< ciso
brief />
Tag Banner

All news with #fortinet tag

220 articles · page 4 of 11

How AI Is Expanding Threat Intelligence and Exposure

🔍 For years defenders focused on a small set of frequently exploited CVEs, but AI and automation are widening the practical attack surface by making more vulnerabilities economically viable to probe. Fortinet telemetry and FortiGuard Labs research show attackers are using AI to accelerate reconnaissance, code adaptation, and deployment. Defenders must prioritize integrated platforms that correlate network, endpoint, and cloud telemetry with vulnerability data and threat intelligence to close blind spots and tie signals to business impact.
read more →

Fortinet Named a Challenger in Gartner 2026 CPS MQ

🔒 Fortinet has been named a Challenger in the 2026 Gartner Magic Quadrant for Cyber-Physical Systems (CPS) Protection Platforms. The recognition underscores the capabilities of the Fortinet OT Security Platform to secure converged IT/OT environments through deep OT visibility, protocol-aware segmentation, and integrated networking and security. Fortinet emphasizes unified management, ruggedized firewalls, secure SD-WAN, ZTNA, NAC, and AI-driven operations to reduce risk while preserving uptime and safety in industrial settings.
read more →

Fortinet Named Challenger in Gartner Magic Quadrant

🔒 Fortinet was named a Challenger in the 2026 Gartner Magic Quadrant for Cyber-Physical Systems Protection Platforms, highlighting recognition of the Fortinet OT Security Platform. The vendor positions its solution as a unified approach that delivers OT-aware controls—automated discovery, protocol visibility, segmentation, and ruggedized firewalls—while avoiding disruption to uptime and safety. Fortinet emphasizes integrated networking and security to reduce complexity and accelerate detection and response across converged IT/OT environments.
read more →

BCI’s Seven NSE 8 Engineers Define Real-World Mastery

🔒 BCI has seven Fortinet NSE 8 engineers, the highest concentration among partners globally, demonstrating hands-on mastery of design, implementation, and troubleshooting in complex security environments. These engineers come from diverse career paths but meet a single standard of practical execution under pressure. BCI positions NSE 8 as an operational benchmark that reduces architectural risk, accelerates response, and sustains long-term operability.
read more →

Fortinet at RSA 2026: Security Fabric Demos & Sessions

🔒 Fortinet will have a prominent presence at the RSA Conference (March 23–26, 2026) in San Francisco, showcasing the Fortinet Security Fabric at booth #N5762 and in featured sessions. Attendees can join three highlighted sessions addressing agentic AI defenses, APT abuse of networking devices, and large-scale cybercrime disruption. The booth features 40+ presentations, six interactive demo kiosks, an Experts Bar, and one-on-one meeting options. Fortinet customers can access complimentary Expo Hall passes or discounted full-conference registration.
read more →

Fake Enterprise VPN Installers Steal Company Credentials

🔒 A threat actor tracked as Storm-2561 is distributing spoofed enterprise VPN clients impersonating vendors such as Ivanti, Cisco, and Fortinet to harvest corporate VPN credentials. The campaign uses SEO poisoning to push victims to convincing fake vendor pages that link to a GitHub-hosted ZIP containing a malicious MSI installer. When run, the installer places a fake Pulse.exe, drops a loader (dwmapi.dll) and a Hyrax infostealer variant (inspector.dll), captures credentials and configuration files, then displays an installation error and redirects victims to the legitimate vendor site to avoid immediate suspicion.
read more →

Fortinet Announces 2025 Partner of the Year Winners

🏆 At Fortinet Accelerate 2026, Fortinet honored the 2025 Partner of the Year Award winners for outstanding contributions to secure networking, cloud modernization, OT protection, and managed services across the Americas, APAC, and EMEA. Winners — from global system integrators like HCLTech and NTT DATA to distributors such as TD SYNNEX and regional leaders — demonstrated excellence in customer success, innovation, and technical execution. The awards highlight partner adoption of the Fortinet Security Fabric to reduce complexity and converge networking and security for hybrid and distributed environments. Recognition also emphasized growth in Unified SASE, SecOps, MSSP offerings, and OT security implementations.
read more →

Fortinet Engage Partner Program Accelerates Platform Growth

🚀Fortinet has refreshed the Engage Partner Program to align partner rewards with platform-led customer outcomes across Secure Networking, Unified SASE, and AI-driven security operations. The update moves recognition beyond point-of-sale to lifecycle contributions such as architecture design, deployment, and managed services, and introduces clearer global tiers and specialization paths. Partners gain profitability incentives, expanded training (updated NSE content), and a new Partner Portal to streamline deal registration and operational workflows.
read more →

FortiGate Firewall Exploits Lead to Service Account Theft

🔒 Security researchers warn of a campaign abusing FortiGate Next-Generation Firewall appliances to extract service account credentials and network configuration files. Attackers exploited disclosed vulnerabilities (for example, CVE-2025-59718, CVE-2025-59719, CVE-2026-24858) or weak credentials to create persistent admin accounts and loosen firewall policies. Compromised service accounts were used to authenticate to Active Directory, enroll rogue workstations, and enable lateral movement prior to detection.
read more →

AI-Assisted Automation Enables Large-Scale Password Spraying

🔐 Fortinet investigated recent reports of AI-assisted attacks and found no exploitation of FortiGate vulnerabilities; attackers instead exploited exposed management ports and weak single-factor credentials using automated password spraying. The novel concern is that conversational AI prompts and cloud resources can now automate target discovery, credential guessing, vulnerability assessment, and exploitation at scale with no coding required. Fortinet stresses defense-in-depth and rapid remediation.
read more →

