{"audience_segments":[{"id":"55","name":"Mutiny Tester 1","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"company.six_sense.domain","value":null,"comparator":"not_equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"21016cae-e39f-4cb3-a3b5-96291cfc4f40","state":"promoted","name":"Mutiny Support test","description":"Mutiny Support test","global":false,"priority":19,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/library/digital-acceleration/col/54f23701-2915-4bc2-b9e9-d3be05976049/introducing-fortios-7-6","url_query_params":{"mutinyTester":"true"},"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"63d23684-93d6-4432-a6ff-aacf98bb4333","dom_update_group_state":"active","variation_key":"f8cd41a4-d2b6-4709-be60-4ded82ef612c","variation_name":"Variation 1","dom_updates":[{"selector":"div:nth-of-type(1) \u003e div.textLayer","data":{"html_attributes":{},"styles":{},"content":"\neefefwe ","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"7ce9add2-789e-42f7-97ea-52306ec0e3ee","custom_javascript":null,"personalization_type":"modification"},{"selector":"li:nth-of-type(1) \u003e a.pf-content-card-link \u003e div:nth-of-type(2) \u003e p.pf-content-card-title","data":{"html_attributes":{},"styles":{},"content":"\n Simplify Networking and Security with Fortinet Secure SD-WAN.\n ","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"419d9155-0e13-499c-a26a-ea9dd0b88ad8","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","company.six_sense.domain"],"custom_javascript":null,"custom_css":null,"condition":null}]},{"id":"39","name":"List: Top 100 - Hybrid WF","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"account.lists[].id","value":"ef3b60fd-0e6c-4ba7-82e0-f244d5057220","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"abm_inbound_list","web_experiences":[{"id":"a2c1f7c4-9f43-444b-be6d-a288d71624f8","state":"promoted","name":"NAMER ABM Top 100 - Hybrid Workforce - Content Overlay Company Logo","description":"NAMER ABM Top 100 - Hybrid Workforce - Content Overlay Company Logo","global":false,"priority":16,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/library/hybridworkforce/col/a2da2164-e42a-49a3-b495-4dc4ee62c8af/fortinet-gartner-sase","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"1a755227-1c6e-4dba-b216-0ce5a80a5f02","dom_update_group_state":"active","variation_key":"317fc34c-3ee3-40eb-8830-b083e6c5090c","variation_name":"Variation 1","dom_updates":[{"selector":"i.fa-solid","data":{"html_attributes":{"href":"https://fortinet.com/library/hybridworkforce/"},"styles":{},"position":{"parent_selector":"div#sidebar-contents-content-page \u003e div.justify-between","index":1,"deconflictor":null},"content":"Discover more {{account.cleaned_properties.company_name}} content","custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"3fafd81c-b5f4-42ac-82ad-8b336bcaaf91","custom_javascript":null,"personalization_type":"addition"},{"selector":"nav.flex \u003e div.justify-between","data":{"html_attributes":{},"styles":{},"content":"\n \u003cdiv class=\"flex flex-wrap grow justify-center\"\u003e\n \n \n \u003ca class=\"flex items-center max-w-max\" href=\" /library/hybridworkforce \"\u003e\n \n \u003cimg id=\"pf-header-company-logo\" alt=\"Logo\" class=\"h-12 mr-3 object-cover\" src=\"https://cdn.pathfactory.com/assets/11071/logos/811328/37adabc8-8044-4f5f-9612-77085eae9c35.png\" style=\"height: {{account.properties.ftntlogosize}}px;\"\u003e\n \u003cimg src=\"{{account.properties.logo}}\" style=\"height: {{account.properties.logosize}}px;\"\u003e\n \n \u003c!--\n \u003cspan id=\"pf-header-company-name\" class=\"self-center text-lg hidden md:block font-semibold whitespace-nowrap \"\u003e\n \n \u003c/span\u003e\n --\u003e\n \u003c/a\u003e\n \n\n \u003c/div\u003e\n \u003c!--\n \u003cdiv class=\"block grow mx-4\"\u003e\n \u003cdiv class=\"menu-open\"\u003e\n \n \u003c/div\u003e\n \u003cdiv class=\"ozmenu\"\u003e\n \u003cdiv class=\"menu-close\"\u003e\n \u003ca class=\"absolute p-4 navbar-close top-5 right-3\" href=\"#\"\u003e\n \u003csvg fill=\"none\" height=\"12\" viewBox=\"0 0 12 12\" width=\"12\" xmlns=\"http://www.w3.org/2000/svg\"\u003e\n \u003cpath d=\"M6.94004 6L11.14 1.80667C11.2656 1.68113 11.3361 1.51087 11.3361 1.33333C11.3361 1.1558 11.2656 0.985537 11.14 0.860002C11.0145 0.734466 10.8442 0.66394 10.6667 0.66394C10.4892 0.66394 10.3189 0.734466 10.1934 0.860002L6.00004 5.06L1.80671 0.860002C1.68117 0.734466 1.51091 0.663941 1.33337 0.663941C1.15584 0.663941 0.985576 0.734466 0.860041 0.860002C0.734505 0.985537 0.66398 1.1558 0.66398 1.33333C0.66398 1.51087 0.734505 1.68113 0.860041 1.80667L5.06004 6L0.860041 10.1933C0.797555 10.2553 0.747959 10.329 0.714113 10.4103C0.680267 10.4915 0.662842 10.5787 0.662842 10.6667C0.662842 10.7547 0.680267 10.8418 0.714113 10.9231C0.747959 11.0043 0.797555 11.078 0.860041 11.14C0.922016 11.2025 0.99575 11.2521 1.07699 11.2859C1.15823 11.3198 1.24537 11.3372 1.33337 11.3372C1.42138 11.3372 1.50852 11.3198 1.58976 11.2859C1.671 11.2521 1.74473 11.2025 1.80671 11.14L6.00004 6.94L10.1934 11.14C10.2554 11.2025 10.3291 11.2521 10.4103 11.2859C10.4916 11.3198 10.5787 11.3372 10.6667 11.3372C10.7547 11.3372 10.8419 11.3198 10.9231 11.2859C11.0043 11.2521 11.0781 11.2025 11.14 11.14C11.2025 11.078 11.2521 11.0043 11.286 10.9231C11.3198 10.8418 11.3372 10.7547 11.3372 10.6667C11.3372 10.5787 11.3198 10.4915 11.286 10.4103C11.2521 10.329 11.2025 10.2553 11.14 10.1933L6.94004 6Z\" fill=\"#556987\"\u003e\n \u003c/path\u003e\n \u003c/svg\u003e\n \u003c/a\u003e\n \u003c/div\u003e\n \u003cul class=\"flex justify-center pf_font_preset_6 gap-8 ozmenu-nav\"\u003e\n \n \u003c/ul\u003e\n \n \u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"hidden lg:block\"\u003e\n \u003cdiv class=\"flex items-center justify-end\"\u003e\n \n \n \u003c/div\u003e\n \u003c/div\u003e\n --\u003e\n ","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"88eda506-6a33-4136-9725-9771be72e778","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["account.properties.ftntlogosize","account.properties.logo","account.properties.logosize","account.cleaned_properties.company_name","user.random","account.lists[].id"],"custom_javascript":null,"custom_css":null,"condition":{"attribute":"account.resolution_strategy.confidence_score","value":0,"and":[],"or":[],"comparator":"greater_than_or_equal","filter":null,"aggregation":null}},{"id":"a8946738-4d89-4746-929f-e13fb43c6b7a","state":"promoted","name":"NAMER ABM Top 100 - Hybrid Workforce - Company Name \u0026 Logo","description":"NAMER ABM Top 100 - Hybrid Workforce - Company Name \u0026 Logo","global":false,"priority":14,"experience_type":"render","redirect_url":null,"url_host":"fortinet.com","url_path":"/library/hybridworkforce","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"70039c33-83ed-468c-92b4-3270932f1b0d","dom_update_group_state":"active","variation_key":"2b972236-f1ca-4e0c-b877-53e0244f6b62","variation_name":"Variation 1","dom_updates":[{"selector":"div#pf-hero-heading \u003e div.pf-rte-wrapper \u003e p \u003e span","data":{"html_attributes":{},"styles":{},"content":"Simplify Hybrid Workforce Security for {{account.cleaned_properties.company_name}}","custom":false,"tag":"span","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"0556f94e-9bf0-4356-9a40-41c3953d8025","custom_javascript":null,"personalization_type":"modification"},{"selector":"nav.section-base \u003e div.justify-between","data":{"html_attributes":{},"styles":{},"content":"\r\n \u003cdiv class=\"flex flex-wrap\"\u003e\r\n \r\n \u003ca class=\"flex items-center max-w-max\" href=\" /library/hybridworkforce \"\u003e\r\n \r\n \u003cimg id=\"pf-header-company-logo\" alt=\"Logo\" class=\"h-16 mr-3 object-cover\" src=\"https://cdn.pathfactory.com/assets/11071/logos/811328/37adabc8-8044-4f5f-9612-77085eae9c35.png\" style=\"height: {{account.properties.ftntlogosize}}px;\"\u003e\r\n \u0026nbsp \u0026nbsp\r\n \u003cimg src=\"{{account.properties.logo}}\" style=\"height:{{account.properties.logosize}}px;\"\u003e \r\n \u003c!--\r\n \u003cspan id=\"pf-header-company-name\" class=\"self-center text-lg font-semibold whitespace-nowrap \"\u003e\r\n \r\n \u003c/span\u003e\r\n --\u003e\r\n \u003c/a\u003e\r\n \r\n \r\n\r\n \u003c/div\u003e\r\n \u003cdiv class=\"hidden lg:block grow mx-4\"\u003e\r\n \r\n \u003c/div\u003e\r\n \u003cdiv class=\"hidden lg:block\"\u003e\r\n \u003cdiv class=\"flex items-center justify-end\"\u003e\r\n \r\n \r\n \u003c/div\u003e\r\n \u003c/div\u003e\r\n \r\n ","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"530d8a63-44a0-49e6-ab4c-7014d783db4c","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["account.properties.ftntlogosize","account.properties.logo","account.properties.logosize","account.cleaned_properties.company_name","user.random","account.lists[].id"],"custom_javascript":null,"custom_css":null,"condition":{"attribute":"account.resolution_strategy.confidence_score","value":1,"and":[],"or":[],"comparator":"greater_than_or_equal","filter":null,"aggregation":null}}]},{"id":"68","name":"Unified SASE - POV","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"user.random","value":0,"comparator":"greater_than_or_equal","filter":null,"aggregation":null},{"attribute":"query.utm_content","value":"Unified-SASE-POV","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"8fbb90dd-9b1b-4e82-891d-c218c17fd503","state":"promoted","name":"NAMER ABM Moving Beyond Fragmented Cloud Security with Unified SASE","description":"NAMER ABM Moving Beyond Fragmented Cloud Security with Unified SASE","global":false,"priority":8,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for-you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"66bd3a07-4595-43eb-a959-c0c5ebe879ea","dom_update_group_state":"active","variation_key":"c7cba002-25af-4bdd-ba88-a3d280be4ab1","variation_name":"Variation 1","dom_updates":[{"selector":"div:nth-of-type(5) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"8849ccc1-575a-4ffd-9ac8-0fea43a7b19a","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(6) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"15124de5-6cd7-43ed-bcf9-40266a6759f8","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(7) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c6e23904-c9f7-4be9-962c-81816d8fc1ac","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.analyst-validation-label \u003e div.wrap","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"bb5144ec-6a0e-4705-89d3-aea7e4b13a7f","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(9) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"87ead05a-b5c4-44f8-8424-d4ad0c0b4581","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(11) \u003e section.cs--padding","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d0cf79a5-8da1-4dfd-b303-8919b366ba89","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(13) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"dbb17eb0-5106-4a1e-8b1f-62469f2b0abd","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section--features \u003e div.wrap","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"adb25732-5d04-4c3e-b049-b21c4c85f5ad","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(15) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4325c110-5741-406a-b6a9-1e55bdeac273","custom_javascript":null,"personalization_type":"modification"},{"selector":"nav#main-nav","data":{"html_attributes":{},"styles":{"background-image":"none"},"custom":false,"tag":"nav","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"13b93608-e158-45d3-9228-5c8d95143e32","custom_javascript":null,"personalization_type":"modification"},{"selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","data":{"html_attributes":{},"styles":{},"content":"\n \u003cdiv class=\"resources-container container\" style=\"padding-top:10px;\"\u003e\n \u003cdiv\u003e\n\u003cstyle\u003e\n body {\n font-family: Arial, sans-serif;\n font-size: 20px;\n line-height: 1.6;\n color: #333;\n margin: 0 auto;\n padding: 20px;\n max-width: 100%;\n text-align: justify;\n text-justify: inter-word;\n }\n .top-call-out {\n display: inline-block;\n text-align:left;\n padding: 30px;\n background-image: linear-gradient(rgba(144, 99, 205, 1), rgba(144, 99, 205, 0.8));\n color: #fff; \n width:60%;\n margin:20px 0px 50px 0px; \n border-radius:8px;\n font-size: 24px;\n font-weight:600; \n }\n li {\n margin-left: 20px;\n padding-left: 20px;\n }\n @media screen and (max-width: 768px) {\n body {\n font-family: Arial, sans-serif;\n font-size: 18px;\n line-height: 1.6;\n color: #333;\n margin: 0 auto;\n padding: 20px;\n max-width: 100%;\n text-align: justify;\n text-justify: inter-word;\n }\n li {\n font-size: 18px;\n margin-left: 10px;\n padding-left: 10px;\n }\n .top-call-out {\n font-size:20px;\n padding:10px;\n }\n }\n footer {\n font-size:14px;\n }\n h1, h2 {\n color: #0066cc;\n }\n h1, h2, h3 {\n text-align: left;\n }\n .executive-summary {\n background-color: #f0f0f0;\n padding: 15px;\n border-radius: 5px\n margin-top:0px;;\n }\n img {\n max-width: 100%;\n height: auto;\n }\n .figure {\n text-align: center;\n margin: 20px 0;\n }\n .figure img {\n max-width: 100%;\n height: auto;\n }\n .figure-caption {\n font-style: italic;\n margin-top: 10px;\n }\n \n\u003c/style\u003e\n \u003caside\u003e\n\u003cdiv style=\"text-align:center;\"\u003e\n \u003cdiv class=\"top-call-out\"\u003e\n \u003cp\u003e45% of new SASE deployments will be based on a single-vendor SASE offering, by 2027. \n \u003c/p\u003e\u003cp\u003eGartner \u003ca href=\"https://www.gartner.com/en/documents/4824531\" target=\"_blank\" style=\"color:white;\"\u003e\u003csup\u003e1\u003c/sup\u003e\u003c/a\u003e\u003c/p\u003e\n \u003c/div\u003e \u003c/div\u003e\n \u003c/aside\u003e\n \n \u003ch2 style=\"margin-top:0px;\"\u003eExecutive Summary\u003c/h2\u003e\n \u003cdiv class=\"executive-summary\"\u003e\n \u003cp\u003eOver the past two decades, organizations have steadily embraced the cloud as \na platform for business applications. This shift accelerated during the pandemic \nwith the broad adoption of remote work. Today, many organizations have endorsed \na hybrid approach to the workplace with branch office workers, hybrid employees, \nand on-premises workers leveraging a mix of cloud services and applications, \nprivate cloud, and the internet. \u003cbr\u003e\u003cbr\u003e\nThe combination of a hybrid workplace and a multi-cloud environment has created \na fragmented and complex cloud security infrastructure. Traditional security \napproaches cannot handle this complexity. A unified approach to cloud security \nis what’s needed to eliminate the silos created by point solutions, to simplify day-to-day management, and to offer fast diagnosis and remediation of problems.\u003cbr\u003e\u003cbr\u003e\nUnified SASE connects users to applications and the web using a unified client. \nSingle-pane-of-glass management ensures consistent network performance and \npowerful security with built-in intelligence that dynamically adapts to the needs of \na hybrid workforce. Adopting a SASE solution that is unified, flexible, and intelligent \nensures robust hybrid-work security, more operational efficiency, and a superior \ndigital experience.\u003c/p\u003e\n \u003c/div\u003e\n \u003ch3\u003eBuilding an Efficient SASE Solution\u003c/h3\u003e\n \u003cp\u003eToday, SASE solutions consolidate a wide variety of networking and security services, including cloud access security broker \n(CASB), secure web gateway (SWG), zero-trust network access (ZTNA), Firewall-as-a-Service (FWaaS), software-defined \nwide area network (SD-WAN), digital experience monitoring (DEM), and data loss prevention (DLP).\u003cbr\u003e\u003cbr\u003e\nSASE solutions secure a hybrid workforce and multi-cloud workflows and avoid the complexity of traditional security approaches. However, SASE places a substantial burden on administrators who need to master the interfaces of many different tools. Also, the thin edges of the network, including IoT and BYOD, are often unsupported, creating vulnerabilities.\u003cbr\u003e\u003cbr\u003e\nA unified SASE approach addresses these deficiencies, offering consolidated security management from the network edge \nto the cloud, a variety of deployment options, including on-premises, cloud, and hybrid, sophisticated threat detection and \nremediation using AI, and the incorporation of generative AI to simplify operations.\u003c/p\u003e\n \u003ch3\u003eSASE Must Be Unified\u003c/h3\u003e\n \u003cp\u003eToo often, network and security teams solve issues with seemingly harmless “one-off” point solutions. Unfortunately, this approach can undermine a SASE installation. \nExamples include deploying a VPN solution for remote access and installing individual \npoint products for each security service edge (SSE) feature, like SWG, CASB, and \nZTNA. This leads to inconsistency in corporate security policies and controls and a \ngap in an organization’s security posture. \u003cbr\u003e\u003cbr\u003e\nOne-off actions increase inefficiency and add to network and security complexity, \nwith the corresponding risk of security misconfigurations and troubleshooting issues. \nThat is why unification is the solution.\u003cbr\u003e\u003cbr\u003e\nA unified SASE solution, combining Secure SD-WAN and a cloud-delivered SSE from \na single vendor, simplifies security management, enhances visibility, and streamlines operations across an organization’s entire infrastructure, from the network edge to the cloud, resulting in improved user experience, faster onboarding, and reduced costs..\u003c/p\u003e\n\u003caside\u003e\n \u003cdiv style=\"text-align:center;\"\u003e\n \u003cdiv style=\"display: inline-block;\n text-align:left;\n padding: 20px 50px 20px 50px;\n background-image: linear-gradient(rgba(144, 99, 205, 1), rgba(144, 99, 205, 0.8));\n color: white; \n margin:20px 100px 0 100px; \"\u003e\n \u003cp\u003eAs large enterprises evolve \nbeyond basic connectivity \nconcerns to demand advanced \nfeatures like automation, edge \nsecurity, and easier-to-use \nservices, the SD-WAN and SASE \nvendors that meet those demands \nwill also pick up steam.\u003ca href=\"https://www.sdxcentral.com/articles/feature/6-sase-and-sd-wan-trends-to-watch/2024/01/\" target=\"_blank\" style=\"color:white;\"\u003e\u003csup\u003e2\u003c/sup\u003e\u003c/a\u003e\u003c/p\u003e\n \u003c/div\u003e\n \u003c/aside\u003e\n \u003ch3\u003eSASE Must Be Flexible\u003c/h3\u003e\n \u003cp\u003eA flexible SASE solution can effectively secure and manage a diverse, distributed network infrastructure by incorporating \nsuch features, providing robust support for modern enterprise needs. It also provides adaptable, unified security management \nacross an organization’s entire network infrastructure, regardless of location or device, supporting various deployment scopes \nand bandwidth requirements to secure users, applications, and devices everywhere..\u003c/p\u003e\n\n \u003ch3\u003eSASE Must Be Intelligent\u003c/h3\u003e\n \u003cp\u003eIn today’s threat landscape, reactive security isn’t enough. A modern SASE solution must leverage AI and GenAI to provide \nproactive, real-time threat detection and mitigation, streamline operations, and enhance overall security posture and \noperational efficiency across SD-WAN and SSE environments.\u003c/p\u003e\n\n\u003ch3\u003e Conclusion\u003c/h3\u003e\n\u003cp\u003eSASE isn’t just a solution, it’s a strategic advantage that empowers organizations to confidently embrace the future of work. \nTo thrive in today’s complex digital world, organizations must prioritize a SASE solution that is unified, flexible, and intelligent. \nThis approach ensures robust security and operational efficiency, empowering organizations to embrace the hybrid workforce \nand multi-cloud strategy without compromising on security. \nBy consolidating security functions, offering flexible deployment options, and leveraging AI-driven insights, a comprehensive \nSASE solution enables businesses to navigate the evolving threat landscape and adapt to the dynamic needs of a distributed \nworkforce. The right SASE solution empowers organizations to embrace the future of work and multi-cloud environments \nsecurely and confidently. \u003c/p\u003e\n\n \u003cdiv style=\"display:flex;margin:50px 0px 50px 0;justify-content: center;\"\u003e\n \u003cstyle\u003e\n a:link {text-decoration:none;}\n a:hover {text-decoration:none;}\n a:visited:{text-decoration:none;}\n \u003c/style\u003e\n \u003ca href=\"https://www.fortinet.com/library/hybridworkforce/\" alt=\"Visit the Fortinet SASE content portal.\" target=\"_blank\"\u003e\n \u003cdiv style=\"background-color: dc291c; color:#fff; margin: 20px; padding: 10px 20px 10px 20px; align-text:justify; border-radius:8px;\"\u003e\n \u003cp\u003eDiscover more SASE content\n\u003c/p\u003e\n\u003c/div\u003e\n\u003c/a\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a0cfcbd0-b24e-44b2-a4a2-a371bb021c6d","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section","data":{"html_attributes":{"class":"section hero product-hero","style":"background: url(\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Mutiny%2520background%2520for%2520POV.png\") 0% 0% / cover; "},"styles":{"background-image":"url(https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Mutiny-background-for-POV-21.png)"},"content":"\n\n \u003cdiv class=\"wrap\" \u003e\n \u003cdiv class=\"row banner\" \u003e\n \u003cdiv class=\"col-lg-8 col-8 col-md-12 col-sm-12\"\u003e\n \u003cdiv class=\"section-content\"\u003e\n \u003cstyle\u003e\n .text-box {\n display: inline-block;\n padding: 10px;\n background-image: linear-gradient(rgba(0, 0, 0, 0.5), rgba(0, 0, 0, 0.5));\n color: white; \n }\n .sub-head {\n margin:0px 50px 20px 20px; \n font-weight:550; \n line-height: 1.4; \n text-align:left;\n width:80%;\n }\n \u003c/style\u003e\n \u003cdiv class=\"text-box\" style=\"margin:0px 0 30px 20px;\"\u003e\n \u003ch1\u003eMoving Beyond\nFragmented\nCloud Security\nwith Unified SASE\u003c/h1\u003e\n \u003c/div\u003e\n\u003cp class=\"sub-head\"\u003e \n Discover how Fortinet Unified SASE eliminates blind spots, simplifies management, and accelerates the diagnosis and remediation of cyber security problems.