How Fortinet AI-Driven SecOps Delivers Faster, Smarter SecOps

 

Fortinet SecOps changes that. Built on the Fortinet Security Fabric, Fortinet’s SecOps solution delivers a unified, AI-powered platform that helps security teams detect, investigate, and respond to threats faster and more efficiently—without adding headcount or complexity.

Here’s how it works.

1. Unified visibility and control across the attack surface

One of the biggest challenges in modern SecOps is fragmented visibility. Fortinet eliminates that problem by integrating telemetry across the entire infrastructure—network, endpoints, cloud, email, and more—into a single data lake. This is possible through native integration across Fortinet products and open APIs that seamlessly pull in third-party data sources.

But Fortinet goes beyond visibility. With Fortinet SecOps and FortiRecon continuous threat exposure management (CTEM) capabilities, organizations can actively manage their attack surfaces, identifying, prioritizing, and reducing exposure to risks before they’re exploited. This includes continuous asset discovery, attack surface mapping, threat correlation, and proactive controls that close gaps before they become incidents.

The result is a comprehensive view of assets, users, behaviors, and risks combined with actionable insights and enforcement mechanisms. Teams can triage and hunt with confidence, using consistent context from a single source of truth while also shrinking their attack surface in real time.

2. AI-powered threat detection and intelligence

Fortinet SecOps is fueled by FortiGuard Labs AI and global threat intelligence. With behavior-based analytics, machine learning (ML), and curated threat feeds, the platform automatically detects known and unknown threats, including malware, ransomware, botnets, and lateral movement.

Advanced detection is delivered through:

• FortiSIEM for real-time event correlation and anomaly detection
• FortiAnalyzer for security analytics, threat hunting, and compliance
• FortiEndpoint and FortiEDR for endpoint behavior analysis and automated mitigation
• FortiNDR for early detection of advanced threats and post-exploit activities
• FortiDeceptor for early threat discovery and deception-based attacker engagement

By combining static, dynamic, and behavioral analysis, Fortinet reduces false positives and accelerates mean time to detection.

3. Automated, playbook-driven response

Responding to incidents quickly—and consistently—is critical. Fortinet SecOps integrates SOAR capabilities across the broader SOC platform with FortiSOAR and within FortiSIEM and embedded within key products such as FortiEDR and FortiNDR. This layered approach allows organizations to automate key response workflows at multiple levels of the stack.

Security teams can automate routine tasks like enrichment, alert correlation, notification, and device quarantine. Guided playbooks, delivered both as centralized runbooks and embedded “Playbook-as-a-Service” (coming soon), ensure that response is timely, coordinated, and aligned to business risk. Integration with ticketing and ITSM platforms enables closed-loop remediation and accountability, while contextual routing assigns incidents based on severity, confidence, and analyst role.

This distributed orchestration model reduces mean time to respond, eliminates manual overhead, and allows organizations to scale their response capabilities without adding headcount.

4. Analyst-centric experience and custom dashboards

Fortinet doesn’t just build for security infrastructure. It builds for security analysts. With customizable dashboards, intuitive UIs, and dynamic search and drill-down capabilities, Fortinet SecOps makes it easier for tier 1, 2, and 3 analysts to investigate and pivot quickly. Analysts can correlate events with timeline views, visualize attack paths, and track key performance indicators and compliance metrics within a single, analyst-friendly interface.

By making workflows more efficient and context-rich, Fortinet dramatically shortens learning curves while improving analyst retention.

5. Security Fabric integration for seamless action

Fortinet SecOps is not a bolt-on. It’s built into the Fortinet Security Fabric, which means detection and response can trigger real-time enforcement across firewalls, endpoint agents, identity controls, and more.

For example, anomalous behavior detected in FortiEDR can trigger automatic isolation via the FortiGate firewall. Deception triggers from FortiDeceptor can feed high-fidelity indicators of compromise into FortiSIEM for further correlation. FortiSOAR playbooks can reconfigure access policies through FortiNAC or notify external systems for coordinated action. And with FortiNDR, the platform adds high-speed network detection and response that can observe lateral movement in real time and escalate threats into the SOC workflow.

