RAM² - Fortinet Integration
OTORIO RAM² mitigates security risks in industrial networks and makes the digital journey safer. The integration with Fortinet provides both cyber risk management capabilities and security protection.
As industrial internet technology (IT) and operational technology (OT) systems converge, creating an ever-connected, modernized production floor, organizations are facing expanded attack surfaces. The more digitally advanced an organization becomes, the more susceptible it is to cyberattacks, making secure digital operations a top challenge facing the industry today.
Fortinet and OTORIO have established a technology partnership to address this challenge and enable secure industrial growth with the Fortinet FortiGate next-generation firewall and FortiSIEM with RAM2, the OTORIO Industrial SOAR (Security Orchestration, Automation, and Response) platform. Customers benefit from advanced cyber risk management capabilities from OTORIO, while leveraging the best validated security protection in the industry from Fortinet.
The Fortinet and OTORIO Joint Solution
The OTORIO RAM2 platform automates security orchestration and response by integrating with leading security systems. Together, RAM2 and FortiGate provide continuous cyber risk assessment of the OT network using Fortinet Security Fabric APIs. The OTORIO security engine correlates events from FortiGate with data and events from multiple security and industrial systems to generate insights about how to prevent risk and alert about security incidents that may otherwise be missed.
The OTORIO RAM2 platform empowers the security operations team to immediately and intelligently mitigate threats, while the generated alerts enrich FortiSIEM and secure converging OT and IT environments.
Joint Solution Benefits
Secure Industrial IT/OT Convergence Through Automated Security Orchestration and Response
OTORIO RAM2 is a centralized, simplified, and automated industrial cyber risk management solution. It is an unparalleled SOAR platform, drawing from industrial and security data sources to automate and coordinate converged IT-OT security tasks for rapid remediation and response. The RAM² platform easily integrates with a variety of production floor data sources (e.g., antivirus and firewall) and uses an industrial-intuitive UX/UI that can be operated by production operational personnel.
Non-intrusive, meaning it does not interfere with production by utilizing existing solutions
Industrial native design specifically for operations, considers the business impact while simplifying security tasks
Risk impact assessment of operational and business impact for operations and management
Improved collaboration between operational and cybersecurity teams
Unified tool for the operational team centralizes OT security systems in one place
Full visibility into production floor status
Prioritized, actionable, smart mitigation that suggests remediation playbooks to help prevent potential attacks and reduce manual processes
Continuous, integrated threat intelligence based on unique industrial control systems vulnerabilities
Continuous assessment of the attack surface
OTORIO RAM² includes an advanced threat-intelligence database with vulnerabilities unique to industrial systems in the OT network. RAM² integrates with FortiGate to collect firewall events and configuration rules that are used in the creation of the OT network’s digital twin. RAM² simulates an attack graph based on the network topology, considers the operational and business impact of the affected assets and operational processes, and determines the asset vulnerabilities. It identifies the highest risks to operational continuity and suggests the most impactful configuration changes in segmentation and firewall rules for virtual patching. The joint Fortinet and OTORIO solution enables an alternative method for mitigation, which is critical for operational continuity.
Converged OT-IT SOC
OTORIO RAM² enhances FortiSIEM as an industrial IT solution by providing a single point for all security alerts from the OT network. RAM² orchestrates industrial systems and protocols to collect data and correlate it for the generation of OT-specific alerts.
Security teams can manage a unified priority queue of the alerts with FortiSIEM. The RAM² feeds FortiSIEM with alerts in a unified format that complements IT data with additional insights regarding industrial assets within operational processes. Together, these solutions add important industrial context that reflects potential impacts on operational continuity, hence bridging the gap between the operational team and the cyber analysts.