Fortinet: Gartner Peer Insights Customers' Choice - 7 Years

🏆 Fortinet has been named a Gartner Peer Insights™ Customers’ Choice for SD‑WAN for the seventh consecutive year, reflecting sustained customer confidence. In the February 2026 Voice of the Customer report, Fortinet Secure SD‑WAN earned a 4.8/5 overall rating and a 96% willingness to recommend based on 202 verified reviews through December 31, 2025. Customers highlight integrated networking and security via FortiOS, ASIC-accelerated performance, and centralized orchestration with FortiManager as key differentiators in deployment, support, and operational simplicity.
read more →

Reach the Peak of Cybersecurity Expertise with NSE 8

🔒 The Fortinet NSE 8 Cybersecurity Expert credential represents the pinnacle of technical achievement within Fortinet’s certification program, validating deep design, configuration, and troubleshooting skills for complex enterprise environments. Candidates must demonstrate theoretical, conceptual, and practical mastery, plus extensive real-world experience and continuous learning. The article highlights Swedish partner Avoki, which now counts four NSE 8s among its senior engineers, and notes the company’s 2026 integration into iteam. Readers are invited to sign up for an ebook launching March 17 to learn more about paths to NSE 8.
read more →

FortiAIGate: Runtime Protection for AI Workloads, Governance

🔒 FortiAIGate provides dedicated runtime protection for private AI and LLM deployments by monitoring every input and output between applications and models. It detects and blocks threats such as prompt injection, jailbreaking, model poisoning, data exfiltration, and excessive compute abuse while enforcing governance policies in real time. Built for Kubernetes and hybrid environments, it integrates with Fortinet Security Fabric, offers dashboards mapping OWASP Top 10 LLM risks, and uses multi‑GPU and SmartNIC acceleration to preserve performance and control costs.
read more →

Open-Source CyberStrikeAI Deployed in FortiGate Attacks

🚨 Security researchers say an open-source, AI-native offensive platform called CyberStrikeAI was used to automate mass scanning and exploitation of Fortinet FortiGate appliances, contributing to compromises of more than 600 devices across 55 countries. Team Cymru traced activity to a Russian-speaking actor after analyzing an IP address and observed 21 unique IPs running the tool between January 20 and February 26, 2026. The tool's GitHub maintainer, known as Ed1s0nZ, has published a range of exploitation and AI-jailbreak utilities and shows interactions with organizations linked to Chinese state cyber capabilities.
read more →

CyberStrikeAI Adopted by Hackers for AI-Powered Attacks

🔍 Researchers warn that the open-source platform CyberStrikeAI was observed on infrastructure linked to a recent campaign that compromised hundreds of Fortinet FortiGate devices. Team Cymru analysts identified the service banner on port 8080 at 212.11.64[.]250 and saw communications between that host and targeted FortiGate appliances. The platform integrates over 100 security tools with AI agents to automate end-to-end attack chains, enabling lower-skilled operators to carry out complex exploitation.
read more →

Monthly Security Roundup — February 2026 Highlights

🔒 In February 2026 ESET Chief Security Evangelist Tony Anscombe highlights a series of notable incidents: widespread misuse of commercial generative AI, a novel Android malware campaign, increased ATM jackpotting, and destructive attacks against critical infrastructure. Researchers tied more than 600 compromised FortiGate devices in 55 countries to exposed management ports and weak credentials, while ESET documented PromptSpy, the first known Android malware abusing generative AI for context-aware UI manipulation. The FBI warned US ATM operators about a rise in jackpotting, and ESET analyzed a DynoWiper case targeting an energy company. Businesses are urged to strengthen access controls, enforce MFA, close exposed management ports, and improve monitoring for GenAI-related abuse.
read more →

From Classroom to Cyber Career — Fortinet and UniSA

🔐 Fortinet's Academic Partner Program partners with the University of South Australia to expand access to cybersecurity careers by delivering NSE training, hands-on labs, and free exam vouchers that remove financial barriers. With more than 800 partner institutions worldwide and a goal to train 1 million individuals by 2026, the initiative readies students for internships and full-time roles. Industry networking events with distributors such as Wavelink translate certification into interviews and hires, while practical lab work builds technical confidence and employability.
read more →

Cyber Resilience Requires People, Skills, and Training

🛡️ The 2025 Global Cybersecurity Skills Gap Report shows that human risk and workforce shortages—not technology alone—are driving frequent, costly breaches: in 2024, 86% of organizations experienced at least one breach and 28% reported five or more. Awareness deficits, phishing, and skills gaps account for most incidents, so training must be preventive, continuous, and role-based. Fortinet pairs security products with a broad training and certification program to help organizations close these gaps and improve detection, response, and recovery.
read more →

FortiGate-as-a-Service: Performance-First Managed Firewall

🔒 FortiGate-as-a-Service (FGaaS) delivers full FortiGate firewall capability as a cloud-hosted, consumption-based service running on purpose-built Fortinet hardware in Fortinet-managed, ISO- and SOC 2-certified data centers. It combines the performance and deep inspection of on-prem FortiGate with unified management, FortiGuard threat services, and optional SOC/MSSP-managed operations for faster deployment and predictable OpEx pricing.
read more →

Unmasking Agent Tesla: Multi-Stage Campaign Analysis

🔍 This Fortinet analysis dissects a recent multi-stage campaign deploying Agent Tesla, which targets Windows users with credential theft and keylogging. The chain uses spearphishing with RAR attachments containing obfuscated JSE loaders that fetch encrypted PowerShell scripts and reflectively load .NET assemblies in memory. Operators leverage process hollowing, virtualization and sandbox checks, and SMTP-based exfiltration to minimize detection. Fortinet telemetry and cross-product protections are highlighted to help organizations mitigate the threat.
read more →