This level of integration across detection, analysis, and enforcement eliminates the gaps and delays common in siloed environments, turning detection into defense and streamlining every step of the response life cycle.

Real-World Outcomes

Organizations using Fortinet SecOps report up to an 80% reduction in false positives, allowing analysts to focus on real threats instead of noise. Response times improve by 30% or more thanks to prebuilt automation, contextual handoffs, and integrated controls.

According to research from Enterprise Strategy Group (ESG), Fortinet customers have also achieved a reduction in mean time to detect from several weeks to less than an hour,1 a transformational shift that enables faster containment and reduced risk exposure.

Teams benefit from automated compliance reporting aligned to frameworks like NIST, ISO 27001, PCI DSS, and HIPAA, reducing audit overhead. Many organizations also lower costs and complexity by consolidating multiple security tools into a unified SecOps stack.

Beyond the numbers, Fortinet SecOps helps teams move from reactive firefighting to proactive threat hunting, risk reduction, and SOC maturity, empowering them to keep pace with attackers without burning out their analysts.

Fortinet AI-Driven SecOps Powers Resilient Cybersecurity Operations

Cybersecurity teams need more than dashboards and alerts. They need speed. Intelligence. Automation. And a platform that scales with them. Fortinet SecOps delivers all of that in one integrated, AI-driven solution, helping organizations shift from reactive defense to proactive resilience.

source:
https://www.fortinet.com/blog/business-and-technology/fortinet-ai-driven-secops-deliver-faster-smarter-secops

Fortinet launches Sovereign SASE at Security Day

Dubai, UAE: Fortinet, the global cybersecurity leader driving the convergence of networking and security, has announced the launch of its Sovereign SASE (Secure Access Service Edge) solution at its annual Security Day in Dubai.

Fortinet’s Sovereign SASE solution enables businesses to securely connect and protect users, applications, and data, regardless of location. It guarantees that data resides and is processed within specific geographical boundaries, giving organisations complete control over their sensitive data while complying with regional data regulations.

Sovereign SASE supports a range of industries and is ideal for organizations operating in highly regulated verticals with sensitive data like government, finance, and healthcare, or any business that handles classified information and critical infrastructure.

 

 

Shadi Khuffash, Senior Regional Director of South Middle East at Fortinet commented: “In today’s global economy, organisations face a growing array of cybersecurity threats and compliance complexities. At the same time, local data protection regulations create strict requirements around data governance that organisations in the UAE must navigate. Fortinet’s launch of Sovereign SASE helps organisations to proactively detect and respond to threats, improve anomaly detection, and enhance user experience. This in turn creates a more agile and transparent industry that can respond to the needs of its citizens in real-time.”

Security Day Focuses on AI, Quantum, and Cloud Security

As Fortinet’s flagship cybersecurity event in the region, the Security Day in Dubai brought together over 400 customers, partners, and industry professionals from across the UAE, including local government.

Experts led sessions on topics such as AI, Quantum Computing, and the global threat landscape, giving attendees a first-hand look into the cybersecurity matters that are impacting industries across the Middle East.

The Welcome Keynote was delivered by esteemed guest H.E. Dr. Mohammad Al Kuwaiti, Head of the UAE Cyber Security Council, followed by an Opening Keynote from Alain Sanchez, Field CISO at Fortinet.

A dedicated Tech Expo offered hands-on networking, while a session hosted by Fortinet’s Vice President of Global Threat Intelligence, Derek Manky, revealed the latest attack methods in the region as well as the solutions that organizations can leverage to cope with increasingly sophisticated cybercriminals.

“The Security Days are the largest and most comprehensive in-person Fortinet security event in the region. They have proven to be a prime opportunity for all cybersecurity professionals to gain security insights, discover the latest trends and innovations, and connect with like-minded individuals. We will host another Security Day event in Abu Dhabi on June 19th,” concluded Khuffash.

