Fortinet expands FortiRecon with CTEM capabilities to help security teams spot and stop cyber threats sooner

Fortinet has upgraded its FortiRecon platform with capabilities aligned to the Continuous Threat Exposure Management (CTEM) framework, aimed at helping organizations anticipate and mitigate cyber threats more effectively. The enhanced features bring together attack surface management, threat intelligence, and security orchestration, enabling security teams to identify exposures sooner and reduce risk faster through a more proactive approach.

These enhancements help organizations proactively identify and prioritize real-world exposures, validate risks like an attacker would, and accelerate response, ultimately reducing the likelihood and impact of breaches.

“CISOs and security teams are overwhelmed by growing attack surfaces and an endless stream of unprioritized alerts,” said Nirav Shah, senior vice president of products and solutions at Fortinet. “With the latest enhancements to FortiRecon, we’re giving organizations an attacker’s eye view of their internal and external exposures, backed by AI-powered threat intelligence from FortiGuard Labs, real-world validation, and automated response. This allows organizations to cut through the noise, focus on what matters most, and measurably reduce risks and vulnerabilities before attackers can exploit them.”

The announcement comes amid growing demand for exposure-driven security strategies as organizations struggle to manage expanding attack surfaces, alert fatigue, and fragmented security operations. 

According to Gartner, “By 2026, organizations prioritizing their security investments based on a continuous exposure management program will be three times less likely to suffer from a breach.”

FortiRecon, in combination with its integration to the Fortinet AI-Driven Security Operations Center (SOC) platform, now delivers capabilities across the five pillars of the Gartner CTEM framework, scoping, discovery, prioritization, validation, and mobilization, enabling organizations to operationalize these pillars within a single, tightly integrated platform and drive coordinated remediation efforts across security and IT teams. 

The latest FortiRecon enhancements expand its ability to monitor and manage an organization’s attack surface by continuously delivering an adversary’s view of both internal and external digital assets. 

The update adds National Vulnerability Database (NVD) severity ratings alongside FortiRecon Active Exploitation severity ratings, enabling faster and more informed patching decisions. Its adversary-centric intelligence provides actionable insights from dark web activity, ransomware intelligence, leaked credentials, vulnerabilities actively exploited in the wild, and at-risk vendors, with new capabilities for bulk indicator of compromise (IOC) downloads and stealer infection details to accelerate SOC workflows and improve breach detection. 

FortiRecon’s brand protection capabilities detect and take down domain impersonations, rogue mobile apps, phishing campaigns, and executive targeting, using proprietary algorithms to identify fake phishing domains, brand and executive impersonations, malicious applications in multiple app stores, data leaks in code repositories, open bucket exposures, and other threats to an organization’s reputation. Security orchestration features leverage automated playbooks to investigate and respond to threat findings, reducing response times by prioritizing incidents and streamlining security workflows.

Existing FortiFlex customers may use their FortiFlex credits to deploy FortiRecon Cloud. FortiFlex offers usage-based licensing with the security industry’s broadest catalog for customers with dynamic hybrid and multi-cloud environments and MSSPs. When purchased through major cloud marketplaces, FortiFlex can also help customers meet cloud committed spend obligations.

“FortiRecon has elevated the way we deliver managed security services. It enables our teams to provide clients with continuous, contextualized risk insights not just alerts,” Paul Cragg, CTO at Norm Cyber, said. “We’re now able to prioritize remediation based on business impact, helping our customers reduce risk faster while demonstrating measurable security outcomes. It’s a key differentiator in how we build long-term trust and value.”

source:
https://industrialcyber.co/news/fortinet-expands-fortirecon-with-ctem-capabilities-to-help-security-teams-spot-and-stop-cyber-threats-sooner/

Fortinet launches new cloud services for identity and storage

Fortinet Inc. (NASDAQ: FTNT) announced an expansion of its FortiCloud platform with three new services targeting enterprise identity management, file storage, and communications.

The cybersecurity company introduced FortiIdentity, a cloud-delivered identity and access management solution that provides single sign-on, multifactor authentication, and identity federation capabilities. The service supports FortiToken Mobile, FIDO2 passkeys, and SAML/OIDC standards.

 

Fortinet also launched two beta services: FortiDrive for secure file storage and collaboration, and FortiConnect for unified communications including calling, messaging, and meetings. Both services integrate with the company's existing Security Fabric platform.

