Fortinet launches FortiSOC, a unified SOC platform powered by agentic AI

Fortinet has launched FortiSOC, a cloud-delivered security operations centre (SOC) platform that unifies six core security functions into a single SaaS experience. The new platform combines AI-driven investigations, threat detection, automation, and response workflows to help organisations simplify and scale modern security operations.

The platform embeds agentic AI that can investigate alerts, correlate activity across assets and identities, and recommend or execute response actions under analyst supervision. As a result, security teams can respond faster while reducing operational complexity.

One platform for modern security operations

FortiSOC combines several key security operations capabilities into one platform, including:

• Security information and event management (SIEM)
• Security orchestration, automation, and response (SOAR)
• Threat intelligence
• User and entity behaviour analytics (UEBA)
• Identity threat detection and response (ITDR)
• Case management and AI-driven operations

In addition, FortiSOC integrates analytics, investigation, automation, and response workflows into a single cloud-delivered environment. The platform also leverages intelligence from FortiGuard Labs to strengthen threat detection and response.

Michael Xie, Founder, President, and Chief Technology Officer at Fortinet, said:

“Security teams today are being challenged by faster attacks, growing investigation volume, and fragmented operations that simply don’t scale.

FortiSOC gives organisations a simpler way to operationalise the SOC capabilities they need through a unified, cloud-delivered platform designed to support security teams of all sizes, from teams building foundational capabilities to enterprises scaling advanced SOC environments.

With embedded AI, integrated workflows, and built-in best practices informed by Fortinet’s own global security operations centre, FortiSOC delivers the power of an AI SOC to help customers eliminate complexity, automate threat detection and response, and stay a step ahead of attackers.”

Supporting every stage of the SOC journey

Fortinet designed FortiSOC to support organisations at every stage of their security operations journey.

Smaller teams can use the platform to establish foundational monitoring and response capabilities. Meanwhile, larger organisations can leverage advanced automation, AI-assisted investigations, and deeper threat correlation across complex environments.

Furthermore, FortiSOC builds on established Fortinet security technologies while delivering them through a simplified cloud-based model. Organisations can modernise legacy security operations, streamline workflows, and scale their environments without changing platforms as requirements evolve.

FortiAI-Assist drives AI-powered investigations

A key differentiator is FortiAI-Assist, which provides autonomous investigations, AI-generated playbooks, and coordinated response workflows.

The technology uses model context protocol (MCP)-powered agent coordination to connect alerts, investigations, threat hunting, case management, and response actions. Consequently, security teams can reduce manual effort while maintaining visibility and control.

FortiAI-Assist also draws on enterprise-wide telemetry and threat intelligence. Therefore, organisations can coordinate security and IT operations more effectively across departments and systems.

Key benefits of FortiSOC

One platform, total control

FortiSOC unifies SIEM, SOAR, UEBA, case management, threat intelligence, ITDR, and AI-driven operations within a single SaaS platform. As a result, security teams gain greater visibility and consistency while reducing tool sprawl.

One subscription, less complexity

A single subscription and management console simplify procurement and operations. Consequently, organisations can improve resource allocation and focus more attention on stopping threats.

Connected by design and built to scale

FortiSOC integrates natively with the Fortinet Security Fabric and thousands of third-party connectors. In addition, MCP support allows FortiAI-Assist to coordinate AI-driven workflows across multiple systems and environments.

Ready from day one

Fortinet provides out-of-the-box detection content, response playbooks, and best-practice workflows based on its own global SOC operations. Additionally, FortiGuard Labs delivers real-time threat intelligence, outbreak alerts, and monthly content updates.

Expanding the Fortinet SOC platform

FortiSOC complements Fortinet’s broader SOC portfolio, which includes FortiAnalyzer, FortiSIEM, and FortiSOAR.

Rather than replacing existing products, FortiSOC brings these capabilities together in a unified cloud-based platform. Customers who prefer dedicated solutions can continue using existing offerings, while organisations seeking a consolidated SaaS model can adopt FortiSOC.

Together, these solutions form the Fortinet SOC Platform and provide flexible deployment and purchasing options that can adapt as customer requirements change.

Industry demand for cloud-delivered SOC platforms

Industry analysts continue to see strong demand for integrated security operations platforms that reduce complexity and improve analyst productivity.

Michelle Abraham, Senior Research Director, Security and Trust at IDC, said:

“IDC research shows that organisations are increasingly prioritising analyst workflow and investigation experience as well as cloud-delivered security operations as they work to improve visibility, streamline processes, and accelerate response.

FortiSOC builds on Fortinet’s established security operations portfolio by combining proven technologies into a unified SaaS platform that can support both foundational and advanced SOC use cases.”

Additional resources

• Read more about FortiSOC.
• Learn more about the Fortinet Security Fabric.
• Explore the Fortinet Open Ecosystem.
• Visit Fortinet Trust for information on innovation, product security, and collaboration.
• Read customer success stories.
• Learn more about Fortinet’s product security and vulnerability disclosure programs.
• Follow Fortinet on X, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube.

Stay Informed With Cyber News Live

Cyber threats are constantly evolving, and staying informed is critical to protecting your organisation.

Follow Cyber News Live for the latest cybersecurity news, threat intelligence, expert analysis, and practical guidance to help strengthen your cyber defences.