About Fortinet

Fortinet is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. FortiGuard Labs, Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. 

source:
https://www.zawya.com/en/press-release/companies-news/fortinet-launches-sovereign-sase-at-security-day-xx8034rq

Fortinet Unveils New AI-Powered Workspace Security Suite to Protect the Modern Enterprise

News Summary

Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced enhancements to its data and productivity security portfolio, expanding FortiMail with the launch of the FortiMail Workspace Security suite. These new capabilities establish FortiMail as the broadest and most customizable email security platform and extend protection beyond email to include browser and collaboration security. These advancements, combined with new features in FortiDLP, Fortinet’s next-generation data loss prevention (DLP) and insider risk management solution, deliver a unified, AI-powered approach to safeguarding users and sensitive data across today’s dynamic work environments.

 

In today’s evolving threat landscape, securing user productivity and sensitive data requires a unified strategy that considers both outsider threats and insider risks. Cybercriminals are aiming their efforts right at users and increasingly leveraging tools like FraudGPT, BlackmailerV3, and ElevenLabs to automate the creation of malware, deepfake videos, phishing websites, and synthetic voices—making attacks more scalable, convincing, and difficult to detect. With our expanded AI-powered FortiMail Workspace Security suite and FortiDLP solutions, Fortinet empowers organizations to stay ahead of threat actors and insider risks while ensuring users, data, and productivity remain secure.

- Nirav Shah, Senior Vice President, Products and Solutions at Fortinet

AI-Powered Defense for Communication, Collaboration, and Data Security

Today’s hybrid workforce relies heavily on SaaS and collaboration tools, increasing both productivity and the attack surface. As users interact with sensitive data across these platforms, organizations must address threats to both users and data in tandem. The 2025 Fortinet Global Threat Landscape Report highlights the rise of AI-enabled cybercrime, with attackers using automation to launch more convincing phishing, impersonation, and account takeover campaigns.

Fortinet’s enhanced workspace security solutions meet this challenge head-on with AI-powered protection across email, browsers, and collaboration environments, defending against external and internal threats wherever work happens. This spans the full spectrum of user interactions and data movement across the digital workspace:

Email security, evolved: With the acquisition and integration of Perception Point—recognized as a Visionary in the 2024 Gartner® Magic Quadrant™ for Email Security1—Fortinet has significantly expanded the capabilities of the FortiMail email security platform, establishing it as the industry’s broadest and most customizable solution. FortiMail can address any email security needs, including inbound, outbound (including relays), and internal mail protection, with flexible deployment options across appliances, virtual machines, hosted services, and SaaS. It offers multiple operating modes—gateway, server, ICES, and hybrid—and features both a highly configurable UI and a streamlined SaaS experience.

Extending security to collaboration tools: The FortiMail Workspace Security suite expands protection beyond email to web browsers and collaboration tools, enabling organizations to stop sophisticated threats across platforms like Microsoft 365 and Teams, Google Workspace, and Slack. It blocks evasive web-based attacks, hidden malware in shared files, and malicious links sent through chat and collaboration apps. The platform also enhances visibility into user activity across cloud environments, helping security teams detect and prevent account takeovers before they escalate. A built-in, 24x7 managed incident response service supports rapid threat analysis and containment to reduce operational load on SOC teams.

Smarter defense for critical data: FortiDLP strengthens this offering by adding advanced capabilities like secure data flow with data lineage and sequence detection, providing security and insider risk teams with detailed tracking of sensitive data from its source, capturing how that data is used and manipulated by users, and automatically correlating user activities to detect high-risk behavior that warrants further investigation. Whether monitoring for unauthorized sharing of confidential information through cloud drives or preventing the exposure of sensitive data to unsanctioned SaaS and GenAI platforms, FortiDLP delivers the context and control needed to protect sensitive data, including intellectual property.

Unified Protection for a Hybrid World

With these latest enhancements, Fortinet redefines the way organizations protect users and data in the modern workspace. By combining the power of AI with integrated email, browser, collaboration, and data security, Fortinet delivers the visibility, control, and response speed security teams need, turning complexity into clarity and threats into just another task handled.

source:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2025/fortinet-unveils-new-ai-powered-workspace-security-suite-to-protect-the-modern-enterprise

Fortinet Named a Challenger in the 2025 Gartner® Magic Quadrant™ for Security Service Edge

News Summary

Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced it has been recognized as a Challenger in the Gartner® Magic Quadrant™ for Security Service Edge (SSE). This recognition follows Fortinet’s recent placement as a Leader and the highest in ability to execute in the 2024 Gartner® Magic Quadrant™ for SD-WAN for the fourth consecutive year — we believe this further validates Fortinet’s vision and execution in delivering a unified SASE platform.

