Latest news with #FortiGuardLabs
Toronto Star
7 hours ago
- Business
- Toronto Star
Fortinet to Participate in Fireside Chat Hosted by Goldman Sachs
SUNNYVALE, Calif., Aug. 15, 2025 (GLOBE NEWSWIRE) — News Summary Fortinet ® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced that Ken Xie, Founder, Chairman and Chief Executive Officer, and Christiane Ohlgart, Chief Financial Officer, will participate in a virtual fireside chat hosted by Goldman Sachs on Monday, August 25, 2025 at 7:30 a.m. Pacific Time (10:30 a.m. Eastern Time). A live webcast of the conference call will be accessible from the Investor Relations page of Fortinet's website at and a replay will be archived and accessible at About Fortinet ( Fortinet (Nasdaq: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere our customers need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. Collaboration with esteemed organizations from both the public and private sectors, including Computer Emergency Response Teams (CERTS), government entities, and academia, is a fundamental aspect of Fortinet's commitment to enhance cyber resilience globally. FortiGuard Labs, Fortinet's elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at the Fortinet Blog, and FortiGuard Labs FTNT-F Copyright © 2025 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiOS, FortiGuard, FortiCare, FortiAnalyzer, FortiManager, FortiASIC, FortiClient, FortiCloud, FortiCore, FortiMail, FortiSandbox, FortiADC, FortiAgent, FortiAI, FortiAIOps, FortiAntenna, FortiAP, FortiAPCam, FortiAppSec, FortiAuthenticator, FortiBranchSASE, FortiCall, FortiCam, FortiCamera, FortiCarrier, FortiCART, FortiCASB, FortiCentral, FortiCNP, FortiConnect, FortiController, FortiConverter, FortiCSPM, FortiCWP, FortiDAST, FortiDATA, FortiDB, FortiDDoS, FortiDeceptor, FortiDeploy, FortiDevice, FortiDevSec, FortiDLP, FortiEdge, FortiEDR, FortiEndpoint, FortiExplorer, FortiExtender, FortiFirewall, FortiFlex, FortiFone, FortiGSLB, FortiGuest, FortiHypervisor, FortiInsight, FortiIsolator, FortiLAN, FortiLink, FortiMonitor, FortiNAC, FortiNDR, FortiPAM, FortiPenTest, FortiPhish, FortiPoint, FortiPoints, FortiPolicy, FortiPortal, FortiPresence, FortiProxy, FortiRecon, FortiRecorder, FortiSASE, FortiScanner, FortiSDNConnector, FortiSEC, FortiSIEM, FortiSMS, FortiSOAR, FortiSRA, FortiStack, FortiSwitch, FortiTelemetry, FortiTester, FortiToken, FortiTrust, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLM, FortiXDR, Lacework FortiCNAPP, Linksys, Intelligent Mesh, Velop, Max-Stream, Performance Perfected and SECURITY FABRIC. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments.
