Operational Technology constitutes one of the most rapidly expanding sectors within Fortinet, encompassing a diverse range of segments such as electric utilities, water/waste water management, manufacturing, transportation, retail, and finance, among others. This course offers an insightful journey into the evolution of our connected environment, highlighting the initial lack of security measures and the distinctive elements that differentiate operational networks from Information Technology (IT). The curriculum includes an in-depth exploration of Operational Technology (OT) switch networks and the MODBUS protocol, coupled with practical guidance on utilizing the Industrial Security Services within the FortiGate to analyze and regulate traffic.

FortiAnalyzer introduces new SOC features aimed at streamlining detection, correlation, investigation, and remediation processes. Participants will learn to leverage the Incident component of FortiAnalyzer, enabling them to manually or automatically raise incidents from detected events. Incident management can be initiated from the FortiAnalyzer SOC dashboard, with on-demand threat indicator enrichment configured via playbooks. Containment can be propagated through playbook connectors, and threat data can be pushed to a threat feed hosted on Fortinet's central management platform, FortiManager. FortiGates can then automatically block newly detected threat indicators identified by FortiAnalyzer. The integration and efficiency of these SOC correlations and remediations are particularly valuable when scaled across numerous devices.