Fortinet Expands Lacework FortiCNAPP
Delivering Smarter Protection, Faster Response and Remediation
Fortinet has enhanced Lacework FortiCNAPP to deliver even stronger protection for cloud-native applications across their entire life cycle. These updates reinforce FortiCNAPP as an industry-leading, cloud-native security platform designed to deliver faster detection, deeper insights, and simplified operations at scale. Real-Time CloudTrail Alerting – Enables near-instant detection of critical activity, such as compromised credentials or anomalous API behavior, by reducing AWS CloudTrail alert latency from 24 hours to under 15 minutes.
– Enables near-instant detection of critical activity, such as compromised credentials or anomalous API behavior, by reducing AWS CloudTrail alert latency from 24 hours to under 15 minutes. Explorer (Security Graph) – Provides a visual, interactive view of attack paths and asset relationships, making pinpointing and investigating exposures, such as internet-facing vulnerabilities, easier.
– Provides a visual, interactive view of attack paths and asset relationships, making pinpointing and investigating exposures, such as internet-facing vulnerabilities, easier. Agentless Windows Scanning – Supports agentless scanning for Windows workloads across any cloud, identifying vulnerabilities and secrets without requiring software deployment. This is ideal for expanding visibility and compliance with minimal overhead.
– Supports agentless scanning for Windows workloads across any cloud, identifying vulnerabilities and secrets without requiring software deployment. This is ideal for expanding visibility and compliance with minimal overhead. Fleet Management – Delivers detailed visibility across large environments into agent inventory, health, and deployment status, helping teams monitor coverage and optimize cloud security.
In addition, Fortinet expands its cloud services for web applications and APIs by introducing new service bundles that include Dynamic Application Security Testing (DAST), CDN, and SoC-as-a-Service, in addition to its AI-powered zero-day threat detection, analysis, and remediation to protect web applications and APIs.
Full-Stack Protection Now Available in AWS Marketplace
Fortinet has expanded the availability of its cloud security portfolio in AWS Marketplace. This provides Amazon Web Services (AWS) customers with the ability to streamline the purchase and management of more Fortinet offerings within their AWS Marketplace account. By deploying solutions on AWS, Fortinet makes it easier for customers to deploy protection, streamline procurement, and apply AWS Enterprise Discount Program (EDP) commitments.
Services now available in AWS Marketplace include: FortiAppSec Cloud – Unified web application and API protection (WAAP) with web application firewall (WAF), bot management, API security, and DDoS mitigation
– Unified web application and API protection (WAAP) with web application firewall (WAF), bot management, API security, and DDoS mitigation FortiMail Workspace Security – End-to-end SaaS protection across email, browsers, and collaboration tools to stop advanced threats in platforms like Microsoft 365, Google Workspace, Slack, and Teams with a built-in, 24×7 managed incident response service to accelerate threat containment and lighten the load on SOC teams
– End-to-end SaaS protection across email, browsers, and collaboration tools to stop advanced threats in platforms like Microsoft 365, Google Workspace, Slack, and Teams with a built-in, 24×7 managed incident response service to accelerate threat containment and lighten the load on SOC teams FortiNDR Cloud – AI-driven threat detection optimized for distributed cloud infrastructure
– AI-driven threat detection optimized for distributed cloud infrastructure FortiSIEM – Scalable log management and incident response for complex environments
Fortinet has achieved the AWS Security Incident Response Specialization, which recognizes that Fortinet provides a streamlined incident response solution backed by AWS security response experts through AWS Security Incident Response.
The capabilities of Fortinet's specialized cloud consulting and FortiGuard Incident Response Services teams help AWS customers strengthen their cloud security posture. Fortinet Incident Response Services are now available in AWS Marketplace, offering expert support backed by deep integration with AWS and the Fortinet Security Fabric. This underscores Fortinet's commitment to supporting customers with end-to-end security expertise—from proactive risk assessments to prompt incident handling—backed by deep integration with AWS-native tools and FortiGuard threat intelligence.
A Strategic Shift toward Unified Cloud-Native Security
This launch reinforces Fortinet's commitment to simplifying cloud security by consolidating fragmented, non-integrated solutions into a unified cloud security platform. Rather than relying on isolated point products, Fortinet delivers integrated solutions across application, network, and user layers designed to streamline management and scale efficiently in any environment.