Channel Post MEA
2 days ago
- Business
- Channel Post MEA
Fortinet Enhances FortiRecon To Align with CTEM Framework
Fortinet has announced significant enhancements to the FortiRecon platform, evolving it into one of the industry's most comprehensive solutions aligned to the continuous threat exposure management (CTEM) framework. The latest release introduces expanded internal attack surface monitoring, adversary-centric dark web intelligence, and security orchestration, all in a single, unified platform. These enhancements help organizations proactively identify and prioritize real-world exposures, validate risks like an attacker would, and accelerate response, ultimately reducing the likelihood and impact of breaches. 'CISOs and security teams are overwhelmed by growing attack surfaces and an endless stream of unprioritized alerts. With the latest enhancements to FortiRecon, we're giving organizations an attacker's eye view of their internal and external exposures, backed by AI-powered threat intelligence from FortiGuard Labs, real-world validation, and automated response. This allows organizations to cut through the noise, focus on what matters most, and measurably reduce risks and vulnerabilities before attackers can exploit them, ' said Nirav Shah, Senior Vice President of Products and Solutions at Fortinet The announcement comes amid growing demand for exposure-driven security strategies as organizations struggle to manage expanding attack surfaces, alert fatigue, and fragmented security operations. According to Gartner®, 'By 2026, organizations prioritizing their security investments based on a continuous exposure management program will be three times less likely to suffer from a breach.'¹ A Unified Platform for Continuous Threat Exposure Management FortiRecon, in combination with its strong integration to the Fortinet AI-Driven Security Operations Center (SOC) platform, now delivers capabilities across the five pillars of the Gartner CTEM framework—scoping, discovery, prioritization, validation, and mobilization—enabling organizations to operationalize these pillars within a single, tightly integrated platform and drive coordinated remediation efforts across security and IT teams. The latest enhancements include: Attack surface management: Continuously monitors and delivers an adversary's view of the organization's internal and external digital attack surface. The latest release adds National Vulnerability Database (NVD) severity ratings, in addition to FortiRecon Active Exploitation severity ratings for faster and smarter patching. Continuously monitors and delivers an adversary's view of the organization's internal and external digital attack surface. The latest release adds National Vulnerability Database (NVD) severity ratings, in addition to FortiRecon Active Exploitation severity ratings for faster and smarter patching. Adversary-centric intelligence: Provides actionable threat insights from dark web activity, ransomware intelligence, leaked credentials, vulnerabilities being exploited in the wild, and at-risk vendors. Enhancements include bulk indicators of compromise (IOC) downloads and stealer infection details, accelerating SOC workflows, and improving breach detection. Provides actionable threat insights from dark web activity, ransomware intelligence, leaked credentials, vulnerabilities being exploited in the wild, and at-risk vendors. Enhancements include bulk indicators of compromise (IOC) downloads and stealer infection details, accelerating SOC workflows, and improving breach detection. Brand protection: Monitors for domain impersonation, rogue mobile apps, phishing campaigns, and executive targeting. FortiRecon Brand Protection uses proprietary algorithms to monitor, detect, and take down fake phishing domains, brand and executive impersonations, rogue mobile applications on multiple app stores, data leaks in code repos, open bucket exposures, and phishing campaigns, and helps protect executive online presence. Monitors for domain impersonation, rogue mobile apps, phishing campaigns, and executive targeting. FortiRecon Brand Protection uses proprietary algorithms to monitor, detect, and take down fake phishing domains, brand and executive impersonations, rogue mobile applications on multiple app stores, data leaks in code repos, open bucket exposures, and phishing campaigns, and helps protect executive online presence. Security orchestration: Leverages security orchestration and automated playbooks to investigate and respond to security threat findings. FortiRecon Security Orchestration reduces the time needed for responders to prioritize and take appropriate actions by automating and streamlining security workflows. Existing FortiFlex customers may use their FortiFlex credits to deploy FortiRecon Cloud. FortiFlex offers usage-based licensing with the security industry's broadest catalog for customers with dynamic hybrid and multi-cloud environments and MSSPs. When purchased through major cloud marketplaces, FortiFlex can also help customers meet cloud committed spend obligations.