\n\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \n \u003cdiv style=\"display:flex;margin:0px 0px 20px 20px;\"\u003e\n \u003cstyle\u003e\n a:link {text-decoration:none;}\n a:hover {text-decoration:none;}\n a:visited:{text-decoration:none;}\n \u003c/style\u003e\n \u003ca href=\"https://www.fortinet.com/library/hybridworkforce/\" alt=\"Visit the Fortinet SASE content portal\" target=\"_blank\"\u003e\n \u003cdiv style=\"background-color: dc291c; color:#fff; margin: 0px; padding: 0px 20px 0px 20px; align-text:justify; border-radius:8px;\"\u003e\n \u003cp\u003eRead more about Hybrid Workforce solutions \u003c/p\u003e\n\u003c/div\u003e\n\u003c/a\u003e\n \u003c/div\u003e","custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"1a75735f-0823-4634-95ba-72d8bb81509a","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","query.utm_content"],"custom_javascript":"document.title = \"Moving Beyond Fragmented Cloud Security with Unified SASE\";","custom_css":null,"condition":null},{"id":"7399f801-31ab-4202-8639-c47cd5200ebc","state":"promoted","name":"Sidepop for SASE","description":"Sidepop for SASE","global":true,"priority":1,"experience_type":"questionnaire","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for-you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":true,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"6a6141b0-cd27-4eee-a7cb-6ab1b99947df","dom_update_group_state":"active","variation_key":"6427c681-00d0-4a31-990c-d0e2f32ca7c6","variation_name":"Variation 1","dom_updates":[],"questionnaire":{"id":"5a0e3084-6a5e-4aac-bdf0-832866596e0f","config":{"primaryColor":"#2196f3"},"component_config":{"colors":{"primary":"#FFFFFF","icon_color":"#D0021B"},"styles":{"button":"border-radius: 10px; color: #da290c !important;","title":"color: white !important;","snippet":"color: white !important;"},"disable_mutiny_branding":false,"inherit_fonts":false,"success_button_theme":null,"layout":{"image_type":"none","image_url":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Citi.svg.png"},"show_at_scroll_percent":8,"open_mode":"new_tab","disable_success_message":false},"key":"b2ad303b-b42c-4283-a594-5320db995782","questionnaire_type":"fab","hold_out":1.0,"url_host":"www.fortinet.com","url_path":"/for-you","url_condition":null,"condition":null,"questions":[{"title":"Welcome!","snippet":"\u003cb\u003eLearn more about simplifying cloud security with Fortinet\u003c/b\u003e","key":"hey_adobe","question_type":"multiple_choice","question_options":[{"token":"c459a831-e093-4b3c-b1cf-d028f6f69cea","title":"link","value":"f0f0fabb-65cd-447f-98d1-3fb971a4d645","option_type":"link","input_type":null,"link":null,"success_headline":null,"success_snippet":null,"success_cta":"WATCH THE WEBINAR","success_cta_link":"https://www.fortinet.com/library/hybridworkforce?overlay_url=https%3A%2F%2Fwww.fortinet.com%2Flibrary%2Fhybridworkforce%2Fcol%2F3fa781a2-b7a3-4763-9b00-4612541056cc%2Fbpzz58v49r%3Fpflpid%3D20939%26pfsid%3DY4kFGEqx1-%26null"}],"cta":null,"cta_link":null,"fallback_success_headline":"That's awesome!","fallback_success_snippet":"See how IBM increased their efficiency by up to 30%!","fallback_success_cta":"Close","fallback_success_cta_link":"https://fortinet.com/for-you"}],"resource_type":"Questionnaire","resource_id":"5a0e3084-6a5e-4aac-bdf0-832866596e0f","priority":1,"version":2},"component_stylesheet_id":"313d129c-f5ab-4b60-90ca-6f8aac09eee5","data_dependencies":["user.random","query.utm_content"],"custom_javascript":"function addStylesheet(content) {\r\n const stylesheet = document.createElement(\"style\");\r\n stylesheet.innerHTML = content;\r\n document.body.appendChild(stylesheet);\r\n}\r\n\r\naddStylesheet(`\r\n /*Change background color*/\r\n .mutiny-sidepop div[class^=\"popupBackground\"] {\r\n background-color: red;\r\n }\r\n\r\n/* Anchor button styles */\r\n.mutiny-sidepop .mutiny-sidepop-button {\r\n background-color: red !important;\r\n color: red !important;\r\n}\r\n`);","custom_css":null,"condition":null}]},{"id":"104","name":"Stitch","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"query.utm_content","value":"2025MQSSE","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"8fbe5fa8-0083-4c4f-9455-bd65e7f50787","state":"promoted","name":"NAMER ABM 2025 Gartner MQ SSE","description":"NAMER ABM 2025 Gartner MQ SSE","global":false,"priority":5,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for_you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"fefc3743-5800-40e7-8a05-7ec9fd324c0d","dom_update_group_state":"active","variation_key":"3017d1dc-56dc-4f96-af20-888e910ae33b","variation_name":"Variation 1","dom_updates":[{"selector":"section:nth-of-type(4)","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"37f39bc1-1fcf-40ec-88bc-b7b0c5527efd","custom_javascript":null,"personalization_type":"modification"},{"selector":"section:nth-of-type(5)","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ea185423-b456-4e56-95ac-abaf4ddfa035","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.partners","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"3ac3b5e5-a24a-42a1-9e25-13f7386b49b5","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.product-video","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"afc4c694-79c6-498a-a106-e37712e58382","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.featured-videos","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"93445378-5570-409c-80a6-89c7fac1c6a8","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.account-team","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ed9e2949-4563-4327-8418-34b0e6a8dbe6","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.be-related-link-container","data":{"html_attributes":{},"styles":{"background-color":"#E6E6E6"},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"44ff4fc3-e67a-48b1-84eb-37e3fd926582","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.be-ix-link-block","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"b9be24db-c2fb-4a06-9dbc-6e2dfd3989ae","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.hero-banner","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"058f4765-985e-43c0-b5f4-a6c77ac300fe","custom_javascript":null,"personalization_type":"modification"},{"selector":"nav#top-nav","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"nav","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4665b79d-30ed-404a-b69f-4ff7b9567e19","custom_javascript":null,"personalization_type":"modification"},{"selector":"footer#footer","data":{"html_attributes":{},"styles":{},"content":"\n \n \u003cdiv class=\"footer-row copyrights\"\u003e\n \u003cdiv class=\"container\"\u003e\n \n\n\n\n\n \n \n \u003cdiv class=\"C804-Footer-Logo\"\u003e\n\n\n\u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"logo-section__official\"\u003e\n \u003cdiv class=\"footer-logo\"\u003e\n \u003ca href=\"https://www.fortinet.com/\" aria-label=\"Fortinet\"\u003e\n \u003cimg class=\"lozad\" src=\"https://www.fortinet.com/content/dam/fortinet/images/general/fortinet-footer-logo.svg\" data-src=\"https://www.fortinet.com/content/dam/fortinet/images/general/fortinet-footer-logo.svg\" alt=\"Fortinet\" width=\"194\" height=\"23\" data-loaded=\"true\"\u003e\n \u003c/a\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"logo-section__partner\"\u003e\n \u003cdiv class=\"partner-logo\"\u003e\n \u003ca href=\"https://www.fortinet.com/romain-attanasio\" target=\"_self\" aria-label=\"Romain Attanasio\"\u003e\n \u003cimg class=\"lozad\" data-src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/roman-attanasio-partnership-logo.jpg\" alt=\"Romain Attanasio\" src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/roman-attanasio-partnership-logo.jpg\" data-loaded=\"true\"\u003e\n \u003c/a\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"partner-logo\"\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2024/juventus-football-club-annouces-fortinet-as-its-official-cybersecurity-partner\" target=\"_self\" aria-label=\"Fortinet Juventus Partnership\"\u003e\n \u003cimg class=\"lozad\" data-src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/logo-ftnt-juventus.png\" alt=\"Fortinet Juventus Partnership\" src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/logo-ftnt-juventus.png\" data-loaded=\"true\"\u003e\n \u003c/a\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"partner-logo\"\u003e\n \u003ca href=\"https://www.fortinet.com/fortinet-cup-americas\" target=\"_self\" aria-label=\"Fortinet Cup - PGA Americas\"\u003e\n \u003cimg class=\"lozad\" data-src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/logo-ftnt-pga-americas.png\" alt=\"Fortinet Cup - PGA Americas\" src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/logo-ftnt-pga-americas.png\" data-loaded=\"true\"\u003e\n \u003c/a\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"partner-logo\"\u003e\n \u003ca href=\"https://www.fortinet.com/dp-world-tour\" target=\"_self\" aria-label=\"Fortinet European Tour Partnership\"\u003e\n \u003cimg class=\"lozad\" data-src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/logo-ftnt-european-tour.png\" alt=\"Fortinet European Tour Partnership\" src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/logo-ftnt-european-tour.png\" data-loaded=\"true\"\u003e\n \u003c/a\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\n\n \n \n \u003cdiv class=\"C805-Footer-Text\"\u003e\n\u003cdiv class=\"row\"\u003e\n \n \u003cdiv class=\"copyright\"\u003e\n \u003cdiv class=\"col-md-12\"\u003e\n \n \u003cp\u003eCopyright © 2025 Fortinet, Inc. All Rights Reserved.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \n\u003c/div\u003e\n\n\n\u003c/div\u003e\n\n\n \n \n \u003cdiv class=\"footer-links-list\"\u003e\n\n\n\n \n \n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"container\"\u003e\n \u003cnav class=\"nav bottom-nav\"\u003e\n \u003cul\u003e\n \u003cli\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/legal\" target=\"_self\"\u003e\n Terms of Service\n \u003c/a\u003e\n \u003c/li\u003e\n \n \n \u003cli\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/privacy\" target=\"_self\"\u003e\n Privacy Policy\n \u003c/a\u003e\n \u003c/li\u003e\n \n \n \u003cli\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/privacy#npr-ca\" target=\"_self\"\u003e\n Notice for California Residents\n \u003c/a\u003e\n \u003c/li\u003e\n \n \n \u003cli\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/privacy/individual-rights\" target=\"_self\"\u003e\n Do Not Sell Or Share My Personal Information\n \u003c/a\u003e\n \u003c/li\u003e\n \n \n \u003cli\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/gdpr\" target=\"_self\"\u003e\n GDPR\n \u003c/a\u003e\n \u003c/li\u003e\n \n \n \u003cli\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/canadian-accessibility\" target=\"_self\"\u003e\n Canadian Accessibility\n \u003c/a\u003e\n \u003c/li\u003e\n \n \n \n \u003cli\u003e\n \u003ca href=\"#\" onclick=\"Optanon.ToggleInfoDisplay()\"\u003e\n Cookie Settings\n \u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/nav\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n\n\n\u003c/div\u003e\n\n\n\n \u003c/div\u003e\n \u003c/div\u003e\n","custom":false,"tag":"footer","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"bc275f5b-9595-44fd-ad32-793870437b01","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.featured-assets \u003e div.new-container \u003e h2.section-title","data":{"html_attributes":{},"styles":{},"content":"Related Content","custom":false,"tag":"h2","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4fad363c-53fb-4217-896c-61bb52490235","custom_javascript":null,"personalization_type":"modification"},{"selector":"a:nth-of-type(2) \u003e img.card-image","data":{"html_attributes":{"src":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/2025%2520Threat%2520Landscape%2520Report2.jpg","srcset":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/2025%2520Threat%2520Landscape%2520Report2.jpg"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"bffa1a2f-de48-49cb-be3d-4b9f009df380","custom_javascript":null,"personalization_type":"modification"},{"selector":"a:nth-of-type(3) \u003e img.card-image","data":{"html_attributes":{"src":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Unified%2520SASE%2520Success%2520Stories.png","srcset":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Unified%2520SASE%2520Success%2520Stories.png"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"35cf033b-a010-4ca2-b228-f2906aec0047","custom_javascript":null,"personalization_type":"modification"},{"selector":"a:nth-of-type(3) \u003e div.card-body \u003e h3.card-title","data":{"html_attributes":{},"styles":{},"content":"Unified SASE Success Stories","custom":false,"tag":"h3","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4952aa3b-f85a-4988-97ec-8c6fce2d6dea","custom_javascript":null,"personalization_type":"modification"},{"selector":"div[class*=\"grid\"] \u003e a:nth-of-type(3)","data":{"html_attributes":{"href":"https://www.fortinet.com/content/dam/fortinet/assets/ebook/eb-sase-customer-stories.pdf"},"styles":{},"custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"64c5afdb-64bf-4bd1-b109-5ad3567ad384","custom_javascript":null,"personalization_type":"modification"},{"selector":"a:nth-of-type(3) \u003e div.card-body \u003e p.card-text","data":{"html_attributes":{},"styles":{},"content":"Designed for today’s mobile, cloud-connected users, SASE converges security service edge (SSE) with SD-WAN to ensure secure and seamless access to data and applications from any device, anywhere.","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"703fdd37-359d-4d7f-946e-540aa0da70e9","custom_javascript":null,"personalization_type":"modification"},{"selector":"a.btn-CTA","data":{"html_attributes":{"href":"https://global.fortinet.com/lp-en-cp-security-expert-ws?lsci=701Hr000001lgrwIAA"},"styles":{},"content":"Meet with Fortinet","custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"62d3c4af-1cd5-4398-b89d-4175d2eaf8f8","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div:nth-of-type(1) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"77206e6f-1c9e-4cf3-b6c6-0d6e3e7cefb1","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div:nth-of-type(3) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e3874a91-c559-4918-9e87-c7ba61cb1c4d","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div:nth-of-type(3) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9846689c-4ee1-4895-bfe7-b56d1ac246c5","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div:nth-of-type(2) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"5db0d133-3c7e-404c-ba30-e726008f59c9","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div:nth-of-type(1) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"43290835-7c81-43fd-bd77-659900ea6c04","custom_javascript":null,"personalization_type":"modification"},{"selector":"a:nth-of-type(2) \u003e div.card-body \u003e h3.card-title","data":{"html_attributes":{"style":"margin-top:0px;"},"styles":{},"content":"Global Threat Landscape Report, 2025","custom":false,"tag":"h3","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"485d7ed5-48db-4429-b4c6-24f58a8efc6e","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.paragraph-and-header","data":{"html_attributes":{},"styles":{},"content":"\u003cstyle\u003e\n /* ---- NOTE ----*/\n /* These variables contain the colors used in this themse. If you want to adjust the colors, change here not in the CSS. */\n\nsection {\n --highlight-color: #2cccd3;\n --link-hover-color: #acccf3;\n --link-visited-color: #2666b5;\n --link-active-color: #5999e8 ;\n --dark-background-color: #2d2d2d;\n --second-dark-background-color: #0e2643;\n --FTNT-red: #da201c;\n --text-on-light: #333;\n --text-on-dark: #fff;\n --cta-text: #fff;\n --cta-alt-text: #da291c;\n}\n * {\n margin: 0;\n padding: 0;\n box-sizing: border-box;\n }\n body {\n font-family: 'Inter', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;\n background: #f0f0f0;\n margin: 0;\n padding: 0;\n }\n\n .head-band {\n background: var(--highlight-color);\n height: 100px;\n width: 100%;\n display: flex;\n align-items: center;\n position: relative;\n }\n\n .head-band-content {\n max-width: 1000px;\n margin: 0 auto;\n width: 100%;\n padding: 0 20px;\n display: flex;\n justify-content: flex-start;\n }\n\n .black-rectangle {\n background: var(--dark-background-color);\n color: var(--text-on-dark);\n padding: 15px 25px;\n border-radius: 2px;\n font-size: 1.2rem;\n font-weight: bold;\n display: inline-block;\n margin-left: -25px;\n }\n\n .hero-section {\n background: white;\n padding: 40px 0;\n }\n\n .hero-container {\n max-width: 1000px;\n margin: 0 auto;\n padding: 0 20px;\n display: flex;\n align-items: top;\n gap: 10px;\n }\n\n .hero-text {\n flex: 1;\n }\n\n .hero-text h1 {\n font-size: 2.5rem;\n color: var(--text-on-light);\n margin-bottom: 20px;\n line-height: 1.2;\n }\n\n .hero-text p {\n font-size: 1.1rem;\n color: var(--text-on-light);\n line-height: 1.6;\n margin-bottom: 15px;\n }\n\n .hero-image {\n width: 50%;\n display: flex;\n align-items: center;\n justify-content: center;\n flex-shrink: 0;\n }\n\n .hero-image img {\n max-width: 100%;\n height: auto;\n }\n\n .main-content {\n background: var(--dark-background-color);\n padding: 40px 20px;\n }\n\n .container-new {\n max-width: 1000px;\n margin: 0 auto;\n background: var(--dark-background-color);\n border-radius: 5px;\n padding: 30px 20px;\n box-shadow: 0 20px 40px rgba(0, 0, 0, 0.1);\n }\n\n /* CSS-only tabs using radio buttons */\n .tab-input {\n display: none;\n }\n\n .intro-text {\n font-size: 1.8rem;\n line-height:2.6rem;\n font-weight: bold;\n color: var(--text-on-dark);\n margin-bottom: 52px;\n }\n\n .icon-row {\n display: grid;\n grid-template-columns: repeat(4, 1fr);\n gap: 20px;\n margin-bottom: 30px;\n margin-left: -22px;\n }\n\n .icon-item {\n text-align: center;\n cursor: pointer;\n padding: 20px;\n transition: all 0.3s ease;\n display: flex;\n flex-direction: column;\n align-items: center;\n justify-content: center;\n }\n\n .icon-item:hover {\n transform: translateY(-20px);\n }\n\n .icon {\n margin-bottom: 20px;\n transition: color 0.3s ease;\n width: 50%;\n display: flex;\n align-items: center;\n justify-content: center;\n }\n\n .icon-item:hover .icon {\n color: var(--highlight-color);\n }\n\n .icon-desc {\n font-size: 1.2rem;\n font-weight: 600;\n color: var(--text-on-dark);\n transition: color 0.3s ease;\n text-align: center;\n width: 100%;\n }\n\n .icon-item:hover .icon-desc {\n color: var(--highlight-color);\n }\n\n /* ACTIVE STATE - High specificity with !important */\n #tab-analytics:checked ~ .icon-row label[for=\"tab-analytics\"],\n #tab-users:checked ~ .icon-row label[for=\"tab-users\"], \n #tab-revenue:checked ~ .icon-row label[for=\"tab-revenue\"],\n #tab-settings:checked ~ .icon-row label[for=\"tab-settings\"] {\n background: var(--dark-background-color) !important;\n color: var(--text-on-dark) !important;\n transform: translateY(-3px) !important;\n border-color: #fff !important;\n }\n\n #tab-analytics:checked ~ .icon-row label[for=\"tab-analytics\"] .icon-desc,\n #tab-users:checked ~ .icon-row label[for=\"tab-users\"] .icon-desc,\n #tab-revenue:checked ~ .icon-row label[for=\"tab-revenue\"] .icon-desc, \n #tab-settings:checked ~ .icon-row label[for=\"tab-settings\"] .icon-desc {\n color: var(--highlight-color) !important;\n }\n\n .content-panel {\n background: var(--dark-background-color);\n border-radius: 0px;\n padding: 30px;\n min-height: 250px;\n position: relative;\n overflow: hidden;\n }\n\n .panel-content {\n display: none;\n animation: fadeIn 0.5s ease-in-out;\n }\n\n /* Show panel when corresponding radio button is checked */\n #tab-analytics:checked ~ .content-panel #analytics,\n #tab-users:checked ~ .content-panel #users,\n #tab-revenue:checked ~ .content-panel #revenue,\n #tab-settings:checked ~ .content-panel #settings {\n display: block;\n }\n\n @keyframes fadeIn {\n from { opacity: 0; transform: translateY(20px); }\n to { opacity: 1; transform: translateY(0); }\n }\n\n .panel-title {\n font-size: 1.8rem;\n font-weight: bold;\n color: var(--text-on-dark);\n margin-bottom: 15px;\n border-bottom: 1px solid #fff;\n padding-bottom: 10px;\n }\n\n .panel-text p {\n font-size: 1rem;\n line-height: 1.4rem;\n color: var(--text-on-dark);\n margin-bottom: 20px;\n }\n\n .panel-text h2 {\n color: var(--highlight-color);\n margin: 20px 0 10px 0;\n font-size: 1.4rem;\n }\n\n .panel-text h3 {\n color: var(--highlight-color);\n margin: 15px 0 10px 0;\n font-size: 1.1rem;\n }\n\n .panel-text ul {\n margin: 10px 0;\n padding-left: 30px;\n color:var(--text-on-dark);\n }\n\n .panel-text li {\n margin-bottom: 8px;\n }\n/* Base link style */\n.panel-text a {\n color: var(--link-active-color) !important; \n text-decoration: underline !important;\n text-decoration-color: var(--link-active-color) !important; \n transition: color 0.2s, text-decoration-color 0.2s; \n}\n\n/* Hover state */\n.panel-text a:hover {\n color: var(--link-hover-color) !important; \n text-decoration-color: var(--link-hover-color) !important;\n}\n\n/* Visited links */\n.panel-text a:visited {\n color: var(--link-visited-color) !important;\n text-decoration-color: var(--link-visited-color) !important; \n}\n\n/* Active (clicked) state */\n.panel-text a:active {\n color: var(--link-active-color) !important;\n text-decoration-color: var(--link-active-color) !important; \n}\n\n .conclusion-section {\n background: white;\n padding: 40px 0;\n }\n\n .conclusion-container {\n max-width: 1000px;\n margin: 0 auto;\n padding: 0 20px;\n }\n\n .conclusion-container h1 {\n font-size: 2.5rem;\n color: var(--text-on-light);\n margin-bottom: 20px;\n line-height: 1.2;\n }\n\n .conclusion-container p {\n font-size: 1.1rem;\n color: var(--text-on-light);\n line-height: 1.6;\n margin-bottom: 15px;\n }\n\n .cta {\n cursor: pointer;\n font-size: 1.2rem;\n border-radius: 5px; \n color: var(--cta-text);\n text-align:center; \n margin:20px auto 0px auto; \n padding: 10px;\n width:60%;\n background-color: var(--FTNT-red);\n transition: all 0.3s ease;\n }\n .cta:hover {\n transform: translateY(-5px);\n box-shadow: 0 5px 25px rgba(0, 0, 0, 0.15);\n border-color: #fff;\n color: var(--cta-alt-text);\n background-color: var(--highlight-color);\n }\n\n\n /* Mobile Responsive Design */\n @media (max-width: 768px) {\n .orange-band-content {\n padding: 0 15px;\n }\n \n .black-rectangle {\n font-size: 1rem;\n padding: 12px 20px;\n }\n \n .hero-container {\n flex-direction: column;\n gap: 20px;\n text-align: center;\n }\n \n .hero-text h1 {\n font-size: 2rem;\n }\n \n .hero-image {\n width: 100%;\n }\n \n .main-content {\n padding: 20px 15px;\n }\n \n .container-new {\n padding: 20px;\n }\n \n .icon-row {\n grid-template-columns: 1fr;\n gap: 15px;\n margin-bottom: 20px;\n }\n \n .icon-item {\n display: flex;\n align-items: center;\n text-align: left;\n padding: 15px;\n }\n \n .icon {\n margin-right: 15px;\n margin-bottom: 0;\n min-width: 50px;\n }\n \n .icon-desc {\n font-size: 1rem;\n }\n \n .content-panel {\n padding: 20px;\n min-height: 200px;\n }\n \n .panel-title {\n font-size: 1.5rem;\n }\n }\n \n @media (max-width: 480px) {\n .black-rectangle {\n font-size: 0.9rem;\n padding: 10px 15px;\n }\n \n .hero-text h1 {\n font-size: 1.8rem;\n }\n \n .hero-text p {\n font-size: 1rem;\n }\n \n .container-new {\n padding: 15px;\n margin: 10px;\n }\n \n .icon-row {\n grid-template-columns: 1fr 1fr;\n gap: 10px;\n margin-left: 0;\n }\n \n .icon-item {\n display: flex;\n flex-direction: column;\n align-items: center;\n text-align: center;\n padding: 10px 5px;\n }\n \n .icon {\n margin-right: 0;\n margin-bottom: 8px;\n min-width: auto;\n width: 40px;\n height: 40px;\n }\n \n .icon-desc {\n font-size: 0.85rem;\n line-height: 1.2;\n }\n \n .panel-title {\n font-size: 1.3rem;\n }\n \n .panel-text {\n font-size: 0.9rem;\n }\n }\n \u003c/style\u003e\n\n \u003cdiv class=\"head-band\"\u003e\n \u003cdiv class=\"head-band-content\"\u003e\n \u003cdiv class=\"black-rectangle\"\u003e\n 2025 Gartner\u0026reg; Magic Quadrant\u0026trade; Security Service Edge (SSE)\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"hero-section\"\u003e\n \u003cdiv class=\"hero-container\"\u003e\n \u003cdiv class=\"hero-text\"\u003e\n \u003ch1\u003eMoving Up and to the Right\u003c/h1\u003e\n \u003cp\u003eIn the most recent Magic Quadrant\u0026trade; for Security Service Edge from Gartner\u0026reg;, FortiSASE was recognized as a Challenger for the second year in a row, moving further up and to the right. FortiSASE is the cloud-delivered component of Fortinet's ground-breaking Unified SASE solution. \u003c/p\u003e\n \u003cp\u003eFortiSASE is also the only solution to be recognized as a Customer Choice in Gartner's Peer Insights™ Voice of the Customer report for security service edge (SSE).\u003c/p\u003e\n \n \u003cdiv class=\"cta\"\u003e\n Download the report\n \u003c/div\u003e \n \u003c/div\u003e\n \u003cdiv class=\"hero-image\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/MQ_for_SSE_dot.png\" alt=\"Gartner Magic Quadrant\"\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \u003cdiv class=\"main-content\"\u003e\n \u003cdiv class=\"container-new\"\u003e\n \u003c!-- Hidden radio buttons for CSS-only tabs --\u003e\n \u003cinput type=\"radio\" id=\"tab-analytics\" name=\"tabs\" class=\"tab-input\" checked\u003e\n \u003cinput type=\"radio\" id=\"tab-users\" name=\"tabs\" class=\"tab-input\"\u003e\n \u003cinput type=\"radio\" id=\"tab-revenue\" name=\"tabs\" class=\"tab-input\"\u003e\n \u003cinput type=\"radio\" id=\"tab-settings\" name=\"tabs\" class=\"tab-input\"\u003e\n\n \u003cdiv class=\"intro-text\"\u003e\n Fortinet FortiSASE has achieved the highest triple A (\"AAA\") rating in independent 3rd party security testing by CyberRatings.org.\n \u003c/div\u003e\n\n \u003cdiv class=\"icon-row\"\u003e\n \u003clabel for=\"tab-analytics\" class=\"icon-item\"\u003e\n \u003cdiv class=\"icon\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/quadrant.svg\"\u003e\n \u003c/div\u003e\n \u003cdiv class=\"icon-desc\"\u003eThe Challenger Quadrant\u003c/div\u003e\n \u003c/label\u003e\n \u003clabel for=\"tab-users\" class=\"icon-item\"\u003e\n \u003cdiv class=\"icon\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/FortiSASE-white.svg\"\u003e\n \u003c/div\u003e\n \u003cdiv class=\"icon-desc\"\u003eAbout \u003cbr\u003eFortiSASE\u003c/div\u003e\n \u003c/label\u003e\n \u003clabel for=\"tab-revenue\" class=\"icon-item\"\u003e\n \u003cdiv class=\"icon\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/FortiGuard-white.svg\"\u003e\n \u003c/div\u003e\n \u003cdiv class=\"icon-desc\"\u003eIntegrated Threat Intelligence\u003c/div\u003e\n \u003c/label\u003e\n \u003clabel for=\"tab-settings\" class=\"icon-item\"\u003e\n \u003cdiv class=\"icon\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Unified-SASE-white.svg\"\u003e\n \u003c/div\u003e\n \u003cdiv class=\"icon-desc\"\u003eSingle-Vendor Unified SASE\u003c/div\u003e\n \u003c/label\u003e\n \u003c/div\u003e\n\n \u003cdiv class=\"content-panel\"\u003e\n \u003cdiv class=\"panel-content\" id=\"analytics\"\u003e\n \u003cdiv class=\"panel-title\"\u003e2025 Gartner\u0026reg; Magic Quadrant\u0026trade; for Security Service Edge\u003c/div\u003e\n \u003cdiv class=\"panel-text\"\u003e\n \u003cp\u003eThe following is a summary from the Gartner report. \u003c/p\u003e\u003cp\u003eGartner defines security service edge (SSE) solutions as offering secures access to the web, cloud services and private applications regardless of tuser, device, and application location. SSE solutions protect users from malicious and inappropriate content on the web and enhance security and visibility for end-user applications.