 

We continue to demonstrate strong momentum, innovation, and growth in the SSE market. We believe Fortinet’s placement in the Challengers quadrant is a testament to our growing adoption, positive customer feedback, aggressive roadmap execution with monthly releases, and ever-expanding market share. Our focus is on delivering real outcomes through flexible deployment models, seamless integration with existing infrastructure, and consistent AI-powered security wherever users connect.

- Nirav Shah, Senior Vice President, Products and Solutions at Fortinet

A Differentiated SSE Experience

With FortiSASE, Fortinet delivers the most unified, flexible, and intelligent solution on the market today, enabling secure access from anywhere while reducing complexity, enhancing user experience, and strengthening security across hybrid environments. Key differentiators include:

• Unified solution: Unlike many fragmented offerings, FortiSASE is built on a single operating system, FortiOS, a unified management console, endpoint agent, and centralized data lake. This cohesive architecture ensures consistent security policy enforcement and streamlined operations across all environments from on-premises to the cloud. The integration of Fortinet Secure SD-WAN with cloud-delivered SSE, and digital experience monitoring (DEM) under one platform provides comprehensive visibility and control, reducing complexity and potential security gaps. 
• Flexible connectivity: FortiSASE offers unparalleled flexibility to accommodate a wide range of organizational needs by supporting BYOD, contractors, agent-based, and agentless devices, as well as third-party SD-WAN solutions, facilitating seamless integration into existing infrastructures. Fortinet is also investing in building its own global cloud infrastructure, further enhancing performance, scalability, and control across its SASE services. Fortinet Sovereign SASE gives organizations flexibility and control over their data, especially in regulated sectors like finance and healthcare. Organizations can also integrate FortiSASE with Fortinet’s WLAN/LAN portfolio to secure thin edge locations without the need for additional appliances or agents, ensuring comprehensive protection even in resource-constrained environments. 
• Intelligent innovation: FortiSASE, powered by FortiGuard AI-Powered Security Services, delivers broad protection through integrated capabilities like secure web gateway (SWG), universal zero-trust network access (ZTNA), cloud access security broker (CASB), Firewall-as-a-Service (FWaaS), and remote browser isolation (RBI), all managed from a single unified console. Security teams can enforce zero-trust policies to manage access and data flows to generative AI (GenAI) apps, gaining visibility into usage patterns, destinations, and enabling enterprise-wide AI governance.

What Customers Are Saying About FortiSASE

In addition to this latest Gartner acknowledgement, Fortinet was the only vendor to be recognized with the Gartner® Peer Insights™ Customers’ Choice Recognition two years in a row for Security Service Edge. In the 2025 Gartner® Peer Insights™ Voice of the Customer, security service edge (SSE), FortiSASE customers had this to say:

“Elevating user experience with FortiSASE: perfect features and functionality”

We use SIA (secured internet access) and SPA (secured private access) functionality of FortiSASE and the overall experience is exceptionally great.

“Reliable SSE with ZTNA solution with breadth of design options”

Secure and reliable internet access for all hybrid users. Secure users regardless of their access location. Our overall experience with the solution is great and users are happy from the day we deployed this endpoint on their machines.

"Best of the breed cloud delivered security solution to secure hybrid workforce"

This solution allows us to accommodate growing user count without compromising performance. The solution provides robust security features, which include web filtering to provide protection against web-based threats. The Solution provides secure access to users irrespective of their location, Users are allowed to access the internet or servers post compliance checks. Our overall experience is highly positive.

