Fortinet's Rafi Wanounou for Are you part of the Stratejm mesh?

Speaker: Rafi Wanounou, rwanounou@fortinet.com, FORTINET

Rafi Wanounou: When we have large vast and complex networks where we're monitoring all the inbound outbound traffic user activity and all the various entry points potentially into the network. What happens is a vast amount of data gets generated and really the secret, the where your adversary is hiding is in that data. And what stratagem does is has the automation, the tools and ea I to actually look into that vast treasure trove of data and determine exactly where your adversary is. Why are they hiding? Where are they hiding? And what are they trying to achieve? What data are they trying to exfiltrate from your network? This is really the fundamental challenges. We are generating vast amounts of data and we need the ability using automation and A I to find literally the needle in the haystack. And that is what strategy provides.

Rafi Wanounou: We're actually really on the cusp of a of a massive evolution in cyber with the mesh. What that means is every piece of the network will be interconnected and speak to other components of the network. What that will allow us to do is instantly respond to attacks and instantly be able to use A I and automation to stop our adversaries before they're able to either compromise the network or exfiltrate data. So we are on the cusp of joining the wireless to the network, to the firewalls, to the end point to all of those pieces coming together. And the future is going to be in the ability of the end user to ingest that data and actually find out within that data, what the adversary is trying to do and where they're hiding. This is, it's a bright future. It's going to be a little bit of a complicated future, but it's gonna involve automation A I and it's really going to allow us to elevate our security posture.

Rafi Wanounou: You know, if we take a look back at some of the recent breaches and some of the challenges that large enterprises have had. Um globally, we know a couple of things. One, the adversary is very specific in terms of what systems they want to target and potentially what information they want to exfiltrate or actually use to hold this ransom against the attacking. Two know that in all cases, the adversary was detected by a system or potentially multiple systems, the end user or the victim was not able to amount with that information and determine that there was an adversary actively attacking the network. So the question is how does strategy of cybersecurity must reduce the risk for business? It's that automation. It said A I overlay. It said overlay over the constant drumbeat of alerts and logs and data. The purpose of those 24 7 minutes is to tell you, hey, we have detected an adversary. Please investigate before the adversary can actually take hold into the network. OK. So that is really where the risk is the risk is that the tools are there. We're generating a vast treasure trove of data. The challenge becomes actually parsing that data and understanding where the adversary has entered the network and how long they have been there for that is risk reduction. Um That strategy brings and that is a significant elevation in your security posture that stratagem intelligence and A I brings to the full, where is the adversary? What did they get in? How long have they been there? And how can we automatically block that adversary via the mesh from pivoting across the network and potentially compromising systems?