\u003c/p\u003e\n \u003cp\u003eSSE solutions are primarily cloud-delivered. Their security capabilities include: adaptive access based on identity and context, malware protection, data security and threat prevention, with associated analytics and visibility. SSE enables direct connectivity for hybrid users reducing latency and improving the user experience. \u003c/p\u003e\n \u003ch2\u003eFortinet Recognized as a Challenger\u003c/h2\u003e\n \u003cp\u003eFortinet is positioned as a Challenger in the 2025 Magic Quadrant for SSE. Our SSE solution, FortiSASE, integrates SSE and a separate API CASB, FortiCASB. We provide a geographically diverse range of POPs, both Fortinet-owned and operated and POPs on Google Cloud. Customers can combine infrastructures to increase acccessibility\u003c/p\u003e\n \u003cp\u003eGartner point out that many of our SSE clients are existing firewall and SD-WAN customers, from a wide range of industries and companies of all sizes. We also offer agentless ZTNA and recently introduced a unified agent for endpoint protection and SSE.\u003c/p\u003e\n \u003ch2\u003eGartner's Assessment of Fortinet and FortiSASE Strengths\u003c/h2\u003e\n \u003cul\u003e\n \u003cli\u003eGartner acknowledge that we are a large and well-funded vendor with a strong customer base and have committed to growing our SSE offering and market share.\u003c/li\u003e\n \u003cli\u003eWe have a large existing customer base and anticipate expanding our presence in the SSE market through dedicated customer focus\u003c/li\u003e\n \u003cli\u003eGartner assesses our pricing as highly competitive. \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \u003cdiv class=\"panel-content\" id=\"users\"\u003e\n \u003cdiv class=\"panel-title\"\u003eFortiSASE\u003c/div\u003e\n \u003cdiv class=\"panel-text\"\u003e\n \u003cp\u003eFortiSASE is Fortinet's highly scalable cloud-delivered security service edge (SSE) solution for the hybrid workforce. It empowers organizations to grant per-user and per-session secure access to web, cloud, and applications regardless of where they have been deployed.\u003c/p\u003e\n \u003cp\u003eFortiSASE provides fully integrated enterprise-grade security ensuring the same level of protection, visibility, and user experience is extended to every user, anywhere.\u003c/p\u003e\n \u003cp\u003eFortiSASE has achieved a triple A (\"AAA\") rating from the independent third-party rating organization, CyberRatings.org. In their report, the ratings org noted:\u003c/p\u003e\n \u003cp style=\"padding:20px 20px; 0px 20px;\"\u003e\"Fortinet Secure Access Service Edge provides a robust security posture with minimal impact on network performance. Its high threat prevention rates, comprehensive TLS/SSL functionality, and efficient handling of encrypted traffic make it a strong contender for organizations seeking to secure their network and users in today's threat landscape.\"\u003c/p\u003e\n \u003cp\u003eFor more on Fortinet's SSE solution, see the \u003ca href=\"https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/fortisase.pdf\" target=\"_blank\"\u003eFortiSASE data sheet.\u003c/a\u003e\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \u003cdiv class=\"panel-content\" id=\"revenue\"\u003e\n \u003cdiv class=\"panel-title\"\u003eFortiGuard and Threat Intelligence\u003c/div\u003e\n \u003cdiv class=\"panel-text\"\u003e\n \u003cp\u003eFortiGuard AI-Powered Security Services integrate with security solutions across Fortinet's broad portfolio to provide market-leading security capabilities and protect applications, content, web traffic, devices, and users located anywhere. Our security services counter threats in real time with ML-powered, coordinated protection. They are natively integrated into the Fortinet Security Fabric, enabling fast detection and enforcement across the entire attack surface.\u003c/p\u003e\n \u003cp\u003eIn 2024, FortiGuard Labs processed and blocked 3.1 trillion attack attempts and prevented 2.5 billion malware deliveries to safeguard its customers. FortiGuard Labs is committed to providing unique insights into cybersecurity trends impacting individuals, businesses, and nations. Every day, we process over 78 trillion security signals across networks, the cloud, and various FortiGuard services and products, helping us detect emerging threats and evolving attack techniques.\u003c/p\u003e\n \u003cp\u003eIn addition to over 1,000 threat analysts, incident responders, AI engineers, and data analysts, FortiGuard Labs works with a globally diverse group cybersecurity and intelligence sharing organizations including Cyber Threat Alliance, MITRE Engenuity's Center for Threat-Informed Defense, and INTERPOL.\u003c/p\u003e\n \u003cp\u003eFor more detail on Fortinet security services view the \u003ca href=\"https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/og-fortiguard.pdf\" target=\"_blank\"\u003eFortiGuard Labs subscriptions and bundles buying guide.\u003c/a\u003e\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \u003cdiv class=\"panel-content\" id=\"settings\"\u003e\n \u003cdiv class=\"panel-title\"\u003eFortinet Unified SASE\u003c/div\u003e\n \u003cdiv class=\"panel-text\"\u003e\n \u003cp\u003eFortinet Unified SASE is part of the Fortinet Security Fabric and a fast-growing, unified, flexible, and intelligent SASE solution. It delivers secure access to applications and web resources for remote users and secures applications and data on any cloud.\u003c/p\u003e\n \u003cp\u003eUnified SASE secures the hybrid workforce with robust AI-powered threat protection. Unified SASE offers comprehensive networking and security functionality such as Universal ZTNA, Secure SD-WAN, Firewall-as-a-Service, SWG, and CASB/DLP. It also delivers strong data visibility, control, and integrated advanced analytics and DEM for quick threat response. Simplified interfaces and AI-driven assistance tools reduce operational overhead, while flexible deployment options and a large network of more than 140 global POPs ensure policy enforcement is close to users, meeting compliance and performance needs.\u003c/p\u003e\n \u003ch3\u003eA Single-Vendor SASE Solution\u003c/h3\u003e\n \u003cp\u003eUnified SASE integrates remote cloud access and SD-WAN to provide a single-vendor SASE solution. All SASE components integrate into a common architecture and use a single operating system. This unprecedented level of unification ensures operational efficiency and eliminates the complexity found in fragmented multi-vendor approaches. With over 140 global SASE locations, our solution secures remote access and protects networks, applications, data (on any cloud), network edges, IoT/OT, and thin edges.\u003c/p\u003e\n \u003cp\u003eFor more information about Unified SASE, download the \u003ca href=\"https://www.fortinet.com/content/dam/fortinet/assets/solution-guides/sb-fortisase-cloud-delivered-securtiy-to-every-user.pdf\" target=\"_blank\"\u003eUnified SASE solution brief.\u003c/a\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \u003cdiv class=\"conclusion-section\"\u003e\n \u003cdiv class=\"conclusion-container\"\u003e\n \u003ch1\u003eConclusion\u003c/h1\u003e\n \u003cp\u003eFortinet is recognized as the only Challenger in Gartner's 2025 Magic Quadrant for Security Service Edge, and we believe this demonstrates our strong momentum, innovation, and growth in the SSE market.\u003c/p\u003e\n \u003cp\u003eThis is the second year in a row that Fortinet has been recognized as a Challenger, and our position moved significantly up and to the right compared to other vendors. \u003c/p\u003e\n \u003cp\u003eDownload the Magic Quadrant report to see how Gartner has:\n\u003cul\u003e\n\u003cli\u003eDefined the SSE space\n\u003cli\u003eEvaluated SSE vendors\n\u003cli\u003eIdentified vendors' strengths and cautions\n \u003c/ul\u003e\n \u003cdiv class=\"cta\" style=\"width:300px;\"\u003e\n Download the report\n \u003c/div\u003e \n \u003c/div\u003e\n \u003c/div\u003e","custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"28b5966d-7e01-4131-87d3-e8096697e6b8","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","query.utm_content"],"custom_javascript":"\n","custom_css":null,"condition":null}]},{"id":"1","name":"Mutiny Test","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"query.utm_term","value":"mutiny","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"2b64c0f6-43fb-4cf4-8bda-808542102f03","state":"experiment","name":"Testing for SFDC Sandbox","description":"Testing for SFDC Sandbox","global":false,"priority":17,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for-you","url_query_params":null,"url_condition":null,"hold_out":0.5,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"bfa11224-878f-45b8-898a-85f56525ed98","dom_update_group_state":"active","variation_key":"47d891fa-414f-4562-9086-a7b21f95519d","variation_name":"Variation 1","dom_updates":[{"selector":"main#CONTENT \u003e div:nth-of-type(7)","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"main#CONTENT","index":5,"deconflictor":null},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"7e991114-536f-4ca8-84ea-4966fb51c6dd","custom_javascript":null,"personalization_type":"modification"},{"selector":"h1","data":{"html_attributes":{},"styles":{},"content":"\ntest.","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e72a1a3a-9264-446d-b1ce-8d5cf54c72a8","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","query.utm_term"],"custom_javascript":null,"custom_css":null,"condition":null}]},{"id":"49","name":"FortiNDR-WP","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"user.random","value":0,"comparator":"greater_than_or_equal","filter":null,"aggregation":null},{"attribute":"query.utm_content","value":"FortiNDR-WP","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"ae628a51-3571-4d60-ad6e-ec5f4f1ab621","state":"promoted","name":"NAMER ABM Harnessing the Power of AI-ML - FortiNDR","description":"NAMER ABM Harnessing the Power of AI-ML - FortiNDR","global":false,"priority":11,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for-you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"27fb3d58-b81f-4e37-a82b-616297396366","dom_update_group_state":"active","variation_key":"3bfd591c-ded9-4057-9883-4c780c7ff714","variation_name":"Variation 1","dom_updates":[{"selector":"div:nth-of-type(5) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c590569c-dba9-4d9b-a652-f8d566bffc59","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(6) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ae4bc5cc-a8b1-4bd9-b4ff-386be09f752a","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(7) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"36785e4b-393f-47af-95fb-515076032704","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.analyst-validation-label \u003e div.wrap","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"1083df7b-4b16-42b7-90fc-fc226786e068","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(9) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"1e21a688-dac1-4f1d-a24d-aa55c787b984","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(11) \u003e section.cs--padding","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"533024ed-401a-46b8-927e-c02d02204d8e","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(13) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a4b05db3-abd2-4b43-88ae-358f459b4a5a","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section--features \u003e div.wrap","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"dc6614d9-d8f8-469d-915b-30770186e865","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(15) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"77208dd4-d11b-4464-8e5e-60fbe0f07f97","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section","data":{"html_attributes":{"class":"section hero product-hero","style":"background: url(\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Hero.png\") 0% 0% / cover; "},"styles":{"background-image":"none"},"content":"\n\n \u003cdiv class=\"wrap\" \u003e\n \u003cdiv class=\"row banner\" style=\"\"\u003e\n \u003cdiv class=\"col-lg-8 col-8 col-md-12 col-sm-12\"\u003e\n \u003cdiv class=\"section-content\"\u003e\n \u003cstyle\u003e\n .text-box {\n display: inline-block;\n padding: 10px;\n background-image: linear-gradient(rgba(0, 0, 0, 0.5), rgba(0, 0, 0, 0.5));\n color: white; \n }\n \u003c/style\u003e\n \u003cdiv class=\"text-box\" style=\"margin:200px 0 0 100px;\"\u003e\n \u003ch1\u003eHarnessing the Power of Artificial Intelligence and Machine Learning with FortiNDR Solutions\u003c/h1\u003e\n \u003c/div\u003e\n \u003cdiv style=\"display: inline-block;\n padding: 10px;\n background-image: linear-gradient(rgba(0, 0, 0, 0.5), rgba(0, 0, 0, 0.5));\n color: white; margin:20px 0 0 100px;\"\u003e\n WHITE PAPER\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n ","custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"0f7d6ec3-687f-46b9-a2b4-2cdde6c1009b","custom_javascript":null,"personalization_type":"modification"},{"selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","data":{"html_attributes":{},"styles":{},"content":"\n \u003cdiv class=\"resources-container container\" style=\"padding-top:10px;\"\u003e\n \u003cdiv\u003e\n\u003cstyle\u003e\n body {\n font-family: Arial, sans-serif;\n font-size: 20px;\n line-height: 1.6;\n color: #333;\n margin: 0 auto;\n padding: 20px;\n max-width: 100%;\n text-align: justify;\n text-justify: inter-word;\n }\n li {\n margin-left: 20px;\n padding-left: 20px;\n }\n @media screen and (max-width: 768px) {\n body {\n font-family: Arial, sans-serif;\n font-size: 18px;\n line-height: 1.6;\n color: #333;\n margin: 0 auto;\n padding: 20px;\n max-width: 100%;\n text-align: justify;\n text-justify: inter-word;\n }\n li {\n font-size: 18px;\n margin-left: 10px;\n padding-left: 10px;\n }\n }\n footer {\n font-size:14px;\n }\n h1, h2 {\n color: #0066cc;\n }\n h1, h2, h3 {\n text-align: left;\n }\n .executive-summary {\n background-color: #f0f0f0;\n padding: 15px;\n border-radius: 5px\n margin-top:0px;;\n }\n img {\n max-width: 100%;\n height: auto;\n }\n .figure {\n text-align: center;\n margin: 20px 0;\n }\n .figure img {\n max-width: 100%;\n height: auto;\n }\n .figure-caption {\n font-style: italic;\n margin-top: 10px;\n }\n \n\u003c/style\u003e\n \u003ch2 style=\"margin-top:0px;\"\u003eExecutive Summary\u003c/h2\u003e\n \u003cdiv class=\"executive-summary\"\u003e\n \u003cp\u003eWith the explosion of data and computing, adversaries and cybersecurity practitioners are harnessing the power of AI and ML to achieve their respective objectives. Fortinet applies AI and ML to its SecOps suite of solutions, including FortiNDR network detection and response and FortiNDR Cloud. Below, you'll find related use cases of how Fortinet uses AI and ML in these offerings, highlighting how the technologies solve common cybersecurity challenges and increase coverage related to detection and response.\u003c/p\u003e\n \u003c/div\u003e\n\n \u003ch2\u003eAI and ML in Fortinet Cybersecurity Solutions\u003c/h2\u003e\n \u003cp\u003eFortinet uses AI and ML to solve common security operations center (SOC) challenges related to scale and time to detect. Fortinet also uses these capabilities to enhance detections in its own products in many ways, such as training different engines and neural networks for malware detections, profiling traffic on networks (FortiNDR, FortiNDR Cloud, and FortiWeb), analyzing network operations data (FortiAIOps), using GenAI with FortiAdvisor to interact with customers using natural language processing, and harnessing ML for face recognition in FortiCamera, to name a few.\u003c/p\u003e\n\n \u003ch2\u003eWhat Makes Network Detection and Response Unique?\u003c/h2\u003e\n \u003cp\u003eNDR is one cybersecurity solution that harnesses big data and uses ML to effectively model network traffic. NDR relies on processing raw network data and flows to capture the metadata of the network to surface attacks. As adversaries cannot escape the network, traces of activity are always left behind, whether malware lateral movement, deviation of traffic flow, abnormal application behavior, or the unusual upload of sensitive data. NDR solutions can conduct behavior-based analysis on the network, using AI and ML to determine if an action is potentially suspicious. This insight helps a human analyst better assess the situation and prioritize remediation.\u003c/p\u003e\n\n \u003cdiv class=\"figure\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Fig1.png\" alt=\"Architecture of a typical NDR solution\"\u003e\n \u003cp class=\"figure-caption\"\u003eFigure 1: Architecture of a typical NDR solution\u003c/p\u003e\n \u003c/div\u003e\n\n \u003ch2\u003eAI and ML Use Cases in the FortiNDR Product Family\u003c/h2\u003e\n \u003cp\u003eMost mature NDR vendors will offer SaaS or cloud-based and on-premises solutions. Fortinet has deployment options for both FortiNDR Cloud (SaaS-based) and FortiNDR (on-premises). While many customers choose the SaaS or cloud-based deployment option, some industries need greater data sovereignty and have unique compliance requirements that necessitate an on-premises solution. Below are several examples, first of how FortiNDR on-premises, and then how FortiNDR Cloud solutions use AI and ML to enhance detection capabilities.\u003c/p\u003e\n\n \u003ch3\u003eArtificial neural networks and supervised machine learning\u003c/h3\u003e\n \u003cp\u003eFortiNDR (on-premises) is equipped with patented artificial neural networks (ANN) to scan and analyze files on the network in real time. Few NDR solutions in the market scan the files from raw traffic and inform users what malware attacks are happening in their network. Most solutions only offer post-attack recovery recommendations. The benefits of using ANN versus traditional detection technology like antivirus software include:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003eReducing the time needed to detect, as no signature matching is required. FortiNDR ANN is trained by FortiGuard Labs experts to identify specific ransomware types, such as CoinMiner Banking Trojan.\u003c/li\u003e\n \u003cli\u003eANN's learning ability and its automatic adaptation to malware variants on network. ANN can compare similarities between suspicious files, drawing a conclusion about whether the new file poses a risk to the network.\u003c/li\u003e\n \u003cli\u003eThe ability to add detection timing and connections to the evaluation criteria. As a result, FortiNDR can determine if an infected user spreads malware to another and whether there are connections between these hosts. This helps analysts determine the origin of an attack.\u003c/li\u003e\n \u003cli\u003eOther self-learning capabilities based on customer traffic to further detect malware anomalies for both clean and malicious files.\u003c/li\u003e\n \u003c/ul\u003e\n\n \u003cdiv class=\"figure\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Fig2.png\" alt=\"FortiNDR ANN\"\u003e\n \u003cp class=\"figure-caption\"\u003eFigure 2: FortiNDR ANN\u003c/p\u003e\n \u003c/div\u003e\n\n \u003ch3\u003eOne-class support vector machines and unsupervised ML\u003c/h3\u003e\n \u003cp\u003eA second example of how FortiNDR (on-premises) uses ML is related to traffic profiling. When capturing raw network traffic, FortiNDR uses a One-Class Support Vector Machine (SVM) to model traffic, form a baseline, and identify instances that deviate significantly from that baseline. The One-Class SVM is an unsupervised ML algorithm that requires training by feeding different types of clean and malicious files to it, baselines customers' traffic using a specified time interval to learn the \"norm\" to form the baseline, and detects deviations from that baseline. This analysis includes different network characteristics such as IP addresses, geolocations, application behavior, and ports. Different ML profiles or patterns can be built for different network segments in the FortiNDR configuration. For example, a critical server on a bank's network should only communicate with selected hosts via well-defined ports and application behavior. If any deviations are detected, FortiNDR will alert us of this activity. While the activity might not be a legitimate attack, it can be classified as suspicious traffic that warrants investigation.\u003c/p\u003e\n\n \u003cdiv class=\"figure\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Fig3.png\" alt=\"FortiNDR and ML applications for traffic profiling\"\u003e\n \u003cp class=\"figure-caption\"\u003eFigure 3: FortiNDR and ML applications for traffic profiling\u003c/p\u003e\n \u003c/div\u003e\n\n \u003ch2\u003eFortiNDR Cloud Examples of AI/ML Use\u003c/h2\u003e\n \u003cp\u003eFortiNDR Cloud, a SaaS NDR offering from Fortinet, captures customers' network data. This data is then sent to FortiCloud for detection, modeling, and threat hunting. The SaaS architecture provides an opportunity to harness cloud computing to scale in speed, training, and analysis.\u003c/p\u003e\n\n \u003cp\u003eThere are numerous advantages to leveraging cloud computing, AI, and ML, such as:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003eAutoscaling compute when required, moving away from on-site compute constraints\u003c/li\u003e\n \u003cli\u003eCross-domain data leveraging multiple datasets\u003c/li\u003e\n \u003cli\u003eSharing detection models across verticals\u003c/li\u003e\n \u003cli\u003eComparing observations across verticals to draw more accurate conclusions\u003c/li\u003e\n \u003cli\u003eAnalyzing large amounts of data and applying ML to datasets\u003c/li\u003e\n \u003cli\u003eRapid deployment with SaaS-based ML solutions\u003c/li\u003e\n \u003c/ul\u003e\n \u003caside\u003e\n \u003cdiv style=\"text-align:center;\"\u003e\n \u003cdiv style=\"display: inline-block;\n text-align:left;\n padding: 20px 50px 20px 50px;\n background-image: linear-gradient(rgba(0, 0, 0, 0.5), rgba(0, 0, 0, 0.5));\n color: white; margin:20px 0 0 100px; \"\u003e\n \u003cp\u003eIn 2023, FortiNDR Cloud:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003eAnalyzed 11 terabytes of network events\u003c/li\u003e\n \u003cli\u003eRecorded 146 million observations\u003c/li\u003e\n \u003cli\u003eTriggered 463 thousand detections, and\u003c/li\u003e\n \u003cli\u003eHad \u003c 1% customer-reported false-positive rate\u003c/li\u003e\n \u003c/ul\u003e\n \u003c/div\u003e\n \u003c/aside\u003e\n \u003c/div\u003e\n\t\u003cp\u003eThe following section outlines detections and observations in FortiNDR Cloud, as well as how AI and ML assist with detecting anomalies in a customer’s network.\u003c/p\u003e\n \u003ch3\u003eDetections and observations\u003c/h3\u003e\n \u003cp\u003eDetections on FortiNDR Cloud are considered high-fidelity, low false-positive events. A well-designed NDR solution should:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003eNot generate too many false positives\u003c/li\u003e\n \u003cli\u003eProvide customers with the ability to tune detections to minimize noise\u003c/li\u003e\n \u003c/ul\u003e\n\n \u003cp\u003eOne of the key benefits of a SaaS-based solution such as FortiNDR Cloud is the ability to leverage cloud computing and apply ML on a next-generation data management solution. Another advantage is that the solution maintains network metadata for at least 365 days at a lower cost, which is important for customers for threat hunting, as well as applying ML techniques to the larger dataset over time to aid in detecting anomalies.\u003c/p\u003e\n \u003cp\u003eDifferent ML algorithms generate “observations” in the FortiNDR Cloud solution, which models normal and malicious traffic in various ways. There are more than 60 observations currently available in FortiNDR Cloud, with the Fortinet engineering team adding new observations regularly. ML is applied to identify anomalous behavior and generate observations. These models are built on the network metadata observed, a unique capability of the Fortinet NDR solution.\u003c/p\u003e\n\t\u003cp\u003eBelow are a few examples of how ML is applied to identify anomalous behavior and generate observations. These ML models are built on the network metadata observed, a unique capability of the Fortinet NDR solution.\u003c/p\u003e\n\n \u003cdiv class=\"figure\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Fig4.png\" alt=\"Detections and observations data process flow\"\u003e\n \u003cp class=\"figure-caption\"\u003eFigure 4: Detections and observations data process flow\u003c/p\u003e\n \u003c/div\u003e\n\n \u003ch3\u003eDetecting exfiltration attempts based on supervised learning\u003c/h3\u003e\n \u003cp\u003eOne of the characteristics of a breach is a large or unusual amount of data being transferred out of an organization's network. This is covered in \u003ca href=\"https://attack.mitre.org/tactics/TA0010/\" target=\"_blank\"\u003eMITRE ATT\u0026CK Technique TA0010.