Perimeter defenses for OT environments are nothing new, but cybercriminals are getting better at bypassing traditional defenses like firewalls, IDS and IPS.

Once the cybercriminals have compromised these perimeter defenses and are active in the OT environment, they’re able to hide in network blind spots, operate using encrypted traffic, and target critical systems. But what if we could turn this behavior to our advantage and stop the attackers before they’ve completed their mission?

During this session, Fortinet will discuss and demonstrate how network detection and response uses these perceived attacker strengths against them and how SOC teams can hunt for attackers during pre- and post-compromise phase while leveraging the power of AI, ML, and network metadata analysis.

Topics include:

• NDR’s ability to operate agentless and provide asset and network visibility across the IT/OT networks
• How network metadata is the best way to detect early signs of compromise through leveraging Application Control and IPS for OT applications and protocols
• The importance of OT-specific threat detection and analysis leading to faster response to known and unknown threats across the IT/OT environments
• Demonstrate how FortiNDR lets SOC teams analyze malware and file-based threats in the OT networks and respond to these threats effectively
• AI and ML based canned packages for detecting known OT threats e.g., Industroyer, CosmicEnergy, and more
• Virtual Security Analyst to support SOC automation
• Fortinet Security Fabric integration for end-to-end security