Fortinet Unveils FortiSOC Platform for Automated Security Investigations and Enhanced Cyber Resilience
Fortinet has announced the availability of its new FortiSOC platform, a unified cloud-delivered security operations center (SOC) solution designed to help organizations automate investigations and strengthen their cyber resilience. The platform brings together six key security operations functions into one Software-as-a-Service (SaaS) experience, embedding agentic AI to autonomously investigate and correlate alerts across assets and identities, then recommend or execute response actions under analyst oversight.
According to Fortinet's founder, president, and chief technology officer Michael Xie, the new platform is aimed at addressing the challenges faced by security teams today. 'Security teams are being challenged by faster attacks, growing investigation volume, and fragmented operations that simply don’t scale,' he said in a recent media statement.
FortiSOC combines proven Fortinet security operations (SecOps) technologies to help organizations simplify and scale modern operations through one console, one subscription, and one unified operating model. The platform is designed to support security teams of all sizes, from those building foundational capabilities to enterprises scaling advanced SOC environments.
The use of embedded AI in FortiSOC delivers the power of an AI SOC to customers, helping them eliminate complexity, automate threat detection and response, and stay a step ahead of attackers. This approach aligns with IDC research findings that organizations are increasingly prioritizing analyst workflow and investigation experience as well as cloud-delivered security operations.
Fortinet's senior research director for security and trust Michelle Abraham noted that FortiSOC builds on the company’s established security operations portfolio by combining proven technologies into a unified SaaS platform. This platform can support both foundational and advanced SOC use cases, making it an attractive solution for organizations at various stages of SecOps adoption.
FortiSOC is designed to simplify how organizations operationalize security operations by unifying key functions such as security information and event management (SIEM), security orchestration, automation, and response (SOAR), threat intelligence, behavioral and identity threat detection (ITDR) into a single platform. With agentic AI and FortiGuard Labs threat intelligence, the platform extends SecOps innovations introduced at Fortinet Accelerate 2026 by integrating analytics, investigation, automation, and response workflows into one cloud-delivered experience for modern environments.
The platform enables security teams to move from alert to investigation to response with reduced friction, fewer operational silos, and stronger cross-environment visibility. This is particularly beneficial in today's threat landscape where organizations need to respond quickly to emerging threats.
FortiSOC supports organizations at every stage of SecOps adoption, from resource-constrained teams establishing foundational monitoring capabilities to highly sophisticated and advanced SOC teams requiring deeper automation, broader correlation, and AI-assisted investigation at scale. The platform is built on proven Fortinet technologies that extend the journey through a cloud-delivered approach combining advanced cyber defense, essential network operations center (NOC) and IT visibility, and adaptable workflows.
FortiSOC offers organizations a streamlined entry into SecOps, modernizes legacy approaches, or scales large or mature environments without changing direction as requirements evolve. This flexibility is particularly valuable in today's fast-paced business environment where organizations need to adapt quickly to emerging threats and changing security needs.
The platform further differentiates itself through FortiAI-Assist, which applies autonomous investigation, AI-generated playbooks, and Model Context Protocol (MCP)-powered agent coordination across alerts, investigations, threat hunting, cases, and response actions. This approach leverages enterprise-wide telemetry and threat intelligence to coordinate activity across tools, workflows, and teams within the same platform.
FortiSOC unifies key security functions such as SIEM, SOAR, user and entity behavior analytics (UEBA), case management, threat intelligence, ITDR, and AI-driven operations within a single SaaS platform. By consolidating these capabilities, it enables security teams to leverage AI-driven speed, consistency, and visibility while reducing the operational burden of managing multiple tools.
A single console and subscription model helps organizations reduce procurement complexity, simplify daily operations, and optimize resource allocation, allowing security teams to focus on detecting and stopping threats more effectively. The platform is available with out-of-the-box best-practice detection methods, playbooks, and other content based on Fortinet’s global SOC operations.
Real-time threat intelligence from FortiGuard Labs, outbreak alerts, and monthly content updates help organizations keep pace with rapidly evolving cyber threats. Native integrations across the Fortinet Security Fabric and thousands of third-party connectors eliminate visibility gaps and support automated detection and response across security, IT, and business environments.
MCP support further extends these capabilities by enabling FortiAI-Assist to orchestrate and coordinate AI-driven tasks across FortiSOC, reducing manual handoffs and accelerating remediation efforts. The platform complements and expands the broader Fortinet SOC Platform portfolio of FortiAnalyzer, FortiSIEM, and FortiSOAR.
FortiSOC is designed to meet customer needs today while offering a smooth pathway for future evolution. As organizations modernize SecOps, analysts continue to see growing demand for integrated, cloud-delivered SOC platforms that simplify operations and reduce tool sprawl.