Techday NZ
3 days ago
- Business
- Techday NZ
Fortinet upgrades FortiRecon to boost proactive cyber defences
Fortinet has introduced substantial enhancements to its FortiRecon platform, aligning it more closely with the continuous threat exposure management (CTEM) framework to bolster organisations' abilities to address evolving cybersecurity risks. The new release incorporates expanded internal attack surface monitoring, adversary-centric dark web intelligence, and security orchestration into a unified system intended to help security teams proactively identify and prioritise exposures, validate risks, and speed up response times. These features are designed to reduce the chances and impact of security breaches by mirroring an attacker's viewpoint in security assessment and response. Attack surfaces and risk prioritisation Organisations are increasingly seeking strategies that address their growing attack surfaces, rising alert volumes, and the fragmentation of security operations. According to Gartner, "By 2026, organisations prioritising their security investments based on a continuous exposure management program will be three times less likely to suffer from a breach." FortiRecon's latest update integrates with the Fortinet artificial intelligence-driven security operations centre (SOC) platform and aims to cover all five pillars of the Gartner CTEM framework: scoping, discovery, prioritisation, validation, and mobilisation. This integration is designed to facilitate coordinated remediation between IT and security teams by centralising security operations. Nirav Shah, Senior Vice President, Products and Solutions at Fortinet, commented on the challenges facing security professionals: "Chief information security officers and security teams are overwhelmed by growing attack surfaces and an endless stream of unprioritised alerts. With the latest enhancements to FortiRecon, we're giving organisations an attacker's eye view of their internal and external exposures, backed by artificial intelligence-powered threat intelligence from FortiGuard Labs, real-world validation, and automated response. This allows organisations to cut through the noise, focus on what matters most, and measurably reduce risks and vulnerabilities before attackers can exploit them." Expanded capabilities The platform's enhancements consist of several core areas: Attack surface management: FortiRecon now provides continuous monitoring and an adversary's perspective of both internal and external digital attack surfaces. New features include National Vulnerability Database severity ratings and FortiRecon Active Exploitation severity ratings to optimise patch management processes. Adversary-centric intelligence: The updated platform offers actionable threat intelligence from sources such as dark web activity, ransomware trends, leaked credentials, exploited vulnerabilities, and data on at-risk vendors. Enhancements enable bulk downloads of indicators of compromise and provide stealer infection details to support security operations centres in accelerating breach detection and incident response. Brand protection: The platform continues to monitor for threats such as domain imitation, rogue mobile applications, phishing campaigns, and executive targeting, employing proprietary detection algorithms to identify and assist in remediating those threats, as well as monitoring public code repositories and open data exposures. Security orchestration: The addition of automated playbooks for threat investigation and response streamlines remediation workflows and reduces the time required for responding to incidents. Flexible deployment and recognition Existing customers using FortiFlex are able to deploy FortiRecon Cloud via their credits under a usage-based licensing arrangement. FortiFlex supports a wide customer base, including those managing hybrid and multi-cloud environments, as well as managed security service providers. Purchases via major cloud marketplaces can also contribute towards fulfilling cloud committed spend obligations. The operational effectiveness of FortiRecon has been noted in the KuppingerCole Leadership Compass for Attack Surface Management 2025 report, where Fortinet is named as an Overall Leader, Market Leader, and Innovation Leader. The report highlights FortiRecon's capabilities within environments governed by Centre for Internet Security controls, industrial control systems, Internet of Things devices, and operational technology. Integration with the broader portfolio of Fortinet Security Fabric, such as FortiGate NGFW, FortiSOAR, FortiSIEM, and FortiDAST, was also recognised. These enhancements mark the next stage in Fortinet's efforts to assist organisations in managing continuous threat exposure and streamlining their security operations through a centralised and coordinated platform.
Hamilton Spectator
21-07-2025
- Business
- Hamilton Spectator
Fortinet Honors the Life and Contributions of Valued Board Member William H. Neukom