By unifying capabilities like WAAP, network detection and response (NDR), security information and event management (SIEM), cloud-native application protection platform (CNAPP), and workspace security under a single vendor and deployment model, organizations gain comprehensive cloud protection along with greater speed, cost-efficiency, and operational clarity.
For those with cloud spend commitments and desire to optimize their cloud security investments, particularly in dynamic environments, Fortinet FortiFlex offers a flexible, daily usage-based licensing model that supports rapid deployment, elastic scaling, and seamless drawdown of existing cloud commitments, helping organizations protect what they need, when they need it, while only paying for what they use.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Channel Post MEA
8 hours ago
- Channel Post MEA
Fortinet Enhances FortiRecon To Align with CTEM Framework
Fortinet has announced significant enhancements to the FortiRecon platform, evolving it into one of the industry's most comprehensive solutions aligned to the continuous threat exposure management (CTEM) framework. The latest release introduces expanded internal attack surface monitoring, adversary-centric dark web intelligence, and security orchestration, all in a single, unified platform. These enhancements help organizations proactively identify and prioritize real-world exposures, validate risks like an attacker would, and accelerate response, ultimately reducing the likelihood and impact of breaches. 'CISOs and security teams are overwhelmed by growing attack surfaces and an endless stream of unprioritized alerts. With the latest enhancements to FortiRecon, we're giving organizations an attacker's eye view of their internal and external exposures, backed by AI-powered threat intelligence from FortiGuard Labs, real-world validation, and automated response. This allows organizations to cut through the noise, focus on what matters most, and measurably reduce risks and vulnerabilities before attackers can exploit them, ' said Nirav Shah, Senior Vice President of Products and Solutions at Fortinet The announcement comes amid growing demand for exposure-driven security strategies as organizations struggle to manage expanding attack surfaces, alert fatigue, and fragmented security operations. According to Gartner®, 'By 2026, organizations prioritizing their security investments based on a continuous exposure management program will be three times less likely to suffer from a breach.'¹ A Unified Platform for Continuous Threat Exposure Management FortiRecon, in combination with its strong integration to the Fortinet AI-Driven Security Operations Center (SOC) platform, now delivers capabilities across the five pillars of the Gartner CTEM framework—scoping, discovery, prioritization, validation, and mobilization—enabling organizations to operationalize these pillars within a single, tightly integrated platform and drive coordinated remediation efforts across security and IT teams. The latest enhancements include: Attack surface management: Continuously monitors and delivers an adversary's view of the organization's internal and external digital attack surface. The latest release adds National Vulnerability Database (NVD) severity ratings, in addition to FortiRecon Active Exploitation severity ratings for faster and smarter patching. Continuously monitors and delivers an adversary's view of the organization's internal and external digital attack surface. The latest release adds National Vulnerability Database (NVD) severity ratings, in addition to FortiRecon Active Exploitation severity ratings for faster and smarter patching. Adversary-centric intelligence: Provides actionable threat insights from dark web activity, ransomware intelligence, leaked credentials, vulnerabilities being exploited in the wild, and at-risk vendors. Enhancements include bulk indicators of compromise (IOC) downloads and stealer infection details, accelerating SOC workflows, and improving breach detection. Provides actionable threat insights from dark web activity, ransomware intelligence, leaked credentials, vulnerabilities being exploited in the wild, and at-risk vendors. Enhancements include bulk indicators of compromise (IOC) downloads and stealer infection details, accelerating SOC workflows, and improving breach detection. Brand protection: Monitors for domain impersonation, rogue mobile apps, phishing campaigns, and executive targeting. FortiRecon Brand Protection uses proprietary algorithms to monitor, detect, and take down fake phishing domains, brand and executive impersonations, rogue mobile applications on multiple app stores, data leaks in code repos, open bucket exposures, and phishing campaigns, and helps protect executive online presence. Monitors for domain impersonation, rogue mobile apps, phishing campaigns, and executive targeting. FortiRecon Brand Protection uses proprietary algorithms to monitor, detect, and take down fake phishing domains, brand and executive impersonations, rogue mobile applications on multiple app stores, data leaks in code repos, open bucket exposures, and phishing campaigns, and helps protect executive online presence. Security orchestration: Leverages security orchestration and automated playbooks to investigate and respond to security threat findings. FortiRecon Security Orchestration reduces the time needed for responders to prioritize and take appropriate actions by automating and streamlining security workflows. Existing FortiFlex customers may use their FortiFlex credits to deploy FortiRecon Cloud. FortiFlex offers usage-based licensing with the security industry's broadest catalog for customers with dynamic hybrid and multi-cloud environments and MSSPs. When purchased through major cloud marketplaces, FortiFlex can also help customers meet cloud committed spend obligations.