\u003c/a\u003e\u003c/p\u003e\n\n \u003cp\u003eFortiNDR Cloud applies supervised ML using a light gradient boosting model (GBM) to detect suspicious outbound data quantity transfer, detecting unusually large uploads related to exfiltration attempts. LightGBM ML framework has the following characteristics:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003eFaster training speed and higher efficiency\u003c/li\u003e\n \u003cli\u003eLower memory usage\u003c/li\u003e\n \u003cli\u003eBetter accuracy\u003c/li\u003e\n \u003cli\u003eSupport of parallel, distributed, and GPU learning\u003c/li\u003e\n \u003cli\u003eCapable of handling large-scale data\u003c/li\u003e\n \u003c/ul\u003e\n\n \u003cp\u003eThe ML model used by detection exfiltration is a tree-based model trained against synthetic exfiltration attempts. There are two models: one is a classification model to identify if exfiltration is occurring, utilizing close to 50 features, including max, mean, median, and standard deviation of incoming and outgoing bytes to identify outliers. The other is a regression model that estimates how much of the traffic is exfiltration.\u003c/p\u003e\n\n \u003cp\u003eOnce the models are built and trained by normal and anomalous datasets, FortiNDR Cloud can apply the same model to new customer traffic and it will work instantly. No additional training or baseline data is required.\u003c/p\u003e\n\n \u003cdiv class=\"figure\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Fig5.png\" alt=\"LightGBM boosting tree algorithm applied on suspicious outbound traffic\"\u003e\n \u003cp class=\"figure-caption\"\u003eFigure 5: LightGBM boosting tree algorithm applied on suspicious outbound traffic\u003c/p\u003e\n \u003c/div\u003e\n\n \u003ch3\u003eML to detect encrypted malicious botnet activity\u003c/h3\u003e\n \u003cp\u003eA second example of ML applications in FortiNDR Cloud is the ability to detect encrypted command and control (C2) outbound attempts within a customer's environment. The solution detects known indicators of compromise, such as a well-known set of botnet servers or URLs related to ransomware campaigns. FortiGuard Labs Applied Threat Research (ATR) team further studies the behavior of such connections and applies different ML models—one example is SK Learn Classifier—to model different features within the malicious traffic, such as:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003eBeaconing frequency of botnets\u003c/li\u003e\n \u003cli\u003eHTTP headers or user agent strings\u003c/li\u003e\n \u003cli\u003eCertificates and their characteristics used for SSL encryption\u003c/li\u003e\n \u003cli\u003eHow long the connection lives\u003c/li\u003e\n \u003cli\u003eJA3 client and server headers\u003c/li\u003e\n \u003cli\u003eNumber of bytes or packets transferred in connection\u003c/li\u003e\n \u003c/ul\u003e\n\n \u003cp\u003eUsing this technique, FortiNDR Cloud can build an accurate model of malicious C2 behavior. In general, C2 networks are not static and constantly change. Attackers couple dynamic C2 activity with machine-generated Domain Generated Algorithms to avoid detections.\u003c/p\u003e\n\n \u003cp\u003eThe benefit of having this C2 supervised learning model when new traffic is observed on network is that if any of the traffic from the C2 model is routed to a new and unknown destination, FortiNDR Cloud will alert on this anomaly to determine if an SSL C2 is observed. The confidence of the observations will depend on how well the traffic profile fits into the model. This model also gets refined over time as the FortiGuard Labs team detects and identifies additional IOCs as new threats are discovered.\u003c/p\u003e\n\n \u003cp\u003eOnce users are prompted with SSL C2 observations, SOC analysts can conduct further threat hunting on FortiNDR itself based on the internal query language (IQL) query language, or through other offerings that are part of the Fortinet Security Fabric platform, such as FortiEDR endpoint detection and response, FortiGate Next-Generation Firewalls, or FortiSIEM to further triage the attack.\u003c/p\u003e\n\n \u003cdiv class=\"figure\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Fig6.png\" alt=\"Modeling of malicious botnet behavior\"\u003e\n \u003cp class=\"figure-caption\"\u003eFigure 6: Modeling of malicious botnet behavior\u003c/p\u003e\n \u003c/div\u003e\n\n \u003ch3\u003eFortiNDR Cloud: Combining unsupervised and supervised learning\u003c/h3\u003e\n \u003cp\u003eThe example above examines how FortiNDR Cloud detects botnet communication using SSL data, but botnets can also communicate via HTTP using redirects. To detect this activity, FortiNDR Cloud relies on a similar method for detecting SSL C2 to detect HTTP C2 behavior. Leveraging a PageRank unsupervised learning model, FortiNDR Cloud evaluates the trustworthiness of various webpages while modeling traffic. For example, adversaries can create spoofed domains to redirect botnet C2 traffic via HTTP to avoid detections. FortiNDR Cloud evaluates these redirected webpages using the PageRank algorithm to measure how trusted (or new) the webpages are. Once evaluated, FortiNDR Cloud inputs these measures into an additional supervised HTTP learning model for further analysis. This showcases how Fortinet combines the power of unsupervised and supervised learning to allow FortiNDR Cloud to determine if observed HTTP connections exhibit botnet C2 behavior and qualify for a new detection.\u003c/p\u003e\n\n \u003ch2\u003eFortiNDR Solutions Deliver Unique Advantages\u003c/h2\u003e\n \u003cp\u003eFortiNDR and FortiNDR Cloud are two solutions that truly apply ML and AI, whether on-premises or a SaaS-based cloud solution. This ongoing application of ML and AI helps identify anomalies, as adversaries always leave traces of activity on the network. NDR solutions offer unique capabilities to security teams as they conduct investigations and perform threat hunting. They can be combined with other Fortinet Security Fabric platform offerings to create a comprehensive solution to secure any network. Visit the \u003ca href=\"https://www.fortinet.com/products/network-detection-and-response\" target=\"_blank\"\u003eFortiNDR product pages on our website\u003c/a\u003e for more information.\u003c/p\u003e\n\n \u003cdiv style=\"display:flex;margin:50px 0px 50px 0;justify-content: center;\"\u003e\n \u003cstyle\u003e\n a:link {text-decoration:none;}\n a:hover {text-decoration:none;}\n a:visited:{text-decoration:none;}\n \u003c/style\u003e\n \u003ca href=\"https://www.fortinet.com/library/secops\" alt=\"Visit the Fortinet SecOps content portal.\" target=\"_blank\"\u003e\n \u003cdiv style=\"background-color: dc291c; color:#fff; margin: 20px; padding: 10px 20px 10px 20px; align-text:justify; border-radius:8px;\"\u003e\n \u003cp\u003eDiscover more SecOps content\n\u003c/p\u003e\n\u003c/div\u003e\n\u003c/a\u003e\n \u003ca href=\"https://www.fortinet.com/fortiguard/outbreak-alert-subscription\" alt=\"Subscribe to FortiGuard Labs Threat Outbreak alerts.\" target=\"_blank\"\u003e\n \u003cdiv style=\"background-color: 3cb07c; color:#fff; margin: 20px; padding: 10px 20px 10px 20px; align-text:justify; border-radius:8px;\"\u003e\n \u003cp\u003eSubscribe to Outbreak Alerts!\n\u003c/p\u003e\n\u003c/div\u003e\n\u003c/a\u003e\n\u003c/div\u003e\n \u003ca href=\"https://fortinet.com\" target=\"_blank\"\u003e\u003cimg src=\"https://cdn.pathfactory.com/assets/11071/logos/811328/37adabc8-8044-4f5f-9612-77085eae9c35.png\" width=\"200px\"\u003e\u003c/a\u003e\n\n \n\n\n \u003cfooter\u003e\n \u003cp\u003eCopyright © 2024 Fortinet, Inc. All rights reserved. Fortinet ®, FortiGate®, FortiCare® and FortiGuard ®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet\u003c/p\u003e\n\u003c/div\u003e\n \u003c/div\u003e\n ","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"2fcfd986-c310-4e08-8f6a-4c2fb8334104","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","query.utm_content"],"custom_javascript":"document.title = \"Harnessing the Power of AI/ML with FortiNDR\";","custom_css":null,"condition":null}]},{"id":"44","name":"What-is-SASE","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"user.random","value":0,"comparator":"greater_than_or_equal","filter":null,"aggregation":null},{"attribute":"query.utm_content","value":"SASE","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"ce5c3f75-5832-4a29-949e-b0e7fb8b6840","state":"promoted","name":"NAMER ABM What is SASE?","description":"NAMER ABM What is SASE?","global":false,"priority":12,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for-you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"0415b16b-6fcf-4206-af29-7982e7be235e","dom_update_group_state":"active","variation_key":"fd39252c-4192-4f61-a3db-93aa0acaa358","variation_name":"Variation 1","dom_updates":[{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2) \u003e p","data":{"html_attributes":{},"styles":{"margin-bottom":"20px"},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2)","manual_insert_before_selector":null,"index":1,"deconflictor":null},"content":"\u003cul\u003e\n\u003cli\u003eSoftware as a Service (SaaS) like Salesforce and Microsoft Office 365\n\u003cli\u003eInfrastructure as a Service (IaaS) such as AWS and Azure\n\u003cli\u003ePrivate cloud apps\n\u003cli\u003eInternet resources like YouTube\n\u003c/ul\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"98a534f9-915c-4696-9c5d-f09d8ee79c68","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div.screenshot \u003e div:nth-of-type(1) \u003e div.image \u003e a.id-image-modal \u003e img.lozad","data":{"html_attributes":{"src":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/SASE.png","srcset":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/SASE.png"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a872e126-bec3-47e9-8ce6-61847bee7b4c","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(3) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2) \u003e p","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(3) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2)","index":0},"content":"Cloud infrastructure complexity poses a significant cybersecurity risk. Secure Access Service Edge (SASE) offers a holistic solution, securely connecting any user to any platform in any location.","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"0515036c-e0a7-41e1-8b60-2ffb546c3d8f","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(3) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2) \u003e a.trailing-link","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a5199354-93a7-4bb8-8000-5f2bb9e3fce5","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(3) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2) \u003e p","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(3) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2)","index":0,"deconflictor":0.5},"content":"Originally conceptualized by Gartner, SASE combines a mix of networking and security services:","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"473f59da-2892-498d-8588-396b4c9ade3b","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(3) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2) \u003e p","data":{"html_attributes":{},"styles":{"margin-top":"20px"},"position":{"parent_selector":"div:nth-of-type(3) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2)","manual_insert_before_selector":null,"index":0,"deconflictor":1.0},"content":"\u003cul\u003e\n \u003cli\u003eSoftware-Defined Wide Area Network (SD-WAN)\n\u003cli\u003eFirewall as a Service (FWaaS)\n\u003cli\u003eSecure Web Gateway (SWG)\n\u003cli\u003eZero Trust Network Access (ZTNA)\n\u003cli\u003eCloud Access Security Broker (CASB)\n\u003cli\u003eDigital Experience Monitoring (DEM)\n\u003cli\u003eData Loss Prevention (DLP)\n\u003c/ul\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a2ff9787-9ab7-4913-96a5-604ac311e17c","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(3) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2) \u003e p","data":{"html_attributes":{},"styles":{"margin-top":"20px"},"position":{"parent_selector":"div:nth-of-type(3) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2)","manual_insert_before_selector":null,"index":0,"deconflictor":2.0},"content":"SASE combines networking and cybersecurity in one solution. It cuts the cost and effort of managing a complex and disjointed infrastructure of separate tools. SASE makes it easy to maintain a consistent, enterprise-wide security posture. It lowers the risk of intrusions and secures cloud access from the hybrid workplace. ","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"8075a2dc-44b4-429a-8a90-6a97898d9872","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(3) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d489564b-5e53-4dc6-b160-ebbe8caea5c8","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(3) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"6e356db1-db73-4694-a40a-65280777dbde","custom_javascript":null,"personalization_type":"addition"},{"selector":"section:nth-of-type(1) \u003e div.wrap \u003e div:nth-of-type(3) \u003e section.section--products","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"71d98c77-6c63-454b-ba39-0dc32f6038e5","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(6) \u003e section.section--resource \u003e div.wrap","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c9ecf80b-6ed1-4537-ae2d-2b960a15be22","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(3) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div.screenshot \u003e div:nth-of-type(1) \u003e div.image \u003e a.id-image-modal \u003e div.image-enlarge-indicator","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"41585a8c-e7c8-4bf0-9f5b-acc1c5ed2233","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(3) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"1726b6a4-8368-45ea-8020-a98b0d82e3c9","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","index":0,"deconflictor":-1.0},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9e5ff75e-0dba-4667-a866-6916e671bb88","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"f1cac212-2123-4189-afc9-14d311682f5b","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"8c3281d3-eb18-4e9b-b17c-10537af8637c","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d4fb4540-45f0-4d18-a1c7-ee80d7308e67","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"1e5cb96a-859b-494d-a665-a889efda09af","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e9a96f36-88b8-4741-a356-2c4d9463e1ea","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(9) \u003e section.section--resource","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"899818a3-3a74-4665-b326-adea1c277d6d","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div[class*=\"Columns\"] \u003e div.row \u003e div:nth-of-type(1) \u003e p","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e div[class*=\"Columns\"] \u003e div.row \u003e div:nth-of-type(1)","index":1,"deconflictor":null},"content":"Add your content here","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"da85188c-907e-41fd-a24e-b403b1296a94","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e div[class*=\"Columns\"] \u003e div.row \u003e div:nth-of-type(2) \u003e p","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e div[class*=\"Columns\"] \u003e div.row \u003e div:nth-of-type(2)","index":1,"deconflictor":null},"content":"Add your content here","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d37f621c-15f7-4dfc-9bcc-4118691bdd9d","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e div[class*=\"Columns\"] \u003e div.row \u003e div:nth-of-type(3) \u003e p","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e div[class*=\"Columns\"] \u003e div.row \u003e div:nth-of-type(3)","index":1,"deconflictor":null},"content":"Add your content here","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e10a9864-6494-4b92-9572-b54cc1cee18f","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e div[class*=\"Columns\"] \u003e div.row \u003e div:nth-of-type(1) \u003e p","data":{"html_attributes":{},"styles":{},"content":"\u003ch4\u003eSoftware-Defined WAN (SD-WAN)\u003c/h4\u003e\n\u003cul\u003e\n \u003cli\u003eManages WAN traffic to deliver the best performance and reliability.\n\u003cli\u003eProvides a resilient on-ramp to the SASE cloud service.\n\u003cul\u003e","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"78168aa3-0ce7-4adf-9305-eccb5b5c302e","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div[class*=\"Columns\"] \u003e div.row \u003e div:nth-of-type(2) \u003e p","data":{"html_attributes":{},"styles":{},"content":"\u003ch4\u003eFirewall as a Service (FWaaS)\u003c/h4\u003e\n\u003cul\u003e\n \u003cli\u003eOffers 360-degree visibility and control of network traffic.\n\u003cli\u003eIn addition to next-generation firewall (NGFW) services, FWaaS enables logical network segmentation.\n\u003c/ul\u003e","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"6622e73d-b925-4a04-bac7-0c88c1cd5b28","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div[class*=\"Columns\"] \u003e div.row \u003e div:nth-of-type(3) \u003e p","data":{"html_attributes":{},"styles":{},"content":"\u003ch4\u003eSecure Web Gateway (SWG)\u003c/h4\u003e\n\u003cul\u003e\n \u003cli\u003eProtects users from web-based attacks like malware and phishing.\n\u003cli\u003eEnforces security policy compliance.\n\u003c/ul\u003e","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"f8f94d13-feef-4613-af5d-4be2d6414637","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(7) \u003e section.section--resource \u003e div.wrap","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4f3f7605-5340-4d81-bfb2-37ed964c1e80","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{"margin-top":"40px","text-align":"center","margin-bottom":"40px"},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":1.0},"content":"SASE Components","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"bf9d75f8-022a-4eb9-9fd9-0469f9dcb288","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":3.0},"content":"\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" style=\"height: 220.5px;\"\u003e\n \n \u003ch4\u003eZero-Trust Network Access (ZTNA)\u003c/h4\u003e\n\u003cul\u003e\n \u003cli\u003eDynamically adjusts application access based on user identity and device posture.\n\u003cli\u003eContinuously inspects sessions for risks and provides endpoint protection.\n\u003c/ul\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" style=\"height: 220.5px;\"\u003e\n \n \u003ch4\u003eCloud Access Security Broker (CASB)\u003c/h4\u003e\n\u003cul\u003e\n \u003cli\u003eMonitors SaaS application usage, including Shadow IT usage.\n\u003cli\u003eApplies cloud security policies based on identity, app risk, and data sensitivity.\n\u003c/ul\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" style=\"height: 220.5px;\"\u003e\n \n \u003ch4\u003eDigital Experience Monitoring (DEM)\u003c/h4\u003e\n\u003cul\u003e\n \u003cli\u003eMakes endpoint application performance and the user experience visible.\n\u003cli\u003eApplication-specific synthetic monitoring and pro-active root cause analysis.\n\u003c/ul\u003e\n\n \u003c/div\u003e\n\u003c/div\u003e\n\n\n\n\n\u003c/div\u003e\n","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"98e65db8-e4cd-4eac-bda5-4e0b4e5b72f9","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":1.5},"content":"SASE converges networking and security to enable consistent, enterprise-wide management and visibility of all users, devices, applications, and security policies.","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"03c0da90-6a04-422f-8dbb-29ccb81fd9b7","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":4.0},"content":"\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" style=\"height: 220.5px;\"\u003e\n \n \u003ch4\u003eData Loss Prevention (DLP)\u003c/h4\u003e\n\u003cul\u003e\n \u003cli\u003eProtection against data breaches, insider threats, and data exfiltration.\n\u003cli\u003eDetects data loss to prevent sensitive data from leaving the organization.\n\u003cul\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" style=\"height: 220.5px;\"\u003e\n \n \u003ch4\u003eUnified Management\u003c/h4\u003e\n\u003cul\u003e\n \u003cli\u003eSimplifies SASE management with a single interface.\n\u003cli\u003eSupports consistent enforcement of network and security policies across all edges.\n\u003c/ul\u003e\n\n \u003c/div\u003e\n \n\u003c/div\u003e\n\n\n\n\n\u003c/div\u003e\n","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"13e59812-d31c-4093-8c52-15307e83bef1","custom_javascript":null,"personalization_type":"addition"},{"selector":"main#CONTENT \u003e div:nth-of-type(5)","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"main#CONTENT","index":15,"deconflictor":null},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"f1d50d8d-c821-4311-afbe-fe42b6191eab","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":6.0},"content":"\u003cp\u003eSASE is a comprehensive, cloud-native service that connects and secures all locations, users, devices, and applications — on-premises and in the cloud. \u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eIdentity as the New Perimeter \u003c/h4\u003e\n\u003cp\u003eIdentity is at the core of the SASE architecture. Access to resources is based on context, with policies evaluating user identity, risk, device security posture, data and application significance, and user action. SASE ensures policies are enforced consistently across the hybrid workplace. \u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eConsistent Security for All Edges \u003c/h4\u003e\n\u003cp\u003eSASE maintains security policy consistency across all network edges. This includes access from individual users and devices, branch offices, campus networks, on-premises and cloud data centers, and includes OT and IoT resources.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eCloud-Native Security\u003c/h4\u003e\n\u003cp\u003eSASE networking and security technologies are delivered as a cloud service for simple, flexible deployment that can adapt as needs change. Cloud-native SASE is centrally managed and configured and offers end-to-end reporting and analytics. \u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eGlobally Distributed Security\u003c/h4\u003e\n\u003cp\u003eCloud-native SASE provides user access to resources through points of presence (POPs). POPs are globally distributed cloud-resident security stacks giving SASE users a secure, low-latency onramp to cloud resources from any location. \u003c/p\u003e\n","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9b52da41-7f6f-40ad-82a2-cc9839589025","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{"text-align":"center"},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":7.0},"content":"The Benefits of SASE","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a59310e1-dc8a-496b-9dd1-8d6ffc8c3964","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":8.0},"content":"\u003ch4 style=\"margin-top:10px;\"\u003eSASE Defines Simplicity\u003c/h4\u003e\n\u003cp\u003e\nSASE offers a single architecture for all use cases. It eliminates redundancy, simplifies operations, and provides a uniform platform for automation. SASE dismantles security silos inadvertently created by deploying diverse point solutions. It ensures all users and devices maintain a consistent security posture, reducing the organization’s attack surface.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eSASE Shrinks TCO\u003c/h4\u003e\n\u003cp\u003eConsolidating diverse point solutions with SASE also limits product and vendor sprawl, lowering CAPEX. Additionally, integrated SASE components ease management and simplify automation to reduce administrative OPEX.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eSASE Drives Agility \u003c/h4\u003e\n\u003cp\u003eSASE enables quick global onboarding of users and devices, providing immediate benefits of fast, secure cloud access. Its cloud-native design simplifies deployment through self-service installation, agentless access for thin edge endpoints, such as IoT devices, and zero-touch provisioning for SD-WAN. \u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eSASE Transforms the User Experience\u003c/h4\u003e\n\u003cp\u003eSASE prioritizes the user experience with a unified interface and metrics that deliver end-to-end visibility into user, endpoint, application, and network performance. This unprecedented level of detail helps administrators correlate the user experience with business outcomes.