Timely and ongoing communications with our customers is a key component in our efforts to best protect and secure their organization. There are instances where confidential advance customer communications can include early warning on Advisories to enable customers to further strengthen their security posture, prior to the Advisory being publicly released to a broader audience. This process follows best practices for responsible disclosure to ensure our customers have the timely information they need to help them make informed risk-based decisions. For more on Fortinet’s responsible disclosure process, visit the Fortinet Product Security Incident Response Team (PSIRT) page: https://www.fortiguard.com/psirt_policy.
With all of the embarrassing command injections they keep getting, Fortinet should assess their SOC and incident preparedness and find compromises that may lie hidden by calling their own Security Advisory Services.
Forti SSL VPN is the new log4j
Well, that’s not good… this will be interesting to watch. We don’t currently use Fortinet products but we are looking at them for our next refresh.