Channel Post MEA
6 days ago
- Channel Post MEA
Fortinet Announces Expansion Of FortiCloud
Fortinet has announced a major expansion of FortiCloud, its global cloud infrastructure. The latest release introduces FortiIdentity, designed for cloud-delivered identity management for hybrid teams, and two new beta services, FortiDrive and FortiConnect, to provide enterprise-grade secure storage and protected communications. Each service is tightly integrated into the Fortinet Security Fabric, giving organizations security-native alternatives to point products often dependent on bolt-on security. 'FortiIdentity, FortiDrive, and FortiConnect, are key milestones in our vision to build a unified global cloud network that brings enterprise-grade security directly into the way teams manage access, store, share, and communicate. These new services extend the power of the Fortinet Security Fabric into everyday productivity and access control, reinforcing our strategy to simplify security operations, reduce vendor sprawl, and empower hybrid work at scale,' says Michael Xie, Founder, President, and Chief Technology Officer at Fortinet. Integrated Innovation Backed by Global Infrastructure This announcement builds on Fortinet's continued investment in its global hybrid-cloud infrastructure, including company-owned data centers in Atlanta, Chicago, New York, Plano, Frankfurt, Sydney, and Torija (Spain). These facilities are strategically designed to deliver low-latency services and support regional demand, combining compute, storage and recovery, and security capabilities. Fortinet also addresses growing data sovereignty requirements by enabling organizations to keep data local through its globally distributed infrastructure. Complementing these investments, Fortinet leverages over 160 points of presence (POPs) through providers like Google Cloud, AWS, and Digital Realty to ensure secure, high-performance delivery of edge services. Fortinet also delivers a broad range of services made available across cloud marketplaces that include AWS, Azure, and Google Cloud, enabling organizations to benefit from greater service resiliency, geographic flexibility, and seamless access to Fortinet's cloud-delivered security offerings wherever they operate. FortiCloud: Security-Native Services for the Modern Enterprise With this expansion, Fortinet furthers its strategy of delivering a unified platform that enables organizations to consolidate tools, enhance security posture, and reduce total cost of ownership. The growing FortiCloud service portfolio now includes three new security-native services designed for today's hybrid workforce: FortiIdentity : A long-established Fortinet identity and access management (IAM) solution, now delivered from FortiCloud, offers enterprises a full-featured, cloud-native approach to secure identity management. It provides secure single sign-on (SSO), multifactor authentication (MFA), FIDO2 passkeys, and identity federation across Fortinet and third-party applications without the need for additional hardware or software. With support for FortiToken Mobile, FIDO2 passkeys, and SAML/OIDC standards, FortiIdentity simplifies identity administration and scales easily to meet enterprise and MSSP requirements. The addition of FortiPAM-as-a-Service as a module of FortiIdentity provides continuous zero-trust network access (ZTNA) checks needed to protect privileged access to the IT environment. : A long-established Fortinet identity and access management (IAM) solution, now delivered from FortiCloud, offers enterprises a full-featured, cloud-native approach to secure identity management. It provides secure single sign-on (SSO), multifactor authentication (MFA), FIDO2 passkeys, and identity federation across Fortinet and third-party applications without the need for additional hardware or software. With support for FortiToken Mobile, FIDO2 passkeys, and SAML/OIDC standards, FortiIdentity simplifies identity administration and scales easily to meet enterprise and MSSP requirements. The addition of FortiPAM-as-a-Service as a module of FortiIdentity provides continuous zero-trust network access (ZTNA) checks needed to protect privileged access to the IT environment. FortiDrive : A secure file storage and collaboration solution that protects sensitive data at rest and in transit. Featuring advanced encryption and granular access controls, FortiDrive enables teams to store and manage content safely. Real-time collaboration capabilities allow users to co-edit and share files and folders with colleagues or partners. Built-in version history ensures changes are tracked and can be easily rolled back if needed. FortiDrive also includes site management functionality to help organize content by team or project, along with policy-based compliance enforcement through role-based access control and least-privilege principles. : A secure file storage and collaboration solution that protects sensitive data at rest and in transit. Featuring