\n\u003c/p\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"883a85f8-f28b-4b41-861b-9886301adeb8","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":10.0},"content":"\u003cp\u003eVirtual private networks (VPNs) were first developed over 20 years ago to secure a network connection between a user device and the internet. Although the technology has evolved significantly, early limitations persist.\n\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eVPN Latency \u003c/h4\u003e\n\u003cp\u003eAn end-user’s request must be routed through a VPN server regardless of the eventual destination. This adds latency to each request and creates a potential bottleneck at the server.\nSASE creates a high-speed, low-latency connection between the user’s device and the cloud, via the SASE POPs. \u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eVPN Authentication \u003c/h4\u003e\n\u003cp\u003eModern VPNs require a login and support encryption however, once a tunnel has been opened between the endpoint and the VPN server, there is generally no further authentication. This means a bad actor who has compromised an endpoint can gain unchallenged access to the enterprise network. \n\u003c/p\u003e\n\u003cp\u003eThe SASE ZTNA architecture operates on a least privileges principle. It continually verifies the user’s identity and their authority to access requested resources. ZTNA can also authenticate OT and IoT resources. \u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eVPN Scalability \u003c/h4\u003e\n\u003cp\u003eSupport for the hybrid workplace has substantially increased the management burden on VPN administrators. The increased complexity reduces productivity, increases the likelihood of configuration errors, and leads to more human mistakes.\nSASE benefits from hundreds of globally distributed POPs to deliver massively scalable and highly resilient remote access.\n\u003c/p\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"2812916c-c7e5-4562-8360-aa003ce1c54c","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":12.0},"content":"\u003cp\u003eNot all SASE platforms are created equal. Variations in security features and application-specific access can challenge organizations. To ensure the security of your network and optimize the user experience, carefully study SASE options based on your core use cases. \u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eSecure Internet Access (SIA)\u003c/h4\u003e\n\u003cp\u003eRemote users with direct internet access greatly expand the organization’s attack surface. An effective SASE solution will filter internet traffic based on corporate policies. SASE can also monitor encrypted content as it enters and leaves your network. Other security features include DNS security, anti-phishing, antivirus, anti-malware, sandboxing, and deep-SSL inspection.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eSecure Private Access (SPA)\u003c/h4\u003e\n\u003cp\u003eFor private applications hosted on-premises or on public cloud servers, SASE integrates with SD-WAN to find and establish a secure connection via the shortest internet path to the application. SD-WAN adds resilience and improves performance to ensure the best user experience. \u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eSecure SaaS Access \u003c/h4\u003e\n\u003cp\u003eAn effective SASE solution enables secure access regardless of where applications, devices, users, and workloads are located. As an organization grows more dependent on SaaS, cloud-based SASE security must protect mission-critical SaaS data with the same enterprise-grade security that is applied to on-premises applications and data.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eSingle-Vendor Simplicity \u003c/h4\u003e\n\u003cp\u003e\nEnsuring consistent security and connectivity for users everywhere, requires close integration between all SASE components. This can be difficult to achieve when solutions are from different vendors. \u003c/p\u003e\n\u003cp\u003e\nBy contrast, a single-vendor platform approach to SASE can deliver significant operational efficiency and management simplicity by fully integrating and converging networking and security functions. A single-vendor approach ensures the consistent application of security policies across all network edges, users, devices, and applications.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eOne Agent for All Use Cases \u003c/h4\u003e\n\u003cp\u003eA significant benefit of a single-vendor approach to SASE is the reduction of complexity at the endpoint. Single-vendor SASE can offer a unified agent for all remote access use cases. This increases operational visibility and compliance and can provide advanced protection with features like sandboxing to ensure no suspicious files or malware are executed at the endpoint.\n\u003c/p\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"b33482a8-9d47-44b9-a781-426a63e60f61","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{"text-align":"center"},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":11.0},"content":"Choosing the Right SASE Solution","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"07509eb4-27ef-4810-9043-9590302e7f4d","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":14.0},"content":"\u003cp\u003eFortinet Unified SASE is a single-vendor SASE solution that delivers consistent enterprise-grade security and a superior user experience across all network edges. Unified SASE converges networking and security and leverages a unified operating system and a single endpoint agent for all SASE components. \n\u003c/p\u003e\n\u003cp\u003eUnified SASE extends AI/ML-powered security services and threat intelligence across network thin edges — such as wireless access points (APs) — Secure SD-WAN, client agents, and agentless users. This enables secure access to users both on and off the network.\n\u003c/p\u003e\u003cp\u003eFortinet Unified SASE benefits from over 20 years of organic networking and cybersecurity innovations, including a common FortiOS operating system and FortiGuard Labs AI-powered security services. Unified SASE offers SWG, Universal ZTNA, next-generation dual-mode CASB, FWaaS, DLP, DEM, and secure SD-WAN connectivity.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eSecure Web Gateway (SWG)\u003c/h4\u003e\n\u003cp\u003eProtects against the most advanced web threats with a broad set of capabilities for securing web traffic, including encrypted traffic. SWG enables defense-in-depth strategy with web filtering, anti-virus, anti-malware, file filtering, and more for both managed and unmanaged devices.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eFirewall-as-a-Service (FWaaS)\u003c/h4\u003e\n\u003cp\u003eLeveraging the independently certified and acclaimed security capabilities of FortiOS, Fortinet’s FWaaS technology enables high-performance SSL inspection, Sandbox, and advanced threat detection techniques from the cloud. It also establishes and maintains secure connections and analyzes in-bound and out-bound traffic without impacting the user experience.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eUniversal ZTNA\u003c/h4\u003e\n\u003cp\u003eApplying ZTNA everywhere for all users and devices—regardless of location—shifts implicit access to explicit control. Granular controls applied per application, combine user authentication, continuous identity, context validation, integration with third party IAM, and monitoring.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eNext-Generation Dual-Mode CASB\u003c/h4\u003e\n\u003cp\u003eWith both inline and API-based support, next-generation CASB is able to identify key SaaS and shadow IT applications. Dual-mode CASB provides secure access to sanctioned SaaS applications, restricts access to SaaS applications from untrusted endpoints, and enables ZTNA posture checks for application access.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eSecure Software-Defined WAN (SD-WAN)\u003c/h4\u003e\n\u003cp\u003eFortinet on-premises and cloud-delivered Secure SD-WAN includes application steering and dynamic routing to help identify the shortest path to corporate applications. Secure SD-AN can then make corrections if the integrity of those connections changes, ensuring remote workers have the best possible user experience.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eData Loss Prevention (DLP)\u003c/h4\u003e\n\u003cp\u003eDLP identifies, monitors, and protects an organization’s data, at rest and in motion. Fortinet’s DLP engine is backed by FortiGuard AI feeds with hundreds of pre-defined data patterns, updated to protect from day zero.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eThin Edge Extension\u003c/h4\u003e\n\u003cp\u003eThin Edge Extension secures thin edge locations, such as access points and extenders — that don’t have access to an on-premises firewall. This blocks ransomware and malware and provides full cloud-delivered management of thin edges.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eEnd-to-End Digital Experience Monitoring (DEM)\u003c/h4\u003e\n\u003cp\u003eDEM assists administrators with troubleshooting remote user connectivity slowness through enhanced health check visibility of SaaS applications, endpoint device, network path, and LAN health. This reduces resolution times and ensues positive user experience.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eOne Operating System\u003c/h4\u003e\n\u003cp\u003eRather than providing an isolated, cloud-only approach, Fortinet’s Unified SASE functions as an extension of the Fortinet Security Fabric. Unified SASE extends and leverages the power of the FortiOS operating system—the common operating environment that ties together Fortinet’s entire portfolio of security fabric solutions.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eUnified Management Plane\u003c/h4\u003e\n\u003cp\u003eFortinet Unified SASE offers cloud hosted unified management which includes all elements of SSE, DEM, WLAN, and SD-WAN integration with a single analytics engine—FortiView. FortiView integrates with FortiAnalyzer for more comprehensive management and reporting.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eA Single Unified Endpoint Agent\u003c/h4\u003e\n\u003cp\u003eFortiClient is a unified SASE agent. It supports EndPoint Protection (EPP), ZTNA, SSE, CASB, DEM, Sandboxing, vulnerability management, and USB device control.\nFlexible SASE Enforcement to All Locations\nFortinet offers full support for both agent and agentless users. Thin edges of the network use cloud-based FortiSASE to deliver holistic security to all users across all locations, with built-in SD-WAN and ADVPN (dynamic tunnels) functionality.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eAI/ML-Powered FortiGuard Security Services\u003c/h4\u003e\n\u003cp\u003eFortinet Unified SASE delivers best in class security efficacy and zero-day threat protection through FortiGuard Labs AI/ML-powered security services and threat intelligence.\n\u003c/p\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"66a28dd7-2790-4353-9632-f918fc5cfcdd","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":16.0},"content":"\u003cp\u003eFortinet Unified SASE is a single, fully integrated solution offering secure internet access, secure corporate access, and secure SaaS access across all network edges. This singular approach eliminates operational complexity and redundancy, provides a uniform platform for productivity enhancing automation, and prioritizes the user experience. \u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eDeliver Consistent Security Across All Edges\u003c/h4\u003e\n\u003cp\u003eAll Fortinet single-vendor SASE elements are natively integrated with FortiGuard AI/ML-powered security services for consistent, optimized protection against sophisticated threats from all major threat vectors. Comprehensive security services — from threat prevention to next-generation firewall policies — give you the tools to protect your assets across all network edges. \u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eSimplify Operations\u003c/h4\u003e\n\u003cp\u003eFortinet single-vendor SASE is built on a unique platform that includes a single, organically developed operating system, a unified agent for all endpoints, and a common management system. Together these elements deliver unprecedented operational simplicity, integration flexibility, and security posture consistency.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eReduce Total Cost of Ownership\u003c/h4\u003e\n\u003cp\u003eUnified SASE eliminates point product sprawl and the cost and complexity of managing a multi-vendor cloud security infrastructure. In addition to simplifying management, Fortinet’s SASE solution shifts CAPEX to OPEX with flexible usage-based licensing and subscription pricing.\u003c/p\u003e\n\u003ch4 style=\"margin-top:10px;\"\u003eImprove the User Experience\u003c/h4\u003e\n\u003cp\u003eFortinet single-vendor SASE significantly simplifies endpoint deployment and protection. A single unified client enables comprehensive end-to-end visibility, enabling user, endpoint, application, and network performance to be correlated with business outcomes, substantially improving the user experiences.\n\u003c/p\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"6b8163a4-8841-482b-882b-819e39c14dcc","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{"text-align":"center"},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":13.0},"content":"Fortinet Unified SASE","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"45ffd204-2621-40b1-b805-6a7a67b46df8","custom_javascript":null,"personalization_type":"addition"},{"selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1)","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"45d683c4-477f-4892-ac27-ab68979e425a","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(6) \u003e section.section--resource \u003e div.wrap \u003e div[class*=\"Title\"] \u003e h2.text-align--center","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"h2","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"529b46d3-15b9-46fd-9c8a-f01736024758","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(6) \u003e section.section--resource","data":{"html_attributes":{"style":"font-weight: 300; font-size: 1.3rem; letter-spacing: 1.3px; line-height: 1.4; padding-top: 0px; padding-bottom: 0px;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c79edb03-8be0-4f7d-98a4-3d50cbc57b67","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","index":0,"deconflictor":0.5},"content":"\u003cp\u003eCloud infrastructure complexity poses a significant cybersecurity risk. Secure Access Service Edge (SASE) offers a holistic solution, securely connecting any user to any platform in any location.\n\u003c/p\u003e\n\u003cp\u003e\nOriginally conceptualized by Gartner, SASE combines a mix of networking and security services:\n\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSoftware-Defined Wide Area Network (SD-WAN)\n\u003cli\u003eFirewall as a Service (FWaaS)\n\u003cli\u003eSecure Web Gateway (SWG)\n\u003cli\u003eZero Trust Network Access (ZTNA)\n\u003cli\u003eCloud Access Security Broker (CASB)\n\u003cli\u003eDigital Experience Monitoring (DEM)\n\u003cli\u003eData Loss Prevention (DLP)\n\u003c/ul\u003e\n\u003cp\u003eSASE combines networking and cybersecurity in one solution. It cuts the cost and effort of managing a complex and disjointed infrastructure of separate tools. SASE makes it easy to maintain a consistent, enterprise-wide security posture. It lowers the risk of intrusions and secures cloud access from the hybrid workplace. \n\u003c/p\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"14ab5a19-eb8a-4bf7-9d39-d4df6b9e5cbe","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2) \u003e a.trailing-link","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e8265e6f-e1b5-4949-8581-7cfbf0ae2e79","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div.screenshot \u003e div:nth-of-type(1) \u003e div.image \u003e a.id-image-modal \u003e div.image-enlarge-indicator","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ac1fa910-9c6f-4e3f-b0fc-43a61c621128","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(5) \u003e section.section--resource","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"aec00732-754e-4c0b-a652-740904fd98ff","custom_javascript":null,"personalization_type":"modification"},{"selector":"a.btn","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"dfec6125-330b-4a89-90fc-d93913b05488","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.section-content","data":{"html_attributes":{},"styles":{"margin-top":"40px","margin-bottom":"0px"},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9de12b4d-9a8a-43bb-a4d7-bd2c247f5081","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2) \u003e p","data":{"html_attributes":{},"styles":{},"content":"\u003cp\u003eOver the past two decades, enterprises have steadily embraced the cloud as a platform for business applications. This shift accelerated during the pandemic with the broad adoption of remote work. Today, many organizations have adopted a hybrid approach to the workplace, with remote, branch, and on premises workers leveraging a mix of cloud services:\u003c/p\u003e","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"5dd341bd-1790-499c-abdd-d54b356659e3","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2) \u003e p","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box \u003e div:nth-of-type(2)","manual_insert_before_selector":null,"index":1,"deconflictor":1.0},"content":"\u003cp\u003eWith an increasingly diverse range of use cases, access to this multi-cloud environment from the hybrid workplace has become fragmented and complex.\u003c/p\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"45504300-7726-4cac-8509-229f477dbe97","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.banner \u003e div:nth-of-type(1)","data":{"html_attributes":{},"styles":{"margin-top":"0px"},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"0acb6d82-2062-47ed-b5cc-c08b79112784","custom_javascript":null,"personalization_type":"modification"},{"selector":"a.threats-button \u003e span","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"span","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"60b96685-e0ac-4310-85b0-468be9c8c676","custom_javascript":null,"personalization_type":"modification"},{"selector":"a.threats-button","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"5b665f2d-12d2-44ea-ac58-43e46b281119","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{"margin-top":"20px","text-align":"center","margin-bottom":"40px"},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":5.0},"content":"How Does SASE Work?","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"05430d04-ca8e-420d-a3d3-a87e6a813e7a","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{"margin-top":"20px","text-align":"center","margin-bottom":"40px"},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":9.0},"content":"Comparing SASE to legacy cloud access","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"132e402e-c51e-41e6-b8aa-bf600af9cf27","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{"margin-top":"20px","text-align":"center","margin-bottom":"40px"},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":15.0},"content":"The Benefits of a Single-Vendor Approach to SASE","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9515235c-2eef-4dc6-b6c3-cc30544aea77","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{"margin-top":"20px"},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":2.0},"content":"\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" style=\"height: 220.5px;\"\u003e\n \n \u003ch4\u003eSoftware-Defined WAN (SD-WAN)\u003c/h4\u003e\n\u003cul\u003e\n \u003cli\u003eManages WAN traffic to deliver the best performance and reliability.\n\u003cli\u003eProvides a resilient on-ramp to the SASE cloud service.\n\u003c/ul\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" style=\"height: 220.5px;\"\u003e\n \n \u003ch4\u003eFirewall as a Service (FWaaS)\u003c/h4\u003e\n\u003cul\u003e\n \u003cli\u003eOffers 360-degree visibility and control of network traffic.\n\u003cli\u003eIn addition to next-generation firewall (NGFW) services, FWaaS enables logical network segmentation.\n\u003c/ul\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" style=\"height: 220.5px;\"\u003e\n \n \u003ch4\u003eSecure Web Gateway (SWG)\u003c/h4\u003e\n\u003cul\u003e\n \u003cli\u003eProtects users from web-based attacks like malware and phishing.\n\u003cli\u003eEnforces security policy compliance.\n\u003c/ul\u003e\n\n \u003c/div\u003e\n\u003c/div\u003e\n\n\n\n\n\u003c/div\u003e\n","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4df3b63a-b24e-4c7d-a900-67f0e33f67bb","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9fb706bf-0671-4286-9831-c7dc614f9184","custom_javascript":null,"personalization_type":"addition"},{"selector":"section.section","data":{"html_attributes":{"class":"","style":""},"styles":{"background-image":"url(https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/GettyImages-1128258459%25202000x736.jpg)"},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"6e4d421e-aa50-4636-8eb9-1d2e5e2d4bd7","custom_javascript":null,"personalization_type":"modification"},{"selector":"main#CONTENT \u003e div:nth-of-type(6)","data":{"html_attributes":{"style":""},"styles":{},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ae87ec69-bb35-4c3d-b270-7bdbede5c554","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{"margin-top":"20px","text-align":"center","margin-bottom":"40px"},"position":{"parent_selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow","manual_insert_before_selector":null,"index":0,"deconflictor":-0.25},"content":"Securing Multi-Cloud Complexity","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"7008ad0d-5c59-4bd5-b77e-7f680814ebe5","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e section.section--products \u003e div.wrap--narrow \u003e div.id-image-callout-box","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d2858f8e-18ed-4917-80e9-864df3c6f1dd","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(10) \u003e hr.thickline","data":{"html_attributes":{"style":""},"styles":{},"custom":false,"tag":"hr","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c848ce2c-6481-4e65-b997-84f8cd32fdcc","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(12) \u003e hr.thickline","data":{"html_attributes":{"class":"","style":"display: none;"},"styles":{},"custom":false,"tag":"hr","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9813db96-be73-4379-a942-c375706a917d","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(7) \u003e section.section--resource","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"59fa00f2-8e7f-49f2-8229-f7783924a99c","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(13) \u003e section.section--resource","data":{"html_attributes":{"style":"display: none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"fa993c99-5d6b-43f2-b6cb-30c70769ab45","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section--features","data":{"html_attributes":{"style":"display: none"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"919d9d5b-71dd-446e-add0-de96833cec7c","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(15) \u003e section.section--resource","data":{"html_attributes":{"style":"display: none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"de6e38f0-b4d2-4f23-a567-5c8a2091111c","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.analyst-validation-label","data":{"html_attributes":{"style":"display: none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"2370e290-e5b4-4ca8-aab5-444329e17b29","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(11) \u003e section.cs--padding","data":{"html_attributes":{"style":"display: none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"82d29c83-066f-4946-8d3c-2f1f5bfa01e8","custom_javascript":null,"personalization_type":"modification"},{"selector":"h1","data":{"html_attributes":{},"styles":{"color":"#050505","font-size":"54px","margin-top":"20px"},"content":"What is SASE? ","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"857c14bc-ad6e-4a5c-a333-3148009a24f9","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.section-content \u003e p","data":{"html_attributes":{},"styles":{"color":"#000000"},"content":"Work happens everywhere. So should your security. SASE protects access to the cloud from across your expanded digital border so users and devices can truly work from anywhere.","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4f94ab9f-65ab-4cfc-84b1-7c9f6d61c5f8","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","query.utm_content"],"custom_javascript":"document.title = \"What is SASE?