 

Additional Resources

• Download the report for more information about the 2025 Gartner® Magic Quadrant™ for Security Service Edge.
• Learn more about FortiSASE and our customer-first approach to SSE.
• Read more about Fortinet Unified SASE.
• Read more about the Fortinet Security Fabric.
• Visit fortinet.com/trust to learn more about Fortinet innovation, collaboration partners, product security processes, and enterprise-grade products. 
• Learn more about Fortinet's commitment to product security and integrity, including its responsible product development and vulnerability disclosure approach and policies. 
• Learn about Fortinet’s free cybersecurity training, which includes broad cyber awareness and product training. As part of the Fortinet Training Advancement Agenda (TAA), the Fortinet Training Institute also provides training and certification through the Network Security Expert (NSE) Certification, Academic Partner, and Education Outreach programs.
• Learn more about FortiGuard Labs threat intelligence and research and Outbreak Alerts, which provide timely steps to mitigate breaking cybersecurity attacks.
• Learn more about Fortinet’s FortiGuard Security Services portfolio.
• Read about how Fortinet customers are securing their organizations.
• Follow Fortinet on X, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube.

source:
https://www.fortinet.com/tw/corporate/about-us/newsroom/press-releases/2025/fortinet-named-a-challenger-in-the-2025-gartner-magic-quadrant-for-security-service-edge

Fortinet 2025 全球資安威脅報告： 亞太區漏洞利用嘗試次數占全球 42% 武器化 AI 加劇網路攻擊

台北訊 - 2025年5月14日

 - 

 

全方位整合與自動化網路資安領導廠商 Fortinet®（NASDAQ：FTNT）旗下威脅情資中心 FortiGuard Labs 今（14）日發布《 2025 全球資安威脅報告 》。報告概述了 2024 年的網路威脅狀況與趨勢，並根據 MITRE ATT&CK 框架分析，發現攻擊者越來越常運用自動化、商品化以及 AI 工具，透過搶先偵查漏洞目標、使用漏洞工具包、竊取憑證並針對關鍵產業、雲端及物聯網攻擊，系統性削弱了傳統資安防禦的優勢。此份報告不僅揭露最新攻擊手法，亦特別納入「CISO 防禦行動指南」，期盼助力 CISO 與資安團隊領先部署最新防禦。

Fortinet 台灣區總經理吳章銘表示：「從 FortiGuard Labs 2025 全球資安威脅報告中可以看到，網路犯罪者正在加速升級攻擊行動，藉由 AI 自動化技術展開快速且大規模的攻擊，過去的防禦措施逐漸無法有效抗衡當前的網路威脅。Fortinet 偵測全球超過 970 億次的漏洞利用嘗試，其中亞太區占比 42%，仍是全球風險最高地區。建議企業組織必須轉向由情報驅動的主動防禦、導入 AI、零信任架構與持續性威脅曝露管理，以利在快速進化的網路威脅趨勢下提前做好防禦準備。」

FortiGuard Labs《2025全球資安威脅報告》關鍵發現：

• 攻擊者搶先偵查漏洞目標，自動化掃描每月達數 10 億次：
  為更快速刺探出企業組織新出現的安全漏洞，網路犯罪者正在全球大規模部署自動化掃描。2024 年全球網路主動掃描活動達歷史新高，與 2023 年相比增長 16.7%，相當於每秒有 36,000 次的掃描活動，顯示攻擊者正以高度組織化方式，收集網路基礎設施的弱點資訊。FortiGuard Labs 每月觀測到數 10 億次掃描，發現攻擊者積極透過 SIP（VoIP協議）、RDP，以及 Modbus TCP 等 OT/IoT 通訊協議，針對金融、通訊、OT/ICS 等產業。
   
• 暗網市場助長漏洞利用工具包普及，全球漏洞年增 39%：
  2024 年，網路犯罪論壇逐漸發展為成熟的漏洞利用工具包交易市場，美國國家漏洞資料庫（National Vulnerability Database）新增超過 4 萬筆漏洞，較 2023 年成長 39%。除了零時差漏洞之外，初始存取掮客也開始大量販售企業憑證（20%）、RDP 存取（19%）、管理介面（13%）與網頁後門（12%）。此外，FortiGuard Labs 觀察到，受 Infostealer 惡意程式感染系統的記錄檔暴增 500%，共計 17 億筆憑證資料被流傳至暗網。
   