SUNNYVALE, Calif., July 21, 2025 (GLOBE NEWSWIRE) — Fortinet ® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced the passing of William H. 'Bill' Neukom, a distinguished member of Fortinet's Board of Directors since 2013. During his tenure, Bill provided unwavering leadership, thoughtful guidance, and mentorship that anchored the company through years of significant growth. The Fortinet Board of Directors issues the following statement: 'We are profoundly saddened by the passing of Bill Neukom. His contributions to Fortinet and to the technology industry are immeasurable, and he will be deeply missed as a friend and colleague across our entire organization. Bill embodied a combination of vision, intellect, and warmth. He brought extraordinary insight and dedication to every discussion, always rooted in integrity, accountability, and a deep commitment to people and purpose. We extend our heartfelt condolences to Bill's family, friends, and all those fortunate enough to have worked alongside him. He will be dearly missed and always remembered.' Bill's legacy extends far beyond Fortinet's boardroom, bringing a lifetime of experience, including from his time at Microsoft, where he served as the company's first general counsel, and as founder and CEO of the World Justice Project, a global nonprofit devoted to promoting the rule of law. His lifelong work elevated the importance of corporate responsibility, customer trust, and technology's role in society. His leadership, character, and contributions will remain a lasting part of Fortinet's legacy. About Fortinet ( Fortinet (Nasdaq: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere our customers need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute , one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. Collaboration with esteemed organizations from both the public and private sectors, including Computer Emergency Response Teams (CERTS), government entities, and academia, is a fundamental aspect of Fortinet's commitment to enhance cyber resilience globally. FortiGuard Labs , Fortinet's elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at , the Fortinet Blog , and FortiGuard Labs . Copyright © 2025 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiOS, FortiGuard, FortiCare, FortiAnalyzer, FortiManager, FortiASIC, FortiClient, FortiCloud, FortiMail, FortiSandbox, FortiADC, FortiAgent, FortiAI, FortiAIOps, FortiAgent, FortiAntenna, FortiAP, FortiAPCam, FortiAuthenticator, FortiCache, FortiCall, FortiCam, FortiCamera, FortiCarrier, FortiCASB, FortiCentral, FortiCNP, FortiConnect, FortiController, FortiConverter, FortiCSPM, FortiCWP, FortiDAST, FortiDB, FortiDDoS, FortiDeceptor, FortiDeploy, FortiDevSec, FortiDLP, FortiEdge, FortiEDR, FortiEndpoint FortiExplorer, FortiExtender, FortiFirewall, FortiFlex FortiFone, FortiGSLB, FortiGuest, FortiHypervisor, FortiInsight, FortiIsolator, FortiLAN, FortiLink, FortiMonitor, FortiNAC, FortiNDR, FortiPAM, FortiPenTest, FortiPhish, FortiPoint, FortiPolicy, FortiPortal, FortiPresence, FortiProxy, FortiRecon, FortiRecorder, FortiSASE, FortiScanner, FortiSDNConnector, FortiSEC, FortiSIEM, FortiSMS, FortiSOAR, FortiSRA, FortiStack, FortiSwitch, FortiTester, FortiToken, FortiTrust, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLM, FortiXDR and Lacework FortiCNAPP. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments.
IOL News
24-06-2025
- Business
- IOL News
Why passwords are no longer a fortress: rethinking security in the digital age
Most corporate password policies still rely on complexity: a combination of 12 characters, mixed case, numbers, symbols, and mandatory resets. Image: Red Ribbon Communications Doros Hadjizenonos, Regional Director at Fortinet The password is no longer a fortress in and of itself. In a landscape where attackers effortlessly bypass traditional defences, passwords have become more of a revolving door to a greater security fortress – one that needs to be built on resilience, not strength. For years, password length and complexity were the cornerstones of cyber-hygiene. Today, however, attackers are outmanoeuvring this strategy. FortiGuard Labs recorded over 100 billion stolen credentials traded on underground markets last year – a 42% surge fuelled by massive 'combo lists' harvested from past breaches. These lists enable cybercriminals to automate credential-stuffing at scale, meaning a single leaked username and password can unlock numerous corporate accounts in seconds. Doros Hadjizenonos, Regional Director at Fortinet Image: Red Ribbon Communications Video Player is loading. Play Video Play Unmute Current Time 0:00 / Duration -:- Loaded : 0% Stream Type LIVE Seek to live, currently behind live LIVE Remaining Time - 0:00 This is a modal window. Beginning of dialog window. Escape will cancel and close the window. Text Color White Black Red Green Blue Yellow Magenta Cyan Transparency Opaque Semi-Transparent Background Color Black White Red Green Blue Yellow Magenta Cyan Transparency Opaque Semi-Transparent Transparent Window Color Black White Red Green Blue Yellow Magenta Cyan Transparency Transparent Semi-Transparent Opaque Font Size 50% 75% 100% 125% 150% 175% 200% 