FortiSIEM 7.5 Powers the Modern SOC with Agentic AI and Data Sovereignty Compliance

Security operations centers (SOCs) are increasingly defending against the sophistication and speed of AI-enabled attackers. At the same time, data and operational sovereignty concerns can make it difficult for multinational organizations to operate an effective centralized SOC. To meet these needs, the latest release of FortiSIEM introduces improved threat detection, agentic-AI-powered incident management, and data sovereignty compliance options for multinational SOC operations.

FortiAI-Assist Agentic AI Powers Incident Management

FortiSIEM 7.5 introduces agentic AI to accelerate and simplify incident investigation and response, as well as a broad range of FortiSIEM analyst activities, by invoking intelligent agents capable of complex multi-step tasks. New FortiSIEM agents include:

• Investigation assistant: Creates and executes a complete in-depth analysis and report on incidents, including evidence enrichment, chain of attack, impact assessment, related incidents, and recommended actions
• Companion assistant: Responds to analyst prompts to carry out complete natural language search, threat hunting, and other FortiSIEM functions

FortiAI-Assist is a core feature of all Fortinet SOC Platform products as well as many other products across the Fortinet portfolio.

Data Sovereignty Options Meet Compliance Requirements

Increasingly sophisticated cyberthreats and rising geopolitical concerns are making regional data localization a priority for many organizations. Yet the most effective cybersecurity strategies typically depend on a centralized SOC for threat detection and response. FortiSIEM now enables these organizations to implement a central SOC strategy while complying with regional data sovereignty requirements. This new capability provides centralized incident management and all FortiSIEM functions transparently across domains while preserving localized data collection and storage.

Unlimited Agent-Based IT and OT Monitoring Improves Detection

Deploying endpoint agents maximizes the visibility and threat detection capabilities of a SIEM, yet is often an overlooked feature because of perceived cost or complexity. FortiSIEM now offers a powerful IT and OT Windows agent free of charge. Additionally, this new agent does not require centralized management, so it can also be used to monitor OT environments that support only data-diode-based communications.

Additional FortiSIEM 7.5 Features

The new release includes several other new and enhanced features, including:

Streamlined user experience

Version 7.5 includes a reimagined user experience that streamlines screen layouts and improves navigation.

Federated search enhancements

Federated search across independent data sources has become an operating requirement of a modern SOC. The robust federated search capabilities of FortiSIEM have now been enhanced to support a standardized search syntax and playbooks across data sources, further simplifying and automating threat hunting and other activities.

Data pipeline enrichment

New real-time event tagging allows custom event enrichment during data pipeline processing. Tags can be used in many ways, including to trigger custom detection rule logic and playbooks.

Advanced agent templates

New customizable templates simplify and speed the configuration of FortiSIEM Advanced Agent features, such as file integrity monitoring and event collection.

Osquery for Linux

The deep endpoint monitoring and forensics capabilities of Osquery are now available for Linux and Windows systems.

More Capabilities Coming Later in Q1 2026

Customers can expect expanded pipeline management capabilities, agentic AI expansions, and other enhancements in the next FortiSIEM release later this quarter. Additional product updates will be released throughout the year.

Experience FortiSIEM 7.5 Today

FortiSIEM supports the advanced IT and OT security analytics, AI-driven capabilities, and solution scalability that today’s modern enterprises and managed security service providers require. Its unique features include:

• A comprehensive IT/OT CMDB with asset discovery and performance monitoring
• UEBA and other advanced detection analytics powered by FortiGuard Labs intelligence
• An intuitive user experience based on built-in automation, prebuilt playbooks, and FortiAI-Assist, the Fortinet GenAI assistant
• High-performance distributed processing, multitenancy, and MSSP features
• Flexible pricing and deployment options to suit customers from SMBs to large enterprises
  
  

FortiSIEM is part of the flexible Fortinet SOC Platform, which includes FortiSIEM, FortiAnalyzer, FortiSOAR, and SOC-as-a-Service. The SOC Platform is designed to meet the unique needs of security teams ranging from small IT and security departments to advanced teams managing enterprise SOC operations. Fortinet enables these organizations to minimize detection and response times with real-time visibility, GenAI assistance, and solutions and services that can scale as the business grows.

Learn more about FortiSIEM or contact your Fortinet account team or authorized partner to request a demonstration.