"FortiIdentity, FortiDrive, and FortiConnect, are key milestones in our vision to build a unified global cloud network that brings enterprise-grade security directly into the way teams manage access, store, share, and communicate," said Michael Xie, Founder, President, and Chief Technology Officer at Fortinet.

The services operate on Fortinet's global infrastructure, which includes company-owned data centers in Atlanta, Chicago, New York, Plano, Frankfurt, Sydney, and Torija, Spain. The company also utilizes over 160 points of presence through providers including Google Cloud, AWS, and Digital Realty.

FortiDrive features encryption, granular access controls, real-time collaboration capabilities, version history tracking, and policy-based compliance enforcement. FortiConnect integrates with FortiDrive and includes AI-powered threat intelligence from FortiGuard Labs.

The new services join Fortinet's existing cloud portfolio that includes FortiSASE, FortiAppSec, FortiCNAPP, FortiSOC, FortiMail, and FortiAIOps, all accessible through the FortiCloud centralized portal.

source:
https://www.streetinsider.com/Corporate+News/Fortinet+launches+new+cloud+services+for+identity+and+storage/25155984.html

How Fortinet FortiOS Expands Protection for the Quantum Era

As quantum threats loom, Fortinet’s FortiOS 7.6 is empowering firms with built-in quantum-safe security, facilitating a seamless post-quantum transition

 

Despite safeguarding sensitive data for decades, traditional encryption methods are under threat as the rise of quantum computing continues.

Quantum computers, capable of processing vast calculations at speeds impossible for today’s classical systems, are set to render standard encryption algorithms obsolete, posing a transformative challenge to current cybersecurity defences.

In light of this shift, some cybercriminals are adopting “harvest now, decrypt later” tactics, stockpiling encrypted data today in the hope of breaking it once quantum power becomes available. 

This means organisations in sectors like financial services, healthcare, telecommunications, and government — where data sensitivity is exceptionally high and its value persists over time — quantum-resilient cybersecurity is an immediate necessity.

Introducing Fortinet FortiOS

FortiOS is the foundation of Fortinet’s Security Fabric, delivering a unified and high-performance cybersecurity platform that seamlessly converges security and networking functions. 

Fortinet has expanded FortiOS, its flagship operating system, to provide advanced defences against quantum-enabled cyber threats. 

With the release of FortiOS 7.6, organisations leveraging FortiGate Next-Generation Firewall (NGFW) and Fortinet Secure SD-WAN now access built-in quantum-safe features.
The new key quantum-safe innovations in FortiOS are:
Post-Quantum Cryptography (PQC): FortiOS integrates National Institute of Standards and Technology (NIST)-approved post-quantum cryptographic algorithms, including ML-KEM, as well as promising contenders like BIKE, HQC and Frodo. These methods are designed to resist the computational power of quantum attacks.
Quantum Key Distribution (QKD): Leveraging quantum mechanics principles, QKD enables secure key exchange by ensuring any eavesdropping is immediately detectable. Since FortiOS 7.4, the system supports plug-and-play integration with leading QKD vendors via standardised interfaces, underlining Fortinet’s commitment to quantum-resilient infrastructure.

1. Algorithm stacking: By combining multiple cryptographic algorithms, FortiOS algorithm stacking strengthens network defences, making unauthorised decryption significantly more complex — even for quantum adversaries.
2. Hybrid security mode: This allows a gradual, seamless transition between traditional public-key cryptography and new quantum key technologies, giving organisations time to adapt without disruption.
3. User-friendly management: FortiOS introduces an enhanced interface that demystifies the configuration of quantum-safe settings, empowering network administrators to implement robust protections without needing deep quantum expertise.

“At Fortinet, we’re committed to arming customers with cutting-edge technology to protect against new and emerging threats,” Michael Xie, Founder, President and CTO at Fortinet, says.

source:
https://cybermagazine.com/news/how-fortinets-fortios-expands-protections-for-the-quantum-era

Fortinet boosts quantum security for firewall and SD-WAN clients

Fortinet updated its FortiOS operating system to protect against quantum-computing threats.

The FortiOS 7.6 update includes what are described as “quantum-safe features” designed to defend against threats such as harvest-now, decrypt-later (HNDL) attacks.

The features are available for FortiGate NGFW and Fortinet Secure SD-WAN customers. Among them are PQC methods which include algorithms approved by the National Institute of Standards and Technology (NIST) in its aim to standardize PQC.

Of these algorithms, Fortinet names ML-KEM, a mechanism that allows two parties to establish a shared secret key over a public channel. Theoretically, this allows for security against attackers in possession of a quantum computer.