\";","custom_css":null,"condition":null}]},{"id":"45","name":"element-test","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"user.random","value":0,"comparator":"greater_than_or_equal","filter":null,"aggregation":null},{"attribute":"query.utm_content","value":"Outbreak-GM","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"2a897dbe-660e-472f-86fe-c0fc1e178fa7","state":"promoted","name":"NAMER ABM Outbreak Reports 2023 GM","description":"NAMER ABM Outbreak Reports 2023 GM","global":false,"priority":7,"experience_type":"render","redirect_url":null,"url_host":"fortinet.com","url_path":"/for-you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"8909cc15-936c-4466-b3e2-061d86847721","dom_update_group_state":"active","variation_key":"8817f97f-8bf9-4378-bc5d-d343dfcdc515","variation_name":"Variation 1","dom_updates":[{"selector":"a.btn","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ae3bdb86-c96a-4b5b-81b3-0f19485af96e","custom_javascript":null,"personalization_type":"modification"},{"selector":"div[class*=\"Resources\"]","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"main#CONTENT","index":3,"deconflictor":null},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"2fc1575d-edce-42ce-80f6-0c583e85f73f","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.section-content \u003e p","data":{"html_attributes":{},"styles":{},"content":"\u003cspan style=\"font-weight:600; font-size:28px:\"\u003edeveloped for\u003c/span\u003e\u003cimg src=\"https://cdn.pathfactory.com/assets/11071/icons/925565/f922121a-01c0-4350-a4e9-a6e28cf2e065.png\" style=\"height:50px; padding:0 10 0 15;\"\u003e \u003cspan style=\"font-weight:600; font-size:28px:\"\u003eby\u003c/span\u003e\u003cspan style=\"font-weight:800; font-size:26px;padding:0 0 0 10;letter-spacing:-.8px;\"\u003eFortiGuard Labs\u003c/span\u003e","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a85dc268-1a5d-43fb-a345-e4415b39f5d9","custom_javascript":null,"personalization_type":"modification"},{"selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e636cea9-cfb9-4cfe-bfc8-d063f5966f76","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container \u003e div[class*=\"Title\"] \u003e h2.new--design","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"2e210f5c-0311-4aea-af04-eecb430c02bc","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":1.0},"content":"\u003cdiv class=\"C11-Text-Columns\" \u003e\n \u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0;}\n a {margin:0 0 5 0;\n color: blue;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003cp\u003eIn 2023, there were multiple\noutbreaks alerts released each\nmonth, making it a notable\nyear in terms of the frequency\nof significant incidents with\nwidespread reach.\n\u003c/p\u003e\n\u003cp\u003e\nThe Outbreaks highlights various\nTargeted and 0-day Attacks,\nWeaponized Vulnerabilities,\nMalware/Ransomware Campaigns\nand OT/IoT threats.\n\u003c/p\u003e\n\u003cp\u003e\nThis diversity emphasizes the\nimportance of timely threat intel\nand proactive protections to help\nan organization remain safe using a\nmulti-layered security approach in\naddressing different threat vectors.\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3 style=\"margin-top:10;\"\u003eVulnerabilities (23)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdobe ColdFusion Deserialization of\nUntrusted Data\n\u003cli\u003eApache RocketMQ RCE\n\u003cli\u003eCacti Command Injection\n\u003cli\u003eCWP Control Web Panel Command Injection\n\u003cli\u003eFortra GoAnywhere MFT RCE\n\u003cli\u003eGoogle Chromium WebP\n\u003cli\u003eIBM Aspera Faspex RCE\n\u003cli\u003eIvanti Endpoint Manager Mobile\nAuthentication Bypass\n\u003cli\u003eJetBrains TeamCity Authentication Bypass\n\u003cli\u003eJoomla! CMS Improper Access Check\n\u003cli\u003eMicrosoft Office and Windows HTML RCE\n\u003cli\u003eMicrosoft Outlook Elevation of Privilege\n\u003cli\u003eOracle WebLogic Server\n\u003cli\u003ePaperCut MF/NG Improper Access Control\n\u003cli\u003eProgress MOVEit Transfer SQL Injection\n\u003cli\u003eTeclib GLPI RCE\n\u003cli\u003eThinkPHP RCE\n\u003cli\u003eTP-Link Archer AX-21 Command Injection\n\u003cli\u003eVMware Aria Operations for Networks\nCommand Injection\n\u003cli\u003eWooCommerce Payments Improper\nAuthentication\n\u003cli\u003eZoho ManageEngine RCE\n\u003cli\u003eZyxel Multiple Firewall\n\u003cli\u003eZyxel Router Command Injection\n\u003c/ul\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3 style=\"margin-top:10;\"\u003eTargeted Attack (8)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e3CX Supply Chain Attack\n\u003cli\u003eApache ActiveMQ Ransomware Attack\n\u003cli\u003eCisco IOS XE Web UI Attack\n\u003cli\u003eCitrix Bleed Attack\n\u003cli\u003eHTTP/2 Rapid Reset Attack\n\u003cli\u003eProgress Telerik UI Attack\n\u003cli\u003eRealtek SDK Attack\n\u003cli\u003eVMware ESXi Server Ransomware Attack\n\u003c/ul\u003e\n\u003ch3 style=\"margin-top:10;\"\u003eMalware (3)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAgent Tesla Malware Attack\n\u003cli\u003eLazarus RAT Attack\n\u003cli\u003eRouter Malware Attack\n\u003c/ul\u003e\n\u003ch3 style=\"margin-top:10;\"\u003eOT/IoT (4)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCosmicEnergy Malware\n\u003cli\u003eMultiple Vendor Camera System Attack\n\u003cli\u003eSolarView Compact Command Injection\n\u003cli\u003eTBK DVR Authentication Bypass Attack\n\u003c/ul\u003e\n\n \u003c/div\u003e\n\u003c/div\u003e\n\n\n\n\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"28f3b69d-9cfe-4fd9-bb41-1b90194af6e3","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"0834a795-bc68-4b82-9373-74ea275eb88f","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container \u003e div[class*=\"Title\"] \u003e h2.new--design","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"h2","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"7abea997-4291-43a4-aee0-517546f53330","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.resources-row","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c39cb83c-fe70-4f93-bd7d-9151744f835d","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"cfae8b5c-8ba3-4e09-9b2b-14ac6acbcef4","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(15) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"44034916-6b22-493c-8433-3dab61b73d1b","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section--features","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"f76e452a-b6c8-42d2-a7b8-666c7ebadda8","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(13) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"213dbb5b-05c2-43cb-9ddd-ef619a8e6652","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(11) \u003e section.cs--padding","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c0ac7c8f-9d38-4d8a-9353-184afdbc434f","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(9) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d7363b16-d6e9-445a-9624-b801c84bb8ec","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.analyst-validation-label","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"8ada6fff-168a-407a-9ac6-7c706869247b","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(7) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c01640ed-c0cf-4022-b5d6-9aaea95ccb67","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(6) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d42cb973-691b-4b8b-a6fd-f6fb98683639","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(5) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a6e78649-838d-42f6-9ef8-aa5541c0bd8c","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.modal--support-window","data":{"html_attributes":{},"styles":{},"content":"\u003ca href=\"https://www.fortinet.com/fortiguard/outbreak-alert-subscription?utm_source=website\u0026utm_medium=fortiguardlabssp\u0026utm_campaign=oa-fortiguard-labs\u0026utm_content=outbreak-alerts-subscribe\" target=\"_blank\" class=\"threats-button\" style=\"\"\u003e\u003csvg xmlns=\"http://www.w3.org/2000/svg\" version=\"1.1\" viewBox=\"0 0 24 24\"\u003e\n \u003cdefs\u003e\n \u003cstyle\u003e\n .cls-1 {\n fill: #fff;\n }\n \u003c/style\u003e\n \u003c/defs\u003e\n \u003c!-- Generator: Adobe Illustrator 28.6.0, SVG Export Plug-In . SVG Version: 1.2.0 Build 709) --\u003e\n \u003cg\u003e\n \u003cg id=\"a\"\u003e\n\u003cpath class=\"cls-1\" d=\"M22.5,20.2L12.7,3c-.1-.2-.4-.4-.7-.4s-.5.1-.7.4L1.5,20.2c-.1.2-.1.5,0,.7.1.2.4.4.7.4h19.6c.3,0,.5-.1.7-.4.1-.2.1-.5,0-.7ZM13.2,19.2h-2.4v-2.2h2.4v2.2ZM13.2,15.3h-2.4v-6.6h2.4v6.6Z\"/\u003e\n \u003c/g\u003e\n \u003c/g\u003e\n\u003c/svg\u003e\u003cspan\u003eSubscribe \u003cbr\u003eto Outbreak Alerts\u003c/span\u003e\u003c/a\u003e\u003ca href=\"/corporate/about-us/contact-us\" class=\"contact-button\"\u003e\u003csvg width=\"13px\" height=\"22px\" viewBox=\"0 0 13 22\" version=\"1.1\" xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\"\u003e\u003cg stroke=\"none\" stroke-width=\"1\" fill-rule=\"evenodd\"\u003e\u003cpath d=\"M11,17 L2,17 L2,3 L11,3 L11,17 Z M6.5,21 C5.67157288,21 5,20.3284271 5,19.5 C5,18.6715729 5.67157288,18 6.5,18 C7.32842712,18 8,18.6715729 8,19.5 C8,20.3284271 7.32842712,21 6.5,21 L6.5,21 Z M10.5,0 L2.5,0 C1.11928813,2.22044605e-16 0,1.11928813 0,2.5 L0,19.5 C0,20.8807119 1.11928813,22 2.5,22 L10.5,22 C11.8807119,22 13,20.8807119 13,19.5 L13,2.5 C13,1.11928813 11.8807119,4.4408921e-16 10.5,4.4408921e-16 L10.5,0 Z\"\u003e\u003c/path\u003e\u003c/g\u003e\u003c/svg\u003e\u003cspan\u003eContact Us\u003c/span\u003e\u003c/a\u003e\u003ca href=\"/demo-center\" class=\"demo-button\"\u003e\u003csvg width=\"24px\" height=\"17px\" viewBox=\"0 0 24 17\" version=\"1.1\" xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\"\u003e\u003cg stroke=\"none\" stroke-width=\"1\" fill-rule=\"evenodd\"\u003e\u003cpath d=\"M20,12 L4,12 L4,2 L20,2 L20,12 Z M14,15 L10,15 L10,14 L14,14 L14,15 Z M22,15 L22,0 L2,0 L2,15 L0,15 L0,17 L24,17 L24,15 L22,15 L22,15 Z\"\u003e\u003c/path\u003e\u003c/g\u003e\u003c/svg\u003e\u003cspan\u003eFree Demo\u003c/span\u003e\u003c/a\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d52ea6e0-10a2-48e6-82b4-166eadaa8c3e","custom_javascript":null,"personalization_type":"modification"},{"selector":"h1","data":{"html_attributes":{},"styles":{},"content":"\u003cp style=\"line-height:1;margin: 20 0 10 0; text-align:left;width=80%;\"\u003eOutbreak Alerts Annual Report \u003c/p\u003e\u003cspan style=\"color: lightgreen;font-weight:400;margin-top: 0;\"\u003e2023\u003c/span\u003e\n\u003cp style=\"color: lightgreen;font-weight:400;margin-top: 0; text-align:left;\"\u003eAutomotive Sector \u003c/p\u003e","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"668480c1-d8b0-4703-a892-cf459bf142ee","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section","data":{"html_attributes":{"style":"display:none;"},"styles":{"background-image":"none"},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"8b44b2b9-61f6-48d1-8610-d2fcd97d6a03","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section","data":{"html_attributes":{"class":"section hero product-hero border-bottom ","style":"padding: 50px 0; background: url(\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-header2.png\") 0% 0% / cover;"},"styles":{},"position":{"parent_selector":"div[class*=\"Product\"]","manual_insert_before_selector":null,"index":2,"deconflictor":null},"content":"\u003cstyle\u003e\n .C941-Product-Hero-Banner .section.product-hero h1 {\n text-align:left;\n font-size: 36px;\n margin-bottom: 0px;\n line-height: 1.3;\n letter-spacing: 0.1px;\n color: #fff;\n}\n.C941-Product-Hero-Banner .section.product-hero span {\n font-weight:400;\n}\n\u003c/style\u003e\n\n \u003cdiv class=\"wrap\"\u003e\n \u003cdiv class=\"row banner\" style=\"\"\u003e\n \u003cdiv class=\"col-lg-8 col-8 col-md-12 col-sm-12\"\u003e\n \u003cdiv class=\"section-content\"\u003e\n \u003ch1 style=\"\"\u003eOutbreak Alerts Annual Report \u003cspan style= \"color:lightgreen;\"\"\u003e2023\u003cp\u003eAutomotive Sector\u003c/p\u003e\u003c/span\u003e\u003c/h1\u003e\n \u003cp\u003e\n \u003cspan style=\"font-weight:600; font-size:28px:\"\u003edeveloped for\u003c/span\u003e\u003cimg src=\"https://cdn.pathfactory.com/assets/11071/icons/925565/f922121a-01c0-4350-a4e9-a6e28cf2e065.png\" style=\"height:50px; padding:0 10 0 15;\"\u003e \u003cspan style=\"font-weight:600; font-size:28px:\"\u003eby\u003c/span\u003e\u003cspan style=\"font-weight:800; font-size:26px;padding:0 0 0 10;letter-spacing:-.8px;\"\u003eFortiGuard Labs\u003c/span\u003e\n \u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n ","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d54fbbd8-e04f-406b-90ea-7fbc57a5351b","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":2.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"outbreak-release\"\u003eOutbreak Release Timeline\u003c/h1\u003e\n \u003cp style=\"margin:0 50px 0 50px;\"\u003eThe data reveals a continuous stream\nof critical cyber threats throughout\nthe year 2023. There were notable\nincreases in the number of outbreaks\nbetween March and July.\n\u003c/p\u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-12.jpg\"\u003e\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"8aca9828-d1a6-4208-86be-ad43b2fe8a0b","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":5.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"malware\"\u003eMalware Profile\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eOverall Malware and 0-day Detections\u003c/h3\u003e\n\u003cp\u003eIn 2023, FortiGuard Labs observed an average of 250 million total malware detections per month. Among those were 6 million 0-day (or unknown) malware detections per month.\n\u003c/p\u003e\n\u003cp\u003e\nThe Microsoft Windows executable file type remained the most common vehicle for malware attacks followed by Microsoft Office file type.\n\u003c/p\u003e\u003cp\u003e\nSimilar to the previous year, the top malwares were the \u003cspan style=\"color:green;\"\u003eMSOffice/CVE_2017_11882.C\u003c/span\u003e and \u003cspan style=\"color:green;\"\u003eMSExcel/CVE_2018_0798.BOR\u003c/span\u003e which are both file-based stack buffer overflow vulnerability in Microsoft Office.\n\u003c/p\u003e\n\u003cp\u003e\n The exploit can run malicious shellcode which will allow the malware to attempt to download the next malicious payload.\n\u003c/p\u003e\n\n\u003c/div\u003e\n\u003cdiv class=\"col-8 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-123.png\" style=\"background-color:black\"\u003e\n\u003cp\u003eMonthly blocked count of Total Malware and 0-day Detection. Total per file type.\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\u003cdiv\u003e\n","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d79f4a1b-6876-4717-98cc-96d9a3946993","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":6.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"active-malware\"\u003eSignificant Active Malware\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eAsh Trojan\u003c/h3\u003e\n\u003cp\u003eThe Ash trojan is an installer script-based malware\nthat incorporates numerous junk instructions to\nevade Antivirus programs. It was quite prevalent in\nEuropean and Asian countries with million block hits\nper month.\n\u003c/p\u003e\n\u003cp\u003eThis malware was quite epidemic because it was used alongside the recent Lazarus Remote Access Trojan Attack.\n\u003c/p\u003e\n\u003cp\u003e\n Detection signature for Ash Trojan: \u003cspan style=\"color:orangered;\"\u003eW32/Ash!tr\u003c/span\u003e\n\u003c/p\u003e\n\n\u003c/div\u003e\n\u003cdiv class=\"col-8 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-130-4.png\" style=\"background-color:black\"\u003e\n\u003cp\u003eMonthly blocked count and total per country of Ash Trojan.\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eStealer 36680 Trojan\u003c/h3\u003e\n\u003cp\u003eThe Stealer 36680 trojan is a .NET based Windows\nexecutable malware that hides and encrypts its\nmalicious code specifically in the ‘Resource’ section.\n\u003c/p\u003e\n\u003cp\u003e\nThe decrypted code is another Windows executable program that contains the payload. This malware was first discovered in May 2023 and continued to prevail with an average of 4 million blocked hits per month.\n\u003c/p\u003e\n\u003cp\u003e\n Detection signature for the Stealer 36680 Trojan: \u003cspan style=\"color:orangered;\"\u003eMSIL/Stealer.36680!tr\u003c/span\u003e\n\u003c/p\u003e\n\n\u003c/div\u003e\n\u003cdiv class=\"col-8 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-136.png\" style=\"background-color:black\"\u003e\n\u003cp\u003eMonthly blocked count and total per country of Stealer 36680 Trojan.\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\n\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eWannaMine Trojan\u003c/h3\u003e\n\u003cp\u003eThe WannaMine trojan has a call home requests to\n“doc.conf1g.com.”\n\u003c/p\u003e\n\u003cp\u003e\nThat domain name is categorized as the command-and-control (C2) server for WannaMine which is a known malicious mining service. This malware was heavily seen in Tunisia, a country in North Africa, with a total of 11 million block hits.\n\u003c/p\u003e\n\u003cp\u003e\n Detection signature for WannaMine trojan: \u003cspan style=\"color:orangered;\"\u003eW32/Agent.EFD9!tr\u003c/span\u003e\n\u003c/p\u003e\n\n\u003c/div\u003e\n\u003cdiv class=\"col-8 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-142.png\" style=\"background-color:black\"\u003e\n\u003cp\u003eMonthly blocked count and total per country of WannaMine trojan.\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4321238f-8f43-4605-a8dc-822216b85d18","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":8.0},"content":"\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"ot-ics\"\u003eOT/ICS Profile Summary\u003c/h1\u003e\n\n \u003cdiv class=\"C11-Text-Columns\"\u003e\n \u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-3 match-height col-sm-12\"\u003e\n \n \u003cp\u003eOperational Technology (OT) and Industrial\nControl Systems (ICS) face unique and critical\ncybersecurity threats that can have severe\nconsequences on physical infrastructure and\nindustrial processes.\n\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-3 match-height col-sm-12\"\u003e\n \u003ch5\u003eTargeted Attacks on Critical Infrastructure\u003c/h5\u003e\n \u003cp style=\"font-size:13px;\"\u003e\n Adversaries increasingly target critical infrastructure, such as energy, water, transportation, and manufacturing sectors, aiming to disrupt operations, cause physical damage, or compromise safety systems.\n\u003c/p\u003e \n\u003c/div\u003e\n\u003cdiv class=\"col-3 match-height col-sm-12\"\u003e\n \u003ch5\u003eSpecifically Crafted Malware\u003c/h5\u003e\n \u003cp style=\"font-size:13px;\"\u003e\n Cyber threats to OT/ICS often involve specially crafted malware designed to manipulate or disrupt industrial processes Examples include Stuxnet, Triton, and Industroyer, which target control systems and programmable logic controllers (PLCs). \n\u003c/p\u003e \n\u003c/div\u003e\n\u003cdiv class=\"col-3 match-height col-sm-12\"\u003e\n \u003ch5\u003eConvergence of IT and OT\nNetworks\u003c/h5\u003e\n \u003cp style=\"font-size:13px;\"\u003e\n The convergence of Information Technology (IT) and OT networks increases the attack surface. Threats that begin in IT environments may move laterally into OT networks, potentially impacting critical infrastructure.\n\u003c/p\u003e \n\u003c/div\u003e\n\u003c/div\u003e\n\u003cp\u003eHere is a summary of some key aspects of OT/ICS cyber threats…\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n \u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-10 match-height col-sm-12\"\u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-201-1.png\"\u003e\n\u003cp\u003eTop 10 OT vendor with unique exploit attempts per device and month.\n \u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-2 match-height col-sm-12\"\u003e\n \u003ch5\u003eExploitation attempts on Advantech, LAquis and Schneider Electric comprised 60% of the top 10 OT vulnerabilities.\n\u003c/h5\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"79e8faec-edad-4696-998f-6a2ea84d8122","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":11.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"challenges\"\u003eChallenges to the Cyber Landscape in 2024\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003cp\u003e\n The cybersecurity landscape is ever changing, marked by the continual emergence of new threats. Being aware of the primary challenges enables organizations to remain vigilant against evolving risks and adjust their cybersecurity strategy accordingly.\n\u003c/p\u003e\n\u003cp\u003e\n Understanding these key challenges is vital for efficient risk management, safeguarding sensitive data, ensuring uninterrupted business operations, fostering trust, and staying proactive against emerging threats.\n\u003c/p\u003e\n\u003cp\u003e\n Let’s discuss what are some of the key challenges…\n \u003c/p\u003e\n \n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%252072%2520copy%252010.png\" style=\"width:100px;margin:0 0 0 120;padding:0 0 0 0; \"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c; color:white;\"\u003eIncreased sophistication of attacks\u003c/h3\u003e\n\u003cp\u003e\nCyber attackers are becoming more sophisticated, using advanced tactics such as artificial intelligence (AI) and machine learning (ML) to enhance the effectiveness of their campaigns.\n\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e \n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%252072%2520copy%25208.png\" style=\"width:100px; margin-left:120px;\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c; color:white;\"\u003eZero-day exploits\u003c/h3\u003e\n\u003cp\u003e\nThe discovery and exploitation of previously unknown vulnerabilities, known as \nzero-day exploits, remain a persistent challenge, as they provide attackers with the \nopportunity to bypass existing security measures.\n\u003c/p\u003e\n\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%252072%2520copy%25209.png\" style=\"width:100px; margin-left:120px;\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c; color:white;\"\u003eRansomware proliferation\u003c/h3\u003e\n\u003cp\u003e\nRansomware attacks continue to surge, with threat actors employing advanced \ntechniques like double extortion, targeting critical infrastructure, and demanding \nlarger ransom payments Some ransomware attacks involve a more hands-on, \nhuman-operated approach, allowing attackers to tailor their strategies, evade \ndetection, and increase the effectiveness of their campaigns.\n\u003c/p\u003e \n\u003c/div\u003e\n\u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%252072%2520copy%25206.png\" style=\"width:100px; margin-left:120px;\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c; color:white;\"\u003eNation-state threats\u003c/h3\u003e\n\u003cp\u003e\nState-sponsored cyber threats pose significant challenges, with nation-states \nengaging in cyber-espionage, cyber warfare, and attempts to disrupt \ncritical infrastructure.\n\u003c/p\u003e\n\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%252072%2520copy%25207.png\" style=\"width:100px; margin-left:120px;\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c; color:white;\"\u003eIoT vulnerabilities\u003c/h3\u003e\n\u003cp\u003e\nThe proliferation of Internet of Things (IoT) devices introduces new security \nchallenges, as many of these devices may have inadequate security features, \nmaking them potential targets for exploitation.\n\u003c/p\u003e\n \u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"79c04193-6a6b-432d-adac-c061e54e2cfa","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":7.0},"content":"\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"observations\"\u003eRansomeware observations and highlights\u003c/h1\u003e\n\u003cp\u003eSeveral noteworthy developments and observations regarding ransomware:\u003c/p\u003e\n \u003cdiv class=\"C11-Text-Columns\"\u003e\n \u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eRansomware-as-a-Service (RaaS) model\u003c/h3\u003e\n \u003cp\u003eThe prevalence of the RaaS model persists as a notable trend This model empowers less technically proficient individuals to execute ransomware attacks by utilizing pre-designed malware provided by more advanced developers, leading to the widespread dissemination of ransomware.\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eTargeted Attacks\u003c/h3\u003e\n \u003cp\u003eWhile indiscriminate attacks on individuals and small businesses persist, there is an escalating trend of focused attacks on larger organizations, government entities, and critical infrastructure. Attackers conduct comprehensive reconnaissance before initiating their attacks.\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eDiverse Tactic\u003c/h3\u003e\n \u003cp\u003eRansomware operators continue to refine their tactics, utilizing various methods for initial access. These methods encompass phishing emails, exploiting software vulnerabilities, compromising remote desktop protocols, and even employing supply chain attacks or targeting software vendors to broaden their victim pool.