Fortinet's new FortiSOC platform combines security operations functions into a unified cloud-delivered SaaS platform with embedded AI for threat investigation and response.
Fortinet has announced the availability of FortiSOC, a unified cloud-delivered security operations center (SOC) platform designed to consolidate multiple security operations capabilities into a single Software-as-a-Service (SaaS) experience.
The new platform combines six security operations functions into one console and one subscription while embedding agentic AI to investigate and correlate alerts across assets and identities. Fortinet said the platform can recommend or execute response actions under analyst oversight and is built on the company's existing security operations technologies.
According to Fortinet, FortiSOC unifies security information and event management (SIEM), security orchestration, automation and response (SOAR), threat intelligence and identity threat detection and response (ITDR) into a single platform. The company said the platform integrates analytics, investigation, automation and response workflows to reduce operational silos and improve visibility across environments.
"Security teams today are being challenged by faster attacks, growing investigation volume, and fragmented operations that simply don't scale," said Michael Xie, founder, president and chief technology officer at Fortinet. "FortiSOC gives organizations a simpler way to operationalize the SOC capabilities they need through a unified, cloud-delivered platform designed to support security teams of all sizes, from teams building foundational capabilities to enterprises scaling advanced SOC environments."
Fortinet said the platform is intended to support organizations at every stage of security operations adoption, from teams establishing foundational monitoring capabilities to mature SOC environments requiring broader automation, deeper correlation and AI-assisted investigation.
The company said FortiAI-Assist extends the platform with autonomous investigations, AI-generated playbooks and Model Context Protocol-powered agent coordination across alerts, investigations, threat hunting, case management and response actions. Using enterprise telemetry and threat intelligence, Fortinet said the AI capabilities help coordinate workflows across tools, teams and security and IT systems.
Among the platform's capabilities, Fortinet highlighted unified management of SIEM, SOAR, user and entity behavior analytics, case management, threat intelligence, ITDR and AI-driven operations through a single SaaS platform. The company also said a single subscription model is designed to simplify procurement and daily operations while reducing the need to manage multiple tools.
Fortinet said FortiSOC includes out-of-the-box detection methods and playbooks based on its own global security operations center along with FortiGuard Labs threat intelligence, outbreak alerts and monthly content updates. The platform also features native integrations across the Fortinet Security Fabric and thousands of third-party connectors to support automated detection and response across security, IT and business systems.
The company said FortiSOC complements its existing Fortinet SOC Platform portfolio, including FortiAnalyzer, FortiSIEM and FortiSOAR, by providing a unified cloud-based deployment option. Fortinet said those existing products will continue to be enhanced and available while offering customers multiple pathways for adopting security operations technologies.
Michelle Abraham, senior research director for security and trust at IDC, said organizations are increasingly prioritizing analyst workflow, investigation experience and cloud-delivered security operations to improve visibility, streamline processes and accelerate response. She said FortiSOC combines Fortinet's existing security operations technologies into a unified SaaS platform that supports both foundational and advanced SOC use cases.