advanced encryption and granular access controls, FortiDrive enables teams to store and manage content safely. Real-time collaboration capabilities allow users to co-edit and share files and folders with colleagues or partners. Built-in version history ensures changes are tracked and can be easily rolled back if needed. FortiDrive also includes site management functionality to help organize content by team or project, along with policy-based compliance enforcement through role-based access control and least-privilege principles. FortiConnect: A unified communication platform that integrates seamlessly with FortiDrive, enabling secure calling, messaging, meetings, and file sharing from anywhere. It delivers an intuitive collaboration experience underpinned by FortiGuard Labs AI-powered threat intelligence, ensuring communications are protected against evolving cyberthreats. All three services are natively integrated into the Fortinet Security Fabric, providing centralized visibility, consistent policy enforcement, and real-time threat protection across users, devices, applications, data, and AI agents. Continued Global Investment Fortinet's ongoing investment in global cloud infrastructure empowers its platform strategy and commitment to delivering security with the best application experience possible, wherever customers operate. In addition to new POPs, Fortinet's hybrid-cloud model allows customers to access an expanding range of services, including FortiSASE, FortiAppSec, FortiCNAPP, FortiSOC, FortiMail, and FortiAIOps, through the FortiCloud centralized portal. Delivering Unified, Scalable Security through the FortiCloud Platform These new services delivered via FortiCloud reflect Fortinet's commitment to simplifying and securing hybrid operations with a unified, cloud-native platform. With a unified platform approach, centralized policy enforcement, and AI-powered threat intelligence, FortiCloud empowers organizations to optimize costs while reducing operational complexity, improve visibility, and protect data and users across distributed environments. Whether securing access, applications, or infrastructure, Fortinet continues to drive security transformation by making cloud security more simple, cost-effective, and natively integrated into the enterprise.
Channel Post MEA
04-08-2025
- Channel Post MEA
Paradigm Shift In Credential Stuffing Attacks: Radware Report
Radware has released a new research report—The Invisible Breach: Business Logic Manipulation and API Exploitation in Credential Stuffing Attacks. The report reveals a paradigm shift in credential stuffing attacks. It underscores a fundamental transformation from volume-based attacks leveraging a series of repeated password attempts to sophisticated, multi-stage infiltration techniques. 'To bypass traditional defenses, modern credential stuffing attacks are shifting away from traditional password-spraying techniques in favor of business logic manipulation, cross-platform device spoofing, and strategic API exploitation,' said Arik Atar, senior cyber threat intelligence researcher at Radware. 'The message for defending organizations is clear. To match this new reality, they must move beyond credential-centric controls to adopt security strategies that validate entire user journeys, correlate cross-request behavior, and detect suspicious patterns in business logic flows.' Radware's research examined 100 advanced credential stuffing configurations deployed through a well-known account takeover tool called SilverBullet. Advanced attack methodologies Business logic attacks: 94% of configurations implement four or more business logic attack elements, with 54% demonstrating advanced orchestration, using 13+ distinct techniques. API exploitation: 83% of configurations contain explicit API-targeting techniques. Multi-device spoofing: 24% of attack scripts alternate between two device types during execution, with 71% employing cross-platform transitions, primarily between iOS and Windows. Primary targets Industries: Technology/SaaS emerged as the primary target sector (27%), followed by financial services/government (16%), and the travel/airline (13%) sectors. Online tools: There is a significant shift toward high-value AI tools (44% of all technology targets), potentially exploited by spammers who engage in account cracking to create large-scale phishing content. In addition, corporate tools (30%), including Microsoft 365, OneDrive, and Outlook, are likely targets for ransomware groups pursuing initial access to organizational systems. Centralized threat landscape Concentration: 51% of the analyzed configurations, randomly collected over six months, were written by just three advanced threat actors: SVBCONFIGSMAKER, and @Magic_Ckg. Specialization: Each threat actor had over two years of operational experience in distinct areas of specialization, including AI platform authentication bypass, mobile API exploitation, and Microsoft cloud services.
