Smart SOAR Integration

Robust out-of-the-box integrations with FortiSIEM and FortiGate provide security teams with seamless security incident and data breach responses. Workflow and reporting silos, manual and repetitive work and cost and complexity are eliminated with a security fabric that truly unifies prevention, detection, enrichment, and response.

Integration Capabilities
FortiSIEM Automatically ingest, triage, and respond to FortiSIEM alerts.
FortiGate Ingest FortiGate alerts and orchestrate FortiGate’s firewall policy management and IOC blacklisting with a full range of actions from across your security infrastructure.

Key Use Cases


Alarm Enrichment and Response

Phishing, malware, and brute force attacks can upend your security team by requiring analysts to gather contextual data and resolve the threat while dealing with screen-switching, data silos, and a lack of up-to-date information. By combining FortiSIEM for threat detection with Smart SOAR for incident enrichment and response, you can automatically escalate real threats to incident status in Smart SOAR and assess their criticality through data enrichment and analysis. Smart SOAR can then trigger an automated response playbook or guide human analysts efficiently through manual steps, all within a single window.

Automated Network Traffic Investigation

Analyzing network traffic requires analysts to investigate several information sources, including dense log and event data. Stitching this information together to form timelines and investigative insights is difficult and highly manual, delaying corrective action and increasing the risk to the organization. To carry out investigations with Fortinet and Smart SOAR, analysts can use pre-built commands in Smart SOAR to rapidly gather alarm details, event logs, statuses, and other data from FortiGate and FortiSIEM. Similar commands are available for hundreds of other tools, giving investigators a centralized console for complex, end-to-end incident investigations.

Meet Our Friends

Our Connected SOAR Security Alliance brings hundreds of vendors together, allowing customers to benefit from our deep industry relationships and fully vendor-agnostic, independent SOAR platform.

X Fortinet Integration

Get Started with D3 Security

One platform to stop alert overwhelm. Transform how your security team works, by focusing its resources on real threats.