• AI 使網路犯罪規模急速擴張，憑證成犯罪貨幣、竊取紀錄年增 42%：
  威脅者利用AI提升釣魚攻擊的擬真度，並規避傳統偵測，使欺騙性更高且難以被察覺。FraudGPT、BlackmailerV3、ElevenLabs 等工具，讓威脅者更肆無忌憚發動大規模、高擬真、具影響力的攻擊行動。2024 年，駭客也在暗網論壇上分享了超過 1,000 億筆竊取記錄，年增 42%。這波激增主要來自「組合列表」（combo lists），內含遭竊的用戶名稱、密碼與電子郵件資料，超過一半的暗網貼文涉及資料庫洩漏，使攻擊者可大規模發動自動化憑證填充攻擊。BestCombo、BloddyMery、ValidMail 等活躍網路犯罪集團，降低了入侵門檻，促使帳戶盜用、金融詐騙與企業間諜行為激增。
   
• 針對製造、醫療和金融等關鍵產業的攻擊持續加劇，已知漏洞的修補為當務之急：
  製造、醫療與金融等關鍵產業，仍持續為針對性攻擊的目標，攻擊者分別對各產業特性進行特定類型的漏洞利用行動。2024 年最常遭攻擊的產業為製造業（17%）、商業服務（11%）、建築營造業（9%）與零售業（9%）。國家級與勒索即服務（RaaS）攻擊者，皆集中火力攻擊這些垂直領域 。此外，企業組織針對已知漏洞的及時修補仍是關鍵，根據 Fortinet 入侵防禦系統（IPS）感測器偵測和分析超過 970 億次的漏洞利用嘗試，多數是針對早已揭露的漏洞而來，如 Windows SMB 資訊洩漏漏洞（CVE-2017-0147）、Apache Log4j 遠端程式碼執行漏洞（CVE-2021-44228）與 Netcore Netis 裝置內建密碼漏洞（CVE-2019-18935）。
   
• 雲端與物聯網環境風險升高，70% 雲端事件來自陌生位置登入：
  雲端服務如今已成營運核心，而身分識別也成為關鍵的安全防線。透過 FortiCNAPP 遙測顯示，攻擊者透過利用高權限帳號、公開原始碼儲存庫中的憑證洩露，以及雲原生服務橫向移動。在 70% 事件中，攻擊者是由陌生位置登入行為來入侵，凸顯身份監控在雲端防禦中的重要性。物聯網設備亦為攻擊焦點，佔所有漏洞利用行為的 20% 以上，包括路由器、監控攝影機和防火牆等，若使用過時的韌體或預設帳號密碼，便容易被攻擊者納入殭屍網路，被利用於橫向移動或取得持續存取權限。

「CISO防禦行動指南」五大策略：搶先主動防禦、提升應變韌性

FortiGuard Labs《2025年全球資安威脅報告》不僅揭露最新攻擊手法，亦特別納入「CISO防禦行動指南」，助CISO與資安團隊領先部署防禦策略，五大方向包含：

• 由傳統威脅偵測轉向持續性威脅曝露管理（CTEM）：
  採用持續攻擊面管理、模擬攻擊者行為、以風險導向的修補優先順序與自動化防禦。定期使用漏洞與攻擊模擬（BAS）工具測試端點、網路與雲端防禦，可有效提升企業組織韌性、對抗橫向移動與漏洞利用。
   
• 模擬演習以應對真實攻擊：
  執行紅隊、紫隊演練與攻擊者行為模擬演習，運用 MITRE ATT&CK 測試對勒索軟體與間諜活動的防護能力。
   
• 降低攻擊面的暴露：
  部署攻擊面管理（ASM）工具，偵測外洩資產、憑證與可被利用的漏洞，同時持續掌握暗網新興威脅。
   
• 優先處理高風險漏洞：聚焦網路犯罪社群中被廣泛討論的漏洞，結合 EPSS、CVSS 等風險評分架構，提升修補效率。
   
• 善用暗網情報搶先部署防禦措施：
  追蹤暗網市場中的勒索軟體即服務、駭客主義者的協調行動，提前部署，防範如DDoS與網站竄改等攻擊。

FortiGuard Labs 顧問服務 結合最先進技術與專家支援，協助企業組織在威脅發生前鞏固資安防線。發生資安事件時，FortiGuard Labs 亦提供迅速且有效的應變與鑑識分析，將影響降至最低，並預防未來的入侵，為當今快速變動的數位環境提供全方位防護。

source:
https://www.fortinet.com/tw/corporate/about-us/newsroom/press-releases/2025/fortinet-2025-global-threat-report