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003cp\u003eLet's focus on significant widespread ransomware.\u003c/p\u003e\n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eCrysis Ransomware\u003c/h3\u003e\n \u003cp\u003eAlias: \u003cspan style=\"color:green\"\u003eDharma\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eExtension: \u003cspan style=\"color:green\"\u003e.mao, .CY3, .d0n\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eDetection: \u003cspan style=\"color:orangered\"\u003eW32/Crysis.P!tr.ransom\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eCrySIS, also known as Dharma, is a type of ransomware that first appeared around 2016. Like other ransomware variants, CrySIS encrypts files on a victim’s computer or network, rendering them inaccessible.\u003c/p\u003e\n \u003cp\u003eCrySIS typically spreads through phishing emails, malicious attachments, or compromised websites. Once it infiltrates a system, it begins encrypting files using a strong encryption algorithm, making it challenging to recover the files without the decryption key.\u003c/p\u003e\n \u003cp\u003eLearn more: \u003ca href=\"https://www.fortinet.com/blog/threat-research/ransomware-roundup-playing-whack-a-mole-with-new-crysis-dharma-variants\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eThreat Research\u003c/a\u003e\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-8 match-height col-sm-12\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-150.png\" style=\"background-color:black\"\u003e\n \u003cp\u003eMonthly blocked count and total devices per country of Crysis Ransomware.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n\u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eGogaLocker Ransomware\u003c/h3\u003e\n \u003cp\u003eExtension: \u003cspan style=\"color:green\"\u003e.locked\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eDetection: \u003cspan style=\"color:orangered\"\u003eW32/Crypren.AFFL!tr.ransom\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eGoga Locker is a type of ransomware that has been known to target businesses specifically Industrial OT environments.\n\u003c/p\u003e\n\u003cp\u003e\nOne of the world’s biggest producers of aluminum was hit by GogaLocker ransomware attack in 2019 that shut down its worldwide network and disrupted its operation.\n\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-8 match-height col-sm-12\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-173-2.png\" style=\"background-color:black\"\u003e\n \u003cp\u003eMonthly blocked count and total devices per country of GogaLocker Ransomware.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e \n\u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eREvil Ransomware\u003c/h3\u003e\n \u003cp\u003eAlias: \u003cspan style=\"color:green\"\u003eSodinokibi Extension: .sodinokibi\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eDetection: \u003cspan style=\"color:orangered\"\u003eW32/Sodinokibi!tr.ransom\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eREvil ransomware is infamous for targeting high-profile victims and demanding large ransom payments.\n \u003c/p\u003e\n \u003cp\u003e\nIt has been involved in high-stakes attacks against \nbusinesses. REVil is often associated with a \nRansomware-as-a-Service model. This means that the \ncreators of the ransomware provide it to other criminal \nactors, who then use it to conduct attacks.\n\u003c/p\u003e\n\u003cp\u003e \nRansomware attacks, including those involving REVil, \nhave led to significant financial losses, data breaches, \nand disruptions in various sectors. The targets of \nREVil attacks have included various organizations and \nbusinesses around the world. Ransomware attacks often \nfocus on industries with critical data, such as healthcare, \nfinance, and government. \n\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-8 match-height col-sm-12\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-152-5.png\" style=\"background-color:black\"\u003e\n \u003cp\u003eMonthly blocked count and total devices per country of REvil Ransomware.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e \n \n \n \u003c/div\u003e\n","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"7722d4d7-ba13-41bf-913c-b3a21ba72112","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":9.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;line-height: 1.1; background-color:#3cb07c;\" id=\"ot-ics-threats\"\u003eLet’s focus on some signifiant targeted OT/ICS vulnerabilities and threats\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eCosmicEnergy Malware\u003c/h3\u003e\n\u003ch5\u003eOT Malware designed to cause electric power disruption\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\nThe CosmicEnergy malware was observed targeting the operational technology sector.\u003c/p\u003e \n\u003cp\u003e\nAccording to the reports, the malware is specifically designed to cause electric power \ndisruption through exploiting IEC 60870-5-104 protocol That protocol is commonly used in \nelectric transmission and distribution operations in Europe, the Middle East, and Asia. \n\u003c/p\u003e\n\u003cp\u003eBased on FortiGuard Labs, detection hits were seen in the following countries: Bulgaria, Canada, Israel, and United Kingdom The identification of this malware exemplifies that the threat actors are actively engaged to disrupt critical infrastructure and using new design flaws to create new malware which share technical similarities with other OT malware families.\n\u003c/p\u003e\n\u003cp\u003eDetection Signature: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/cosmicenergy-malware\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOT Security Service\u003c/a\u003e\n\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eIgnition Authentication Bypass\u003c/h3\u003e\n\u003ch5\u003eCVE-2022-35871\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\nIgnition is a software platform provided by Inductive that utilizes HMI (Human Machine Interface), SCADA (Supervisory Control and Data Acquisition), and MES (Manufacturing Execution System) functionalities.\n\u003c/p\u003e\n\u003cp\u003e\nThe platform provides real-time status and control screens for monitoring and managing machines A security vulnerability has been identified, allowing remote unauthenticated attackers to execute arbitrary code.\n\u003c/p\u003e\n\u003cp\u003e\nBased on FortiGuard Labs, detection hits were seen in the following countries: Belgium, Brazil, Canada, Spain and United States.\n\u003c/p\u003e\n\u003cp\u003eDetection Signature: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/52024\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOT Security Service\u003c/a\u003e\n\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eMilesight Routers Information Disclosure\u003c/h3\u003e\n\u003ch5\u003eCVE-2023-43261\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\nMilesight specializes in providing intelligent IoT and video surveillance products, with a primary emphasis on IoT technologies and industrial solution.\n\u003c/p\u003e\n\u003cp\u003e\nThe Milesight router information disclosure vulnerability exposes sensitive information and enables unauthorized access to the device. This vulnerability is attributed to a misconfiguration that activates directory listing on the router systems, making log files openly accessible to the public.\n\u003c/p\u003e \n\u003cp\u003eDetection Signature: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/54096\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOT Security Service\u003c/a\u003e\n\u003c/p\u003e\n \u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"49bb4c75-c95d-4309-a806-322f21cc154f","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":10.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"notable-ttps\"\u003eLet’s focus on notable TTPs\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eExploit Public-Facing Application (T1190)\u003c/h3\u003e\n\u003ch5\u003eTactic: Initial Access\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\nT1190 is the most frequently observed technique by\nthe Outbreaks in 2023.\n\u003c/p\u003e\n\u003cp\u003e\nAttackers try to take advantage of weaknesses in \napplications accessible to the public, aiming to gain \nunauthorized access to systems or manipulate the \nbehavior of the applications. Adversaries could exploit \nestablished vulnerabilities within these applications, \nutilize custom exploits, or employ social engineering \ntechniques to compromise their security.\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://attack.mitre.org/techniques/T1190/\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eExploit Public-Facing Application,\nTechnique T1190 - Enterprise | MITRE ATT\u0026CK®\u003c/a\u003e\n\u003c/p\u003e\n\u003c/div\u003e\n\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003ePhishing (T1566)\u003c/h3\u003e\n\u003ch5\u003eTactic: Initial Access\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\nAdversaries use phishing to deceive individuals into providing sensitive information or executing malicious actions.\n\u003c/p\u003e\n\u003cp\u003e\nPhishing attacks commonly involve emails, but they can also use other communication channels such as instant messaging, social media, or even phone calls Ransomware gangs often use phishing as a primary method to deliver their malicious payloads LockBit is a ransomware strain that has been observed using phishing emails for initial access Sodinokibi, also known as REvil, has been associated with phishing campaigns that leverage malicious attachments or links.\n\u003c/p\u003e \n\u003cp\u003eFor more info: \u003ca href=\"https://attack.mitre.org/techniques/T1566/\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003ePhishing, Technique T1566 -\nEnterprise | MITRE ATT\u0026CK®\u003c/a\u003e\n\u003c/p\u003e\n\u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eDeobfuscate/Decode Files\nor Information (T1140)\u003c/h3\u003e\n\u003ch5\u003eTactic: Defense Evasion\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\n“Deobfuscate” or “decode” refers to the process of reversing the obfuscation or encoding applied to files or information.\n\u003c/p\u003e\n\u003cp\u003e\nObfuscation and encoding techniques are often used by attackers to hide the true nature of malicious code, making it more challenging for security tools to detect and analyze. The Agent Tesla Malware uses a deobfuscation technique with the Rijndael symmetric encryption \nalgorithm.\n\u003c/p\u003e \n\u003cp\u003eFor more info: \u003ca href=\"https://attack.mitre.org/techniques/T1140/\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eDeobfuscate/Decode Files or\nInformation, Technique T1140 - Enterprise |\nMITRE ATT\u0026CK®\u003c/a\u003e\n\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eExploitation of Remote\nServices (T1210)\u003c/h3\u003e\n\u003ch5\u003eTactic: Lateral Movement\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\nTechnique T1210 is highly prevalent, highlighting the importance of securing remote service protocols against unauthorized access and exploitation.\n\u003c/p\u003e\n\u003cp\u003e\nRemote services such as web servers, databases, and other networked services are common targets for exploitation Adversaries leverage known vulnerabilities or use custom exploits to compromise these services.\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://attack.mitre.org/techniques/T1210/\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eExploitation of Remote Services,\nTechnique T1210 - Enterprise | MITRE ATT\u0026CK®\u003c/a\u003e\n\u003c/p\u003e\n\u003c/div\u003e\n\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eOther notable TTPs include:\u003c/h3\u003e\n\u003ch5\u003eNative API (T1106)\u003cbr\u003e\nProcess Injection (T1055)\u003cbr\u003e\nMasquerading (T1036\u003cbr\u003e\nCreate or Modify System Process (T1543)\u003cbr\u003e\nModify Registry (T1112)\u003cbr\u003e\nProcess Injection (T1055)\u003c/h5\u003e\n\n\u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \n\u003cp style=\"font-weight:600; background-color:#3cb07c; color:white;padding:20px 5px 20px 20px;\"\u003e\nThe insights drawn from the data underscore the complexity and diversity of cyber threats and their applied techniques and tactics.\n\u003c/p\u003e \n\n\u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ed5f6cea-e1ea-448b-88fa-02ff3011d4d8","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":3.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"significant-outbreaks\"\u003eLet’s focus on several significant outbreaks in 2023\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003e3CX Supply Chain Attack\u003c/h3\u003e\n\u003cp\u003eTrojanized VOIP application\u003c/p\u003e\n\u003ch5 style=\"color:green;\"\u003e(CVE-2023-29059)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\u003cb\u003eAPT Group(s):\u003c/b\u003e Labyrinth.Chollima\u003cbr\u003e\n\u003cb\u003eDarknet Activity: \u003c/b\u003eYes\n\u003c/p\u003e\n\u003cp\u003e\nThe FortiGuard Labs observed that the threat actors abused a popular business communication software produced by 3CX \n\u003c/p\u003e\n\u003cp\u003e\nTheir voice and video conferencing application was trojanized and used to attack multiple organizations to gather sensitive information using an info stealer Malware Based on the telemetries of blocked download of the malware payload, the geographic spread of victims spans across Australia, Austria, Canada, Germany, Italy, Netherlands, South Africa, Switzerland, United States, and United Kingdom countries.\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/3cx-supply-chain-attack\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOutbreak\u003c/a\u003e | \u003ca href=\"https://www.fortinet.com/blog/threat-research/3cx-desktop-app-compromised\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eThreat Research\u003c/a\u003e\n\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eAgent Tesla Malware Attack\u003c/h3\u003e\n\u003cp\u003eNew variant in the wild\u003c/p\u003e\n\u003ch5 style=\"color:green;\"\u003e(CVE-2018-0802, CVE-2017-11882)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\u003cb\u003eAPT Group(s)\u003c/b\u003e\nBitter,.Cloud.Atlas,.Ocean.lotus,.\nTa413,.Tonto.Team\u003cbr\u003e\n\u003cb\u003eRansomware Group(s)\u003c/b\u003e\nREvil\n\u003c/p\u003e\n\u003cp\u003e\nIn September 2023, FortiGuard Labs detected a phishing campaignthat exploits Microsoft Office vulnerabilities and disseminates a newvariant of Agent Tesla malware.\n\u003c/p\u003e\n\u003cp\u003e\nThis malware has been seen with multiple iterations for almost a decade In this particular campaign, it utilized a Remote Access Trojan (RAT) to initiate access and data-stealing mechanism to extract sensitive information from stored credentials, keylogging data, and screenshots from various software programs like Google Chrome, Mozilla Firefox, and Microsoft Outlook \n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/agent-tesla-malware-attack\" target=\"_blank\" style=\"color:blue;\"\u003eOutbreak \u003c/a\u003e | \u003ca href=\"https://www.fortinet.com/blog/threat-research/agent-tesla-variant-spread-by-crafted-excel-document\" target=\"_blank\" style=\"color:blue;\"\u003eThreat Research.\u003c/a\u003e\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eFortra GoAnywhere MFT RCE\u003c/h3\u003e\n\u003cp\u003eA zero-day exploited in the wild\u003c/p\u003e\n\u003ch5\u003e(CVE-2023-0669)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\n\u003cb\u003eRansomware Group(s) \u003c/b\u003e Cl0p,.Ta505\n\u003cbr\u003e\n\u003cb\u003eExploit publicly available? \u003c/b\u003eYes\n\u003c/p\u003e\n\u003cp\u003e\nThe GoAnywhere MFT is a secure managed\nfile transfer solution that streamlines\nthe exchange of data between systems,\nemployees, customers, and trading partners.\n\u003c/p\u003e\n\u003cp\u003e\nThe security flaw tagged CVE-2023-0669 \nenables attackers to remotely execute code on unpatched GoAnywhere MFT.\n\u003c/p\u003e\n\u003cp\u003e\nThe Clop ransomware claimed to have successfully breach about 130 organizations using this vulnerability \n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/goanywhere-mft-rce\" target=\"_blank\" style=\"color:blue;\"\u003eOutbreak\u003c/a\u003e\u003c/p\u003e\n\n \u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eJetBrains TeamCity\nAuthentication Bypass\u003c/h3\u003e\n\u003cp\u003eAdvanced Persistent Threat Groups\nexploiting the flaw in (CI/CD) application\u003c/p\u003e\n\u003ch5 style=\"color:green;\"\u003e(CVE-2023-42793)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\u003cb\u003eAPT Group(s):\u003c/b\u003e Apt29,.Diamond.Sleet\u003cbr\u003e\n\u003cb\u003eDarknet Activity: \u003c/b\u003eYes\n\u003c/p\u003e\n\u003cp\u003e\nMultiple threat actors have been seen\nexploiting the authentication bypass flaw\nin JetBrains TeamCity that led to remote\ncode execution.\n\u003c/p\u003e\n\u003cp\u003e\nIf compromised, these attackers could access a \nTeamCity server, gaining entry to the software \ndeveloper’s source code, signing certificates, \nand software deployment procedures This \naccess could also be misused to carry out \nattacks on supply chain operations.\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/jetbrains-teamcity-rce\" target=_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOutbreak\u003c/a\u003e | \u003ca href=\"https://www.fortinet.com/blog/threat-research/teamcity-intrusion-saga-apt29-suspected-exploiting-cve-2023-42793\" target=_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eThreat Research\u003c/a\u003e\n\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eLazarus RAT Attack\u003c/h3\u003e\n\u003cp\u003eAPT groups exploiting Log4j2\nvulnerability to deploy Remote\nAccess Trojans (RAT)\u003c/p\u003e\n\u003ch5 style=\"color:green;\"\u003e(CVE-2021-44228)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\u003cb\u003eAPT Group(s)\u003c/b\u003e\nAndariel, Dev-0270, Lazarus, Phosphorus, Teal Kurma\u003cbr\u003e\n\u003cb\u003eRansomware Group(s)\u003c/b\u003e\nLockbit\n\u003c/p\u003e\n\u003cp\u003e\nIn March 2023, a new campaign conducted\nby the Lazarus and other groups were\nseen employing new DLang-based Remote\nAccess Trojans (RATs) malware in the wild.\n\u003c/p\u003e\n\u003cp\u003e\nThe APT groups were targeting manufacturing, \nagricultural and physical security companies by \nexploiting the Log4j vulnerability and using it \nfor initial access leading to a C2 (command and \ncontrol) channel with the attacker. \n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/lazarus-rat-attack\" target=\"_blank\" style=\"color:blue;\"\u003eOutbreak\u003c/a\u003e\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eProgress MOVEit Transfer SQL Injection\u003c/h3\u003e\n\u003cp\u003eExploited in data theft and ransomware attacks\u003c/p\u003e\n\u003ch5\u003e(CVE-2023-34362, CVE-2023-35708, CVE-2023-35036)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\n\u003cb\u003eRansomware Group(s) \u003c/b\u003e Cl0p\n\u003cbr\u003e\n\u003cb\u003eDarknet Activity? \u003c/b\u003eYes\n\u003c/p\u003e\n\u003cp\u003e\nMOVEit Transfer is a managed file transfer\n(MFT) solution developed by Ipswitch, a\nsubsidiary of Progress Software, that allows\nthe enterprise to securely transfer files\nbetween business partners and customers\nusing SFTP, SCP, and HTTP-based uploads.\n\u003c/p\u003e\n\u003cp\u003eAllegedly exploited by the Cl0p ransomware threat actor, high-profile government, finance, media, aviation, and healthcare organizations have reportedly been affected, with data exfiltrated and stolen. \n\u003c/p\u003e\u003cp\u003eThe attack stemmed from multiple SQL injection vulnerability found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer’s database.\n\u003c/p\u003e\u003cp\u003eThe attacker may then be able to execute malicious SQL code that can change or delete database elements.\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/53318\" target=\"_blank\" style=\"color:blue;\"\u003eOutbreak\u003c/a\u003e | \u003ca href=\"https://www.fortinet.com/blog/threat-research/moveit-transfer-critical-vulnerability-cve-2023-34362-exploited-as-a-0-day\" target=\"_blank\" style=\"color:blue;\"\u003eThreat Research\u003c/a\u003e\u003c/p\u003e\n\n \u003c/div\u003e\n\t\u003c/div\u003e\n\t\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n\u003ch3\u003eHTTP/2 Rapid Reset\u003c/h3\u003e\n\u003cp\u003eZero-Day DDoS Attack\u003c/p\u003e\n\u003ch5\u003e(CVE-2023-44487)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\n\u003cb\u003eExploit publicly available \u003c/b\u003e Yes\n\u003cbr\u003e\n\u003cb\u003eDarknet Activity? \u003c/b\u003eYes\n\u003c/p\u003e\n\u003cp\u003e\nHTTP/2 protocol aims to address the limitations of HTTP/1.1 by providing a more efficient and faster web browsing experience.\n\u003c/p\u003e\n\u003cp\u003e\nIt.is.widely.adopted.by.modern.web.browsers.and.public.cloud.servers. to.optimize.the.delivery.of.web.content..The.HTTP/2.Rapid.Reset.is.a. distributed.denial.of.service.(DDoS).attack.on.Web.servers..The.attack. leverages.a.flaw.in.the.implementation.of.protocol.HTTP/2.by.sending. high.volume.of.HTTP.requests.\n\u003c/p\u003e\n\u003cp\u003e\nAttackers.can.cause.a.significant.increase.in.the.CPU.utilization.on. the.servers.that.eventually.can.cause.denial.of.service.by.resource. exhaustion..In.October.2023,.Google.posted.a.report.that.they’ve. blocked.the.largest.attack.in.history.which.reached.up.to.398.million. requests.per.second..\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/http2-rapid-reset-attack\" target=\"_blank\" style=\"color:blue;\"\u003eOutbreak\u003c/a\u003e \n\u003c/p\u003e\n\n \u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"vulnerability\"\u003eVulnerability Profile\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003cp\u003e\n Cyber actors choose vulnerabilities to exploit based on several factors including consideration of strategic goals, industry-specific targets, and evasion tactics. Understanding different vulnerability types and prioritizing the remediation are crucial to a risk based approach to security. That brings several advantages, such as:\n \u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e \n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%25201%2520copy%25204.png\" style=\"width:100px;margin:0 0 0 0;padding:0 0 0 0; \"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c;color:white;\"\u003eRisk Assessment\u003c/h3\u003e\n\u003cp\u003e\nIdentify the vulnerability types, assess their potential risks associated with specific weaknesses in systems, applications, or networks and then prioritize security efforts by focusing on vulnerabilities with higher risk levels.\n\u003c/p\u003e\n \n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%25201%2520copy%25203.png\" style=\"width:100px\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c; color:white;;\"\u003eAttack Surface Analysis\u003c/h3\u003e\n\u003cp\u003e\nUnderstand the entry point that could be exploited by attackers to guide efforts to reduce and secure based on the vulnerability types and their attack vector.\n\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%25201%2520copy%25202.png\" style=\"width:100px\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color: #3cb07c;color:white;;\"\u003eEffective Mitigation Strategies\u003c/h3\u003e\n\u003cp\u003e\nImplement targeted security measures, such as patching software, improving coding practices, and configuring systems securely based on vulnerability types that require distinct mitigation strategies.\n\u003c/p\u003e \n\u003cbr\u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%25201%2520copy.png\" style=\"width:100px\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color: #3cb07c;color:white;;\"\u003ePrioritization of Resources\u003c/h3\u003e\n\u003cp\u003e\nAllocate resources efficiently and focus on addressing high-priority vulnerabilities that pose the greatest risk based on the vulnerability types and their varying levels of impact and exploitability.\n\u003c/p\u003e\n \u003c/div\u003e\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"weaponized\"\u003eWeaponized Vulnerability Profiles\u003c/h1\u003e\n\u003cp\u003e\nIn 2023, the number of actively targeted vulnerabilities with widespread\u003csup style=\"color:green;\"\u003e*\u003c/sup\u003e attack increased by 15%.\n\u003c/p\u003e\n\u003cp\u003e\nAttackers choose vulnerabilities based on ease\nof exploitation, potential impact, commonly used application, and financial incentives. Rightly so, Remote Code Execution (RCE) vulnerabilities were prevalent due to their wide impact on various systems, versatility\nfor attackers, and potential for wormable attacks.