP), extending data protection without the need for additional agents. Fortinet has also introduced FortiAI-powered application visibility and control to detect and govern AI applications and their communications, thereby mitigating unsanctioned usage and data exposure risks. Enhanced EDR integration further streamlines management through a unified console and simplified licensing.
Enabling Faster and Smarter Security Operations
These innovations collectively advance Fortinet’s Security Operations platform by enhancing unified SOC modernization, previewing a transformative cloud SOC experience, expanding Agentic AI, improving managed coverage, and simplifying endpoint security. The result is a cohesive architecture that reduces operational complexity, accelerates investigations, and empowers organizations to defend against AI-driven threats at scale.
According to publicly available www.intelligentciso.com reporting.
For the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East: Middle East