Fortinet OT 安全營運平台再升級，強化關鍵基礎設施防護

提升工業級資安新標準！

台北訊 - 2025年3月20日

 - 

 

全方位整合與自動化網路資安領導廠商 Fortinet®（NASDAQ：FTNT）今（20）日宣布提升其 OT 安全營運平台 功能，以加強支援關鍵基礎建設以及工業地區的網路威脅防護。新強化的功能不僅拓展傳統 OT 可視化解決方案，透過 FortiGuard OT 安全服務 提升專屬 OT 環境的威脅可視性防護、擴展針對嚴苛環境的工規型網路分段與 5G 應用解決方案，以及升級版 OT SecOps 產品組合，預期能幫助台灣企業實現自動化威脅回應與簡化合法合規流程。

Fortinet 台灣區總經理吳章銘表示：「台灣半導體、製造業持續在國際舞台上受到關注，關鍵基礎設施與工業所受到的網路威脅更加嚴峻。如同近期針對台灣醫療系統的網路攻擊，而針對硬體製造業常見的網路威脅也未曾停歇，各國和台灣政府，皆紛紛加強針對 OT 和工業控制系統的網路安全法規。Fortinet 深耕 OT 安全領域逾 20 年，持續引領 OT 安全營運的解決方案創新，致力於提供為 OT 環境量身打造的全面性安全解決方案。相信這次的更新能進一步強化台灣企業 OT 安全態勢，幫助其滿足法規要求，並且透過單一整合型平台進行更有效率的安全管理。」

工規型 OT 解決方案三大更新，防火牆、交換器及 5G 通訊安全管理再升級

• 全新 FortiGate Rugged 新世代防火牆 NGFW 結合 FortiGuard OT  安全服務的強化功能，在 OT 環境中提供無與倫比的安全性，支援超過 3,300 條 OT 通訊協議規則、近 750 條 OT 入侵防護系統（IPS）規則，以及 1,500 條虛擬補丁規則。這些新功能可防範已知遭攻擊的漏洞（KEVs）及其他網路風險，同時透過虛擬補丁技術，為傳統 OT 系統提供進階威脅防護。其他 OT 安全網路功能，還包括 FortiSRA 的更新，藉由升級的機密與密碼管理機制，進一步提升 OT 環境的安全遠端存取。
• 為確保安全網路分段，Fortinet 推出 FortiSwitch Rugged 108F 及 FortiSwitch Rugged 112F-POE，擴展其工業級小型交換器產品組合，另有 FortiSwitch Rugged 424F 可提供 Token Ring 網路架構服務。這些工規型交換器，可就端口層級實施細緻的安全防護，防止 OT 網路內部的未授權橫向移動，並與 Fortinet 廣泛的安全生態系統完善地整合。這些交換器皆以 FortiOS 作為統一作業系統，有效簡化網路與安全管理。
• 為提供安全且穩定的連接，Fortinet 亦推出兩款工規型 5G 解決方案——FortiExtender Rugged 511G 與 FortiExtender Vehicle 511G，皆內建 Wi-Fi 6 與全新支援 eSIM 功能，消除了對實體 SIM 卡的需求，簡化電信業者選擇流程。其中，FortiExtender Rugged 511G 是一款具備 IP67 防護等級的 5G 無線 WAN 閘道器，提供遠端 OT 設施高速、安全的連線。而 FortiExtender Vehicle 511G，則是一款 IP64 防護等級 5G 路由器，專為車隊車輛設計。

用 AI 驅動的安全營運，打造真正安全的 OT 環境

除工規型解決方案的重大更新，Fortinet 更進一步加強 AI 驅動的安全營運（SecOps）功能，針對 OT 環境，提供 OT 安全團隊全面且深入的威脅分析與合規報告簡化功能。其中，FortiAnalyzer 7.6 及 FortiDeceptor 6.1，強化了 OT 安全團隊對威脅深入洞察的能力，並簡化合規報告。而 FortiNDR Cloud 也新增 OT 通訊協議支援，提升了威脅獵捕能力。同時，FortiNDR（本地部署版）則新增 Purdue 模型視圖及新設備資產清單，涵蓋 OT 設備和 Mitre ATT&CK ICS 矩陣框架。