300% 400% Text Edge Style None Raised Depressed Uniform Dropshadow Font Family Proportional Sans-Serif Monospace Sans-Serif Proportional Serif Monospace Serif Casual Script Small Caps Reset restore all settings to the default values Done Close Modal Dialog End of dialog window. Advertisement Video Player is loading. Play Video Play Unmute Current Time 0:00 / Duration -:- Loaded : 0% Stream Type LIVE Seek to live, currently behind live LIVE Remaining Time - 0:00 This is a modal window. Beginning of dialog window. Escape will cancel and close the window. Text Color White Black Red Green Blue Yellow Magenta Cyan Transparency Opaque Semi-Transparent Background Color Black White Red Green Blue Yellow Magenta Cyan Transparency Opaque Semi-Transparent Transparent Window Color Black White Red Green Blue Yellow Magenta Cyan Transparency Transparent Semi-Transparent Opaque Font Size 50% 75% 100% 125% 150% 175% 200% 300% 400% Text Edge Style None Raised Depressed Uniform Dropshadow Font Family Proportional Sans-Serif Monospace Sans-Serif Proportional Serif Monospace Serif Casual Script Small Caps Reset restore all settings to the default values Done Close Modal Dialog End of dialog window. Next Stay Close ✕ Human behaviour compounds the problem. Approximately six in ten people still reuse passwords across personal and professional accounts, while the average user juggles nearly 170 logins. It is unrealistic to expect anyone to create and remember 170 unique, complex passphrases. Faced with this cognitive overload, weak habits emerge: recycled passwords, sticky notes, and temporary credentials that persist for years. Attackers exploit this reality, primarily through phishing. Roughly 70% of stolen passwords originate from phishing campaigns, and the rise of AI-generated lures has made fraudulent emails and fake login pages nearly indistinguishable from legitimate ones. South African organisations, particularly small and medium-sized enterprises (SMEs), often lack the resources to filter every suspicious message, making them attractive targets. Complexity rules losing their punch Most corporate password policies still rely on complexity: a combination of 12 characters, mixed case, numbers, symbols, and mandatory resets. While complexity does slow brute-force cracking, its effectiveness diminishes once credentials are stolen or phished. Complexity increases the effort required for a direct attack, but it's futile against attackers who purchase valid logins on the darknet. Four priorities for South African defenders Make Multi-Factor Authentication (MFA) mandatory, everywhere. Industry studies indicate that MFA blocks over 99% of automated credential abuse. However, adoption across Africa remains around 50% and is often lower among SMEs. An organisation's security is only as robust as its weakest privileged account. Therefore, every administrator console, VPN, and SaaS dashboard must be protected by an additional security factor. Accelerate the shift to passwordless access. FIDO2 hardware keys, mobile passkeys, and platform-based biometrics cannot be replayed or phished. Organisations that pilot password-free logins typically experience a reduction in help desk calls and fewer account takeover alerts. These benefits should encourage broader adoption in South African organisations. Deploy enterprise-grade password managers . While passwordless solutions mature, most businesses operate in a hybrid environment. Password managers generate high-entropy passwords, securely autofill them, and audit reuse, while providing the governance logs increasingly required by regulators. Integrate identity intelligence into a broader security fabric. Fortinet's Continuous Threat Exposure Management (CTEM) approach correlates leaked-credential intelligence with network telemetry. This enables automated credential resets when an employee's email address appears on a combo list, preventing criminals from exploiting those credentials. Combined with AI-driven phishing protection, this approach minimises opportunities for attackers. Don't overlook the human firewall Technology alone cannot address a behavioural challenge. Fortinet's recent research reveals that 70% of South African organisations lack basic cyber-awareness training. Regular simulations that train staff to identify spoofed login pages and report suspicious messages are a cost-effective, high-impact defence layer. Leadership must champion these programmes and mitigate security fatigue by ensuring policies and training are perceived as empowering rather than punitive. Resilience and resistance Passwords will remain part of the authentication landscape for the foreseeable future, but their role is evolving. Attackers understand that breaching identity is cheaper and faster than exploiting zero-day vulnerabilities, and the darknet's thriving credential economy provides sophisticated tools to even the least skilled criminals. South African businesses that adopt ubiquitous MFA, passwordless pilots, robust vaulting, and continuous exposure management will make that economy less profitable.