There is also support for NIST’s preferred PQC standard, dubbed HQC (Hamming Quasi-Cyclic), which is based on error-correcting codes.

The latest additions come alongside pre-established features in the Fortinet OS, including support for quantum key distribution (QKD) integrations, algorithm stacking, and a hybrid mode for the incorporation of traditional public-key cryptography and QKD.

The latter is positioned as a gradual transition for enterprises into post-quantum security in anticipation of the "Q-Day" threat, when a quantum computer becomes powerful enough to break widely used encryption methods. That is expected to happen sometime in the 2030s.

FortiOS 7.6 also includes BIKE, a key encapsulation mechanism based on code and designed for several CPU architectures, particularly 64-bit ARM and x86 processors.

 

The updates come after Fortinet’s recent commendation from analyst powerhouse Gartner for its existing PQC capabilities alongside its traditional security offerings. Gartner ranked Fortinet alongside rivals, including Palo Alto and Cato Networks as a “leaders” in the secure access service edge (SASE) market.

Palo Alto Networks started to implement quantum-resistant capabilities last year, while startup QuSecure has launched a quantum-safe encryption to Cisco routers.

Quantum efforts have also poured into the networking space, with U.S.-based IonQ recently drawing new funds to the tune of $1 billion as part of its aim to drive quantum networking opportunities.

source:
https://www.sdxcentral.com/news/fortinet-boosts-quantum-security-for-firewall-and-sd-wan-clients/

Fortinet Recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for SASE Platforms

News Summary

Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced it has been recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for SASE Platforms and ranked #1 in the Secure Branch Network Modernization use case in the accompanying Gartner Critical Capabilities for SASE Platforms report, which Fortinet believes underscores its ability to converge advanced secure SD‑WAN, universal ZTNA, and AI-Powered threat protection into a single, flexible solution.

 

We are honored to be recognized as a Leader in the 2025 Gartner Magic Quadrant for SASE Platforms and believe this recognition validates our commitment to organic innovation—building a unified, AI-powered platform that spans all SASE use cases. We believe being positioned in the Leaders quadrant in the 2025 Gartner Magic Quadrant for SASE Platforms affirms our strategy of blending proven secure SD‑WAN, universal ZTNA, and AI‑powered threat protection under a single operating system, FortiOS, and one license for added simplicity and faster ROI.

- Nirav Shah, Senior Vice President of Products and Solutions at Fortinet

The Most Unified, Flexible, and Intelligent SASE Platform

This latest recognition, in Fortinet’s view, validates its unified‑platform strategy for secure digital acceleration. It follows Fortinet’s acknowledgement as a Leader in the 2024 Gartner Magic Quadrant for SD‑WAN for the fifth consecutive year—where it was positioned highest for Ability to Execute—as well as being named a 2024 Gartner Peer Insights™ Customers’ Choice for Security Service Edge (SSE), and a 2025 Customers’ Choice for SD-WAN and Zero Trust Network Access (ZTNA).

Fortinet Unified SASE is built natively on FortiOS, delivering consistent security and user experience from campus to cloud to remote users through a single-vendor platform. Fortinet’s tightly integrated approach enables centralized management through one console and one agent, reducing complexity while streamlining policy enforcement and deployment. Fortinet offers over 160 points-of-presence (PoPs) and simplified licensing tiers to meet customer needs. Monthly product innovations, including AI-driven security workflows, keep the platform ahead of evolving threats and business needs.

Powering High-Performance Branch Experiences and Sovereign SASE at Global Scale

Fortinet believes the recognition in Secure Branch Network Modernization use case in the Gartner Critical Capabilities for SASE Platforms report also underscores the company's strength in helping customers replace legacy architectures like MPLS with a simplified, high-performance branch experience. Organizations can rapidly deploy new sites using zero-touch provisioning and centralized orchestration, significantly reducing the time and effort typically required to roll out branch locations. By converging networking and security at the edge, Fortinet empowers IT teams to deliver secure, scalable access with reduced operational overhead and lower total cost of ownership with seamless integration between secure SD-WAN and SSE that can be completed in minutes.

Fortinet continues to differentiate itself in a fast-growing market projected by Gartner to exceed $28.5 billion by 2028, with ongoing investment in its global SASE infrastructure, simplified packaging, and partner enablement. These efforts reflect Fortinet’s commitment to helping customers, channel partners, and service providers capitalize on the growing demand for hybrid work security, branch modernization, and the ability meet data sovereignty needs for regulated industries like finance, healthcare, and government.