Fortinet OT 安全營運平台提供統一的可視化與安全功能，幫助企業管理 OT 及遠端場域的安全性，為企業簡化和提升其風險評估、安全防護及合規報告流程，滿足複雜的法規要求。Fortinet 是唯一一家提供完善網路分段功能、並擁有端到端工規型 OT 安全產品組合的廠商，所有解決方案皆由 FortiOS 單一作業系統驅動。此外，透過與 Fortinet 安全織網 深度整合，使此 OT 安全營運平台成為業界最全面的解決方案，提供超越業界標準、最有效、精簡又完整的 OT 安全與合規性。

Fortinet OT 安全營運平台深受全球企業信賴，可助企業完善整合 IT 與 OT 安全性。Fortinet 亦獲得 Westlands Advisory 2023 IT/OT 網路保護平台指南（Navigator™）報告，評選為唯一的市場領導者，進一步鞏固並證明了其市場領導地位。

source:
https://www.fortinet.com/tw/corporate/about-us/newsroom/press-releases/2025/fortinet-ot-security-operations-platform-updates-to-strengthen-protection-of-critical-infrastructure

Fortinet: cybercrime surges in 2024 as attackers embrace AI, automation, and exploit kits

Fortinet has released the 2025 Global Threat Landscape Report, a comprehensive analysis of the active threat landscape and trends from 2024. The report highlights that threat actors are increasingly using automation, commoditised tools, and AI to systematically erode traditional advantages held by defenders.

Automated scanning

Automated scanning has reached record highs as attackers shift left to identify exposed targets early. Cybercriminals are deploying automated scanning at a global scale, with active scanning in cyberspace reaching unprecedented levels in 2024, rising by 16.7 per cent worldwide year over year.

Also read: How Axiado’s tech secures critical data in a quantum world

Darknet marketplaces

Darknet marketplaces fuel easy access to neatly packaged exploit kits. In 2024, cybercriminal forums increasingly operated as sophisticated marketplaces for exploit kits, with over 40,000 new vulnerabilities added to the National Vulnerability Database, a 39 per cent rise from 2023.

 

Initial access brokers are increasingly offering corporate credentials (20 per cent), RDP access (19 per cent), admin panels (13 per cent), and web shells (12 per cent). FortiGuard Labs observed a 500 per cent increase in logs available from systems compromised by infostealer malware, with 1.7 billion stolen credential records shared in these underground forums.

AI-powered cybercrime

AI-powered cybercrime is scaling rapidly, with threat actors harnessing AI to enhance phishing realism and evading traditional security controls, making cyberattacks more effective and difficult to detect. Tools like FraudGPT, BlackmailerV3, and ElevenLabs are fuelling more scalable, believable, and effective campaigns without the ethical restrictions of publicly available AI tools.

Attacks intensify

Targeted attacks on critical sectors intensify, with adversaries deploying sector-specific exploitations. In 2024, the most targeted sectors were manufacturing (17 per cent), business services (11 per cent), construction (nine per cent), and retail (nine per cent). Both nation-state actors and Ransomware-as-a-Service (RaaS) operators concentrated their efforts on these verticals, with the United States bearing the brunt of attacks (61 per cent).

Credentials are the currency of cybercrime, with cybercriminals sharing over 100 billion compromised records on underground forums, a 42 per cent year-over-year spike, driven largely by the rise of “combo lists” containing stolen usernames, passwords, and email addresses. Well-known groups like BestCombo, BloddyMery, and ValidMail were the most active cybercriminal groups during this time, fuelling a surge in account takeovers, financial fraud, and corporate espionage.

 

Fortinet’s warning for 2025

“Our latest Global Threat Landscape Report makes one thing clear: Cybercriminals are accelerating their efforts, using AI and automation to operate at unprecedented speed and scale,” said Derek Manky, Chief Security Strategist and Global VP Threat Intelligence, Fortinet FortiGuard Labs.

source:
https://www.manufacturingtodayindia.com/fortinet-cybercrime-surges-in-2024