Analyst and Customer Validation

Fortinet’s Leader position in SASE adds to the company’s broader recognition across the cybersecurity industry, including being acknowledged in 11 Gartner Magic Quadrant reports spanning security and networking. In addition to being named a Leader in the Magic Quadrant for both SASE Platforms and SD-WAN, Fortinet remains the only vendor recognized as a Customers’ Choice across all core components of SASE—SD-WAN, SSE, and ZTNA—according to Gartner Peer Insights™. Fortinet believes these distinctions further validate Fortinet’s Security Fabric platform strategy and its ability to unify security and networking across every edge.

source:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2025/fortinet-recognized-as-a-leader-in-the-2025-gartner-mq-for-sase-platforms

Fortinet Strengthens Code-to-Cloud Security with CNAPP Enhancements and Launches Expanded Solution Availability in AWS Marketplace

Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced powerful updates to Lacework FortiCNAPP, making it easier than ever for customers to secure applications and workloads across hybrid and multi-cloud environments. The company also announced that the FortiAppSec Cloud service, FortiMail Workspace Security, FortiNDR Cloud, FortiSIEM, and Fortinet Incident Response services are now available in AWS Marketplace, a digital catalog that helps you find, buy, deploy, and manage software, data products, and professional services from thousands of vendors.

 

“Fortinet is committed to accelerating secure cloud transformation for our customers,” said Nirav Shah, Senior Vice President, Products and Solutions at Fortinet. “By making more of our services available in AWS Marketplace and enhancing leading cloud-native solutions like Lacework FortiCNAPP and FortiAppSec Cloud, we’re making it easier than ever for organizations to protect every cloud workload, application, and network edge.”

 

Delivering Smarter Protection, Faster Response and Remediation

 

Fortinet has enhanced Lacework FortiCNAPP to deliver even stronger protection for cloud-native applications across their entire life cycle. These updates reinforce FortiCNAPP as an industry-leading, cloud-native security platform designed to deliver faster detection, deeper insights, and simplified operations at scale.

 

• Real-Time CloudTrail Alerting – Enables near-instant detection of critical activity, such as compromised credentials or anomalous API behavior, by reducing AWS CloudTrail alert latency from 24 hours to under 15 minutes.
• Explorer (Security Graph) – Provides a visual, interactive view of attack paths and asset relationships, making pinpointing and investigating exposures, such as internet-facing vulnerabilities, easier.
• Agentless Windows Scanning – Supports agentless scanning for Windows workloads across any cloud, identifying vulnerabilities and secrets without requiring software deployment. This is ideal for expanding visibility and compliance with minimal overhead.
• Fleet Management – Delivers detailed visibility across large environments into agent inventory, health, and deployment status, helping teams monitor coverage and optimize cloud security.

 

In addition, Fortinet expands its cloud services for web applications and APIs by introducing new service bundles that include Dynamic Application Security Testing (DAST), CDN, and SoC-as-a-Service, in addition to its AI-powered zero-day threat detection, analysis, and remediation to protect web applications and APIs.

 

Full-Stack Protection Now Available in AWS Marketplace

Fortinet has expanded the availability of its cloud security portfolio in AWS Marketplace. This provides Amazon Web Services (AWS) customers with the ability to streamline the purchase and management of more Fortinet offerings within their AWS Marketplace account. By deploying solutions on AWS, Fortinet makes it easier for customers to deploy protection, streamline procurement, and apply AWS Enterprise Discount Program (EDP) commitments.  

 

Services now available in AWS Marketplace include:

• FortiAppSec Cloud – Unified web application and API protection (WAAP) with web application firewall (WAF), bot management, API security, and DDoS mitigation
• FortiMail Workspace Security – End-to-end SaaS protection across email, browsers, and collaboration tools to stop advanced threats in platforms like Microsoft 365, Google Workspace, Slack, and Teams with a built-in, 24×7 managed incident response service to accelerate threat containment and lighten the load on SOC teams
• FortiNDR Cloud – AI-driven threat detection optimized for distributed cloud infrastructure
• FortiSIEM – Scalable log management and incident response for complex environments

 

Fortinet has achieved the AWS Security Incident Response Specialization, which recognizes that Fortinet provides a streamlined incident response solution backed by AWS security response experts through AWS Security Incident Response.

 

The capabilities of Fortinet’s specialized cloud consulting and FortiGuard Incident Response Services teams help AWS customers strengthen their cloud security posture. Fortinet Incident Response Services are now available in AWS Marketplace, offering expert support backed by deep integration with AWS and the Fortinet Security Fabric. This underscores Fortinet’s commitment to supporting customers with end-to-end security expertise—from proactive risk assessments to prompt incident handling—backed by deep integration with AWS-native tools and FortiGuard threat intelligence.

 

A Strategic Shift toward Unified Cloud-Native Security

 

This launch reinforces Fortinet’s commitment to simplifying cloud security by consolidating fragmented, non-integrated solutions into a unified cloud security platform. Rather than relying on isolated point products, Fortinet delivers integrated solutions across application, network, and user layers designed to streamline management and scale efficiently in any environment.

 

By unifying capabilities like WAAP, network detection and response (NDR), security information and event management (SIEM), cloud-native application protection platform (CNAPP), and workspace security under a single vendor and deployment model, organizations gain comprehensive cloud protection along with greater speed, cost-efficiency, and operational clarity.

 

For those with cloud spend commitments and desire to optimize their cloud security investments, particularly in dynamic environments, Fortinet FortiFlex offers a flexible, daily usage-based licensing model that supports rapid deployment, elastic scaling, and seamless drawdown of existing cloud commitments, helping organizations protect what they need, when they need it, while only paying for what they use.

source:
https://www.megabites.com.ph/fortinet-strengthens-code-to-cloud-security-with-cnapp-enhancements-and-launches-expanded-solution-availability-in-aws-marketplace/
 

Fortinet report shows C-suite now owns operational technology cybersecurity

Fortinet report shows C-suite now owns operational technology cybersecurity

by Duncan Riley

 

A new report released today by cybersecurity company Fortinet Inc. has found that operational technology cybersecurity is gaining significant attention at the executive level, with corporate leaders increasingly taking responsibility for OT security strategies.

The new 2025 State of Operational Technology and Cybersecurity Report found that 52% of organizations now report that their chief information security officers or chief security officers are directly responsible for OT security, up from 16% in 2022. At the same time, 95% of organizations now say that OT risk now falls under broader C-suite oversight, up from just 41% two years ago.

More organizations were found to be formalizing their cybersecurity frameworks and integrating OT security into broader risk management strategies, resulting in incident severity declining. The report finds that operational outages with revenue impact dropped from 52% to 42% year-over-year, assisted by the adoption of advanced security practices, with segmentation, threat intelligence integration and vendor consolidation playing a critical role.

Mature organizations, those reporting higher security levels, were also found to be significantly less affected by common threats like phishing and are better able to detect sophisticated attacks.

Core to the improved outcomes were an increase in cybersecurity hygiene, improved training and intelligence-driven defenses. Business email compromise incidents have declined and the number of OT vendors used has shrunk, signaling a move toward simplification and operational efficiency. Fortinet notes that organizations using its OT Security Platform saw a 93% drop in incidents and up to sevenfold performance improvements through centralized control and integrated defenses.

The report additionally outlines best practices for OT security teams, including the need to establish full network visibility and protective controls. Other recommendations include implementing segmentation following ISA/IEC 62443 standards, integrating OT systems into SecOps and incident response planning, consolidating vendors through a platform-based security architecture and adopting OT-specific threat intelligence feeds powered by artificial intelligence.

Though the overall trends were mostly positive, the report does highlight one area of concern: legacy systems. With many organizations still relying on outdated infrastructure that was not designed with cybersecurity in mind, the systems are particularly vulnerable to modern threats. Legacy OT devices often lack native security controls and are difficult to update or patch, increasing the risk of exploitation.

Discussing the findings, Tim Mackey, head of software supply chain risk strategy at application security software provider Black Duck Software Inc. told SiliconANGLE via email that one of the biggest challenges with cybersecurity in critical infrastructure is the long lifespan of the devices.

“Something that was designed and tested to the best practices available when it was released can easily become vulnerable to attacks using more sophisticated attacks later in its lifecycle,” explains Mackey. “In effect, legacy best practices may not be up to the task of mitigating current threats, or worse those that might be deployed in the coming years. Since attackers know that critical infrastructure providers are measured in their up-time or service availability, once a device is compromised, attackers know that they have the luxury of mapping out and planning a very targeted attack rather than just being opportunistic.”

source:
https://siliconangle.com/2025/07/09/fortinet-report-shows-c-suite-now-owns-operational-technology-cybersecurity/