\n\u003c/p\u003e\n\u003cp\u003e\nFor instance, there were 325 weaponized and\nwidespread remote code execution vulnerabilities. Out of those, 20 vulnerabilities had been attempted on more than 50,000 devices in a single month.\n\u003c/p\u003e\n\u003cp style=\"font-size:12px; color:green;\"\u003e* Widespread is defined as exploitation attempts of at leasat one thousand unique network devices in a month.\u003c/p\u003e\n\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-105.png\" style=\"background-color:black;\"\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"f6b9ba93-b247-4f8b-8dce-7131bfc70432","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":4.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"targeted\"\u003eWidely Targeted Vulnerabilities\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eApache Log4j Remote\nCode Execution\u003c/h3\u003e\n\u003ch5 style=\"color:green;\"\u003e(CVE-2021-44228)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\u003cb\u003eAPT Group(s):\u003c/b\u003e Andariel, Budworm, Cobalt Mirage,\nDev-0270, Lazarus, Muddywater, \nPhosphorus, Teal.Kurma\u003cbr\u003e\n\u003cb\u003eRansomeware Groups(s): \u003c/b\u003eLockbit, Avos\n\u003c/p\u003e\n\u003cp\u003e\nOn the top of chart is still the infamous remote code execution on Apache Log4j with an average of 90 thousand unique devices\nper month.\n\u003c/p\u003e\n\u003cp\u003e\nThis vulnerability was quite epidemic because it was used alongside the recent Lazarus Remote Access Trojan Attack.\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/log4j2-vulnerability\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOutbreak\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eDetection Signature: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/51006\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eIntrusion Prevention\u003c/a\u003e\n\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv class=\"col-8 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-108.png\" style=\"background-color:black\"\u003e\n\u003cp\u003eNumber of network devices that blocked exploitation attempts of the Apache Log4J2 vulnerability.\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eCisco IOS XE Web UI\u003c/h3\u003e\n \u003ch5 style=\"color:green;\"\u003e(CVE-2023-20198)\u003c/h5\u003e\n \u003cbr\u003e\n \u003cp\u003e\u003cstrong\u003eExploit publicly available?:\u003c/strong\u003e Yes\n \u003cbr\u003e\n \u003cstrong\u003eDarknet activity\u003c/strong\u003e Yes\u003c/p\u003e\n \u003cp\u003eA recent vulnerability on Cisco IOS XE Web UI was a popular target.\n \u003c/p\u003e\n \u003cp\u003e The detection signature was released mid-October and had already \nrecord exploit attempts on 60,000 unique devices in October 2023. The \nvulnerability exploits a backdoor access on a Cisco Web interface via a \ncrafted HTTP request. \u003c/p\u003e\n \u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/cisco-ios-xe-web-ui-vulnerability\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOutbreak\u003c/a\u003e\u003c/p\u003e\n \u003cp\u003eDetection Signature: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/54224\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eIntrusion Prevention\u003c/a\u003e\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-8 match-height col-sm-12\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-107.png\" style=\"background-color:black\"\u003e\n \u003cp\u003eNumber of network devices that blocked exploitation attempts of the Cisco IOS XE vulnerability.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eNetLink and Zyxel Router Attacks\u003c/h3\u003e\n \u003ch5 style=\"color:green;\"\u003e(CVE-2017-18368)\u003c/h5\u003e\n\n \u003cp\u003e The vulnerabilities on NetLink and Zyxel network\ndevices came in second and third on the top\nweaponized vulnerabilities with each an average of\n80 thousand unique devices per month.\n\u003c/p\u003e\n\u003cp\u003e \nSeveral malware attacks such as MooBot, Lucifer, BotenaGo, Zerobot and Enemybot had been targeting these vulnerabilities for the entire year which likely prove successful exploitation. \u003c/p\u003e\n\n \u003cp\u003eDetection Signature for Netlink Vulnerability: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/52588\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eIntrusion Prevention\u003c/a\u003e\u003c/p\u003e\n \n \u003cp\u003eDetection Signature for Zyxel Vulnerability: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/53200\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eIntrusion Prevention\u003c/a\u003e\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-8 match-height col-sm-12\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-115-2.png\" style=\"background-color:black\"\u003e\n \u003cp\u003eNumber of network devices that blocked exploitation attempts of the NetLink vulnerabilities\u003c/p\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-119.png\" style=\"background-color:black\"\u003e\n \u003cp\u003eNumber of network devices that blocked exploitation attempts of the Zyxel vulnerabilities\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"f5c5f4a6-050f-4f37-bda3-ddba31acc056","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{"background-color":"#FFFFFF"},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":0.5},"content":"\u003c!-- Exec Summ Section --\u003e\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"execsum\"\u003eExecutive Summary\u003c/h1\u003e\n\n\u003cstyle\u003e\n.exec-callout {\n display:flex;\n padding: 10px 50px 10px 10px;\n background-color:#3cb07c;\n}\n .exec-callout h2 {\n\t font-weight:600; \n\t color:#3cb07c; \n\t font-size:40px;\n\t line-height: 1;\n\t text-align:center;\n }\n .exec-callout h6 {\n\t font-weight:600; \n\t color:white; \n\t font-size:18px;\n\t line-height:1.2;\n }\n .exec-callout p {\n\t font-weight:600; \n\t color:white; \n\t font-size:40px;\n\t line-height:1.2;\n }\n \n .three-column-text p {\n\t margin:0px 0 0px 0;\n\t break-before:always;\n\t break-inside: avoid;\n }\n .three-column-text h3 {\n\t margin:0px 0 10px 0;\n\t break-after:avoid;\n\t break-inside: avoid;\n }\n .three-column-text ul {\n\t margin:10px 0px 10px 15px;\n\t orphans: 2;\n\t widows: 2;\n }\n .three-column-text {\n\t column-count: 3;\n\t column-gap: 40px;\n\t padding: 20px;\n\t width: 100%;\n\t margin: 0 auto;\n }\n \n /* Optional: style for headings that span across columns */\n .column-span-all {\n\t column-span: all;\n\t margin-bottom: 20px;\n }\n \n /* Responsive design */\n @media (max-width: 768px) {\n\t .three-column-text {\n\t\t column-count: 1;\n\t }\n }\n\u003c/style\u003e\n\n\u003cdiv class=\"three-column-text\" id=\"executive-summary\" style=\"margin: 0 0 40px 0;\"\u003e\n\n \u003cp\u003e During 2023, FortiGuard Labs blocked \u003cstrong\u003e2.4 trillion vulnerability\u003c/strong\u003e attempts and \u003cstrong\u003e3 billion malware\u003c/strong\u003e deliveries to protect Fortinet customers from cyber threats. FortiGuard Labs escalated the significant threats through the Outbreak Alert system to raise awareness.\n \u003c/p\u003e\n\n \u003ch5\u003eThis annual report covers:\n \u003c/h5\u003e\n\n\t\u003cul\u003e\n\t \u003cli\u003e Categories and timeframes of more than three-dozen Outbreak Alerts on vulnerabilities, targeted attacks, ransomware, and OT/IoT related threats.\n\t \u003cli\u003eHighlights of significant outbreaks and several prevalent vulnerabilities and malware.\n\t \u003cli\u003eReal-world telemetries compiled by FortiGuard Labs showing exploitation attempts and malware deliveries.\n\t \u003cli\u003eContext around the entire attack surface to understand the components that can aid in protection, detection, and response to threats.\n \u003c/ul\u003e\n\u003ch5\u003eBlocked in 2023:\n\t\u003c/h5\u003e\n\t\u003cul\u003e\n\t\t\u003cli\u003eOutbreak alerts: 38\n\t\t\u003cli\u003eMalware blocked: 3 billion\n\t\t\u003cli\u003eZero-days blocked: 90 million\n \u003c/ul\u003e\n\u003cdiv class=\"exec-callout\" style=\"background-color: #000\"\u003e\n\u003cdiv style=\"width:60%;\"\u003e\n\u003cp style=\"font-size: 18px; color:#fff\"\u003eVulnerability attempts blocked by FortiGuard Labs\n\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv style=\"width:40%;\"\u003e\u003ch2\u003e 2.4 trillion\u003c/h2\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\u003cdiv class=\"exec-callout\"\u003e\n \u003cdiv\u003e\n\t \u003ch6\u003eFortiGuard Cyber Threat R\u0026D Centers:\n\t \u003c/h6\u003e\n\t\u003c/div\u003e\n \u003cdiv\u003e\n\t \u003cp\u003e6\n\t \u003c/p\u003e\n\t\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"exec-callout\" style=\"border-top: 1px black solid;\"\u003e\n \u003cdiv\u003e\n\t \u003ch6\u003eFortiGuard Operations Centers:\n\t \u003c/h6\u003e\n\t\u003c/div\u003e\n \u003cdiv\u003e\n\t \u003cp\u003e3\n\t \u003c/p\u003e\n\t\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"exec-callout\" style=\"border-top: 1px black solid;\"\u003e\n \u003cdiv\u003e\n\t \u003ch6\u003eFortiGuard Cyber Consultations:\n\t \u003c/h6\u003e\n\t\u003c/div\u003e\n \u003cdiv\u003e\n\t \u003cp\u003e11\n\t \u003c/p\u003e\n\t\u003c/div\u003e\n \u003c/div\u003e\n\t \u003c!-- \n\t \u003cdiv style=\"background-color: da291c; padding:10px 0px 0 40; margin: 20px 30px 0 30px; height: 60px; border-radius:10px;\"\u003e\n\t\t \u003cp\u003eSubscribe to Outbreak Alerts!\n\t\t \u003c/p\u003e\n\t \u003c/div\u003e --\u003e\n\u003c/div\u003e\n\n\n\n\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"outbreak-summary\"\u003eOutbreak Summary\u003c/h1\u003e\n","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4830bd2b-8a14-4cd8-b209-faf62272e44d","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":12.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"about\"\u003eAbout FortiGuard Labs\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-6 match-height col-sm-12\"\u003e\n \u003ch3\u003eAbout Outbreak Alerts\u003c/h3\u003e\n \u003cp\u003e\n Outbreak Alerts provides us with a unique insight\non collective knowledge and informed mitigation\nguidance across the security ecosystem driving\nresilience against the attackers.\n\u003c/p\u003e\n\u003cp\u003e\nGiven the volume of active threats, evolving methods\nfor exploiting systems and increasing damage to\ncritical business operations, today’s SOC teams require\nautomation and dynamic services to succeed.\n\u003c/p\u003e\n\u003cp\u003e\n FortiGuard Labs Outbreak Alerts provide a unique\nanalysis of the threat landscape throughout the tech\necosystem. FortiGuard Services provide solutions to\ncover the complete attack surfaces, identify outbreaks\nand aid SOC teams to mitigate impacts and investigate\nsuspected compromises.\n \u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-6 match-height col-sm-12\"\u003e \n \u003cdiv style=\"height:300px;font-weight:600; color:white; font-size:24px;line-height:1.5;background-color:#3cb07c;padding:50 5 20 20;\"\u003eLearn more about:\n \u003cbr\u003e\n \u003ca href=\"https://fortiguard.fortinet.com/outbreak-alert\" target=\"_blank\" style=\"color:#fff\"\u003eFortiGuard Outbreak Alerts\u003c/a\u003e\n \u003cbr\u003e\n \u003ca href=\"https://fortiguard.fortinet.com/threat-signal-report\" target=\"_blank\" style=\"color:#fff\"\u003eFortiGuard Threat Signals\u003c/a\u003e\n \u003cbr\u003e\n \u003ca href=\"https://www.fortinet.com/blog/threat-research\" target=\"_blank\" style=\"color:#fff\"\u003eFortiGuard Threat Blog\u003c/a\u003e\n\n \u003cdiv style=\"background-color: da291c; padding:10px 0px 0 40; margin: 20px 30px 0 30px; height: 60px; border-radius:10px;\"\u003e\n \u003ca href=\"https://www.fortinet.com/fortiguard/outbreak-alert-subscription?utm_source=email\u0026utm_medium=Other\u0026utm_campaign=Brand-NAMER-US\u0026utm_content=FortiGuardOA-G\u0026utm_term=ABM\" target=\"_blank\" style=\"color:#fff\"\u003e \u003cp\u003eSubscribe to Outbreak Alerts!\n\u003c/p\u003e\u003c/a\u003e\n\u003c/div\u003e \n \n \u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-6 match-height col-sm-12\" style=\"margin-bottom:50px;\"\u003e\n \u003ch3 style=\"font-size:16px;\"\u003eSources\u003c/h3\u003e\n \u003cp style=\"font-size:12px;\"\u003e\n The data collected in this report are based on the FortiGuard Outbreak Alerts\nand Telemetries. The telemetries are based on the detection logs of the FortiGuard\nIntrusion Prevention (IPS), Antivirus (AV) and Sandbox services used by Fortinet\nproducts. The IPS telemetry is mainly based on widespread activity on unique network\ndevices instead of actual block hits to exclude multiple attempts. While, the AV and\nSandbox telemetries are based on actual blocking of the known and 0-day Malware,\nrespectively. The report is supplemented by the FortiRecon Threat Intelligence service\nfor the threat actors, availability of PoC and Darknet activities.\n\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"2c44a5a4-ef1a-40fd-9116-3fb72dab57e0","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":null},"content":"\u003cdiv class=\"C11-Text-Columns\"\u003e\n \u003cstyle\u003e\n h1 {\n text-align:center;\n padding: 40px 0 20px 0;\n }\n \u003c/style\u003e \n \u003cheader\u003e\n \u003ch1\u003e\u003ca href=\"#\" id=\"pf-link\" data-lookbook-overlay-href=\"https://www.fortinet.com/library/digital-acceleration-track/FortiNDR-AI-ML-WP\"\u003eAutomotive Sector Summary\u003c/a\u003e\u003c/h1\u003e\n \u003c/header\u003e\n\u003cdiv class=\"row \" style=\"margin-top:20px;\"\u003e\n \u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0;}\n a {margin:0 0 5 0;\n color: blue;}\n \u003c/style\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003cp\u003eAuto companies are a tempting target for cybercriminals. Transportation has been identified by the US Department of HS as infrastructure is critical to modern life: When attacks shut down pipelines or computer systems the effects are felt across society and the broader economy.\u003c/p\u003e\n\u003cp\u003eFortinet’s annual survey of operational\ntechnology (OT) and cybersecurity found 75%\nof organizations had at least one intrusion in\nthe past 12 months. One in three resulted in\nransomware being deployed.\u003ca href=\"https://www.fortinet.com/content/dam/fortinet/assets/reports/report-state-ot-cybersecurity.pdf\" target=\"_blank\"\u003e1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\nWith operations under threat, understanding\nrecent exploits and the tactics, techniques,\nand procedures (TTPs) used by bad actors is\nessential. The annual FortiGuard Labs\nOutbreak Alerts report highlights findings by\nFortinet threat researchers on the frontlines of\noutbreak investigations. It identifies malware\nand vulnerabilities and includes links to further\ndetailed analysis and IOCs.\u003c/p\u003e\n\u003ch3 style=\"margin-top:10;\"\u003eLooking ahead\u003c/h3\u003e\n\u003cp\u003eLong-term cybersecurity is as much a cultural problem as a technical one. In an increasingly digital era of remote work and smart devices, organizations must instill a culture of vigilance.\u003c/p\u003e\n\u003cp\u003e\nAll employees – not just those in IT – must act\nas a firm’s eyes and ears, flagging unusual emails or system activity. Partners and venders, too, can play a vital role in raising the alarm about cyber risks in the increasingly integrated supply chains that fuel the industry.\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003cp\u003eFindings for the Automotive sector:\u003c/p\u003e\n \u003ch5\u003eThreats to IT/OT infrastructure\u003c/h5\u003e\n\u003cp\u003eThe convergence of IT and OT networks is\ncreating new opportunities for bad actors to\ntarget automotive manufacturing.\u003c/p\u003e\n\u003ca href=\"#ot-ics\"\u003eTop 10 OT/IT vulnerabilities\u003c/a\u003e\n\u003ch5\u003eApache Log4J: The never ending exploit\u003c/h5\u003e\n\u003cp\u003eThe infamous Apache Log4j software flaw\n(CVE-2021-44228), also known as Log4Shell,\nfirst came to light in December 2021, but it is\nstill one of the world’s most exploited\nvulnerabilities. The U.S. Department of\nHomeland Security estimates finding and\npatching every instance of Log4Shell could\ntake up to a decade.\u003c/p\u003e\n\u003ca href=\"#targeted\"\u003eRead about Log4J\u003c/a\u003e\n\u003ch5\u003eCisco IOS XE Web UI exploit\u003c/h5\u003e\n\u003cp\u003eIn October of last year, a previously unknown vulnerability (CVE-2023-20198) in the Cisco IOS XE Web UI affected thousands of devices,\nallowing a remote, unauthenticated attacker to\ncreate an account and gain control.\u003c/p\u003e\n\u003ca href=\"#targeted\"\u003eMore on this emerging security vulnerability\u003c/a\u003e\n\u003ch5\u003eThe ongoing danger of ransomware\u003c/h5\u003e\n\u003cp\u003eRansomware operators have stepped up their attacks against large organizations,\ngovernment agencies, and businesses.\n\u003c/p\u003e\u003ca href=\"#observations\"\u003eRansomware attacks, including CrySIS/ Dharma\u003c/a\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12 added-using-mutiny-1\" style=\"background-color: #3cb07c; height: 700px; display:block; padding: 20 10 30 15;\"\u003e\n\u003cstyle\u003e\n .added-using-mutiny-1 ul {\n color: white;\n margin: 0;\n }\n .added-using-mutiny-1 a {\n text-underline-offset: 3px;\n }\n.added-using-mutiny-1 a:link {\n color: white;\n text-decoration: underline;\n font-weight: 400;\n }\n .added-using-mutiny-1 a:hover {\n color: white;\n text-decoration: none;\n font-weight: 800;\n }\n .added-using-mutiny-1 a:visited {\n color: white;\n text-decoration: none;\n }\n\u003c/style\u003e\n \u003ch2 style=\"color:white; margin: 0 0 20px 0;\"\u003eAutomotive at a Glance\u003c/h2\u003e\n \u003ch4 style=\"margin:35px 0 15px 0; color:white;\"\u003eTop 5 IPS Signatures\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/48934\" target=_blank\" alt=\"HTTP.Suspicious.Headers.With.Special.Characters\"\u003eHTTP.Suspicious.Headers.With.Special.Characters\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/45660\" target=_blank\" alt=\"Qualys.Vulnerability.Scanner\"\u003eQualys.Vulnerability.Scanner\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/51391\" target=_blank\" alt=\"DNS.PTR.Records.Scan\"\u003eDNS.PTR.Records.Scan\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/43963\" target=_blank\" alt=\"Backdoor.DoublePulsar\"\u003eBackdoor.DoublePulsar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/43799\" target=_blank\" alt=\"MS.SMB.Server.Trans.Peeking.Data.Information.Disclosure\"\u003eMS.SMB.Server.Trans.Peeking.Data.Information.Disclosure\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4 style=\"margin:40px 0 15px 0; color:white;\"\u003eTop 5 Viruses \u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/virus/7875495\" target=_blank\" alt=\"MSOffice/CVE_2017_11882.C!exploit\"\u003eMSOffice/CVE_2017_11882.C!exploit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/virus/10119700\" target=_blank\" alt=\"MSOffice/CVE_2018_0798.BOR!exploit\"\u003eMSOffice/CVE_2018_0798.BOR!exploit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/virus/10137689\" target=_blank\" alt=\"MSIL/Stealer.36680!tr\"\u003eMSIL/Stealer.36680!tr\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/virus/10131263\" target=_blank\" alt=\"MSIL/GenericKDS.61009645!tr\"\u003eMSIL/GenericKDS.61009645!tr\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/virus/10111846\" target=_blank\" alt=\"MSExcel/CVE_2017_11882.D313!exploit\"\u003eMSExcel/CVE_2017_11882.D313!exploit\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4 style=\"margin:40px 0 15px 0; color:white;\"\u003eTop 5 Targeted OT Products/Protocols\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdvantech\n\u003cli\u003eLAquis\n\u003cli\u003eSchneider\n\u003cli\u003eCirCarLife\n\u003cli\u003eQNX\n\u003c/ul\u003e\n\n \u003c/div\u003e\n\u003c/div\u003e\n\n\n\n\n\u003c/div\u003e\n\n\u003c!-- TOC Section --\u003e\n\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\"\u003eReport Contents\u003c/h1\u003e\n\n\u003cstyle\u003e\n\t.TOC h5 { \n\tmargin: 10px 0 0 0;\n\tcolor: green;\n\t}\n\t.TOC p {\n\tmargin:0px 0 15px 0; padding:0 0 0 0;\n\t}\n .TOC a {\n text-underline-offset: 5px;\n }\n.TOC a:link {\n color: #000;\n text-decoration: underline;\n text-decoration-thickness: 1px;\n }\n.TOC a:hover {\n color: #000;\n text-decoration: none;\n }\n.TOC a:visited {\n color: #000;\n text-decoration: none;\n }\n\t.three-column-text h4 {\n\t\tmargin:0px 0 20px 0;\n\t\tbreak-after:avoid;\n\t\tbreak-inside: avoid;\n\t}\n\t .three-column-text ul {\n\t\t margin:10px 0px 10px 15px;\n\t\t orphans: 2;\n\t\t widows: 2;\n\t }\n\t.three-column-text {\n\t\tcolumn-count: 3;\n\t\tcolumn-gap: 40px;\n\t\tpadding: 20px;\n\t\twidth: 100%;\n\t\tmargin: 0 auto;\n\t}\n\n\t/* Optional: style for headings that span across columns */\n\t.column-span-all {\n\t\tcolumn-span: all;\n\t\tmargin-bottom: 20px;\n\t}\n\n\t/* Responsive design */\n\t@media (max-width: 768px) {\n\t\t.three-column-text {\n\t\t\tcolumn-count: 1;\n\t\t}\n\t}\n\u003c/style\u003e\n\u003cdiv class=\"TOC three-column-text\" id=\"TOC\" style=\"margin: 0px 0px 40px 0px;\"\u003e\n\n\u003ca href=\"#execsum\"\u003e\u003ch4\u003eExecutive Summary\n\u003c/h4\u003e\u003c/a\u003e\n\u003ca href=\"#outbreak-summary\"\u003e\u003ch4\u003eOutbreak Summary\n\u003c/h4\u003e\u003c/a\u003e\n\n\u003ch5\u003eOutbreak Release Timeline\n\u003c/h5\u003e\n\u003ch5\u003eSignificant Outbreaks in 2023\n\u003c/h5\u003e\n\u003cul\u003e\n \u003cli\u003e3CX Supply Chain Attack\n \u003cli\u003eAgent Tesla Malware Attack\n \u003cli\u003eFortra GoAnywhere MFT RCE\n \u003cli\u003eHTTP/2 Rapid Reset\n \u003cli\u003eJetBrains TeamCity Authentication Bypass Attack\n \u003cli\u003eLazarus RAT Attack\n \u003cli\u003eProgress MOVEit Transfer SQL Injection\n\u003c/ul\u003e\n\u003ca href=\"#vulnerability\"\u003e\u003ch4\u003eVulnerability\n\u003c/h4\u003e\u003c/a\u003e\n\u003ch5\u003eWeaponized Vulnerability Profiles\n\u003c/h5\u003e\n\u003ch5\u003eWidely Targeted Vulnerabilities\n\u003c/h5\u003e\n\u003cul\u003e\n \u003cli\u003eApache\n \u003cli\u003eCisco IOS XE\n \u003cli\u003eNetLink/Zyxel\n\u003c/ul\u003e\n\u003ca href=\"#malware\"\u003e\u003ch4\u003eMalware Profiles \n\u003c/h4\u003e\u003c/a\u003e\n\u003ch5\u003eOverall Malware and 0-day Detections\n\u003c/h5\u003e\n\u003ch5\u003eSignificant Active Malware\n\u003c/h5\u003e\n\u003cul\u003e\n \u003cli\u003eAsh\n \u003cli\u003eStealer 36680\n \u003cli\u003eWanaaMine Trojan\n\u003c/ul\u003e\n\u003ch5\u003eRansomware Observations and Highlights\n\u003c/h5\u003e\n\u003cul\u003e\n \u003cli\u003eCrysis\n \u003cli\u003eGoga Locker\n \u003cli\u003e REvil Ransomware\n\u003c/ul\u003e\n\u003ca href=\"#ot-ics\"\u003e\u003ch4\u003eOT/ICS Profiles\n\u003c/h4\u003e\u003c/a\u003e\n\u003ch5\u003eOT Related Threat Insights\n\u003c/h5\u003e\n\u003ch5\u003eVendors Threat Map\n\u003c/h5\u003e\n\u003cul\u003e\n \u003cli\u003eCosmicEnergy Malware\n \u003cli\u003eIgnition Authentication Bypass\n \u003cli\u003eMilesiht Routers Information Disclosure\n\u003c/ul\u003e\n\u003ca href=\"#notable-ttps\"\u003e\u003ch4\u003eMITRE TTPs Profile\n\u003c/h4\u003e\u003c/a\u003e\n\u003ch5\u003ePredominant Tactics and TTPs\n\u003c/h5\u003e\n\u003cbr\u003e\n\u003ca href=\"#challenges\"\u003e\u003ch4\u003eChallenges to the Cyber Landscape in 2024\n\u003c/h4\u003e\u003c/a\u003e\n\u003ca href=\"#about\"\u003e\u003ch4\u003eAbout FortiGuard Labs Outbreak Alerts\n\u003c/h4\u003e\u003c/a\u003e\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c0019d18-d201-4995-b32e-1d4e2bbe6323","custom_javascript":null,"personalization_type":"addition"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","query.utm_content"],"custom_javascript":"document.title = \"Outbreak Alerts Report for GM\";\n\nfunction addResources() {\n // Add the script element\n const script = document.createElement('script');\n script.src = 'https://cdn-app.pathfactory.com/libraries/overlay/overlay.js';\n script.async = true; // Load script asynchronously\n document.head.appendChild(script);\n\n // Add the link element\n const link = document.createElement('link');\n link.href = 'https://cdn-app.pathfactory.com/libraries/overlay/overlay.css';\n link.rel = 'stylesheet';\n link.type = 'text/css';\n document.head.appendChild(link);\n}\n\n// Call the function to add the resources\naddResources();\n\n// console.log('Script file loaded');\n\nwindow.onload = function() {\n console.log('Window loaded');\n const urlParams = new URLSearchParams(window.location.search);\n console.log('URL Params:', urlParams.toString());\n \n if (urlParams.get('utm_source') === 'linkedin') {\n console.log('LinkedIn UTM found - attempting to click link');\n const link = document.querySelector('a#pf-link');\n if (link) {\n link.click();\n console.log('Link clicked');\n } else {\n console.log('Link not found!');\n }\n } else {\n console.log('Not from LinkedIn - no action taken');\n }\n};","custom_css":null,"condition":null}]},{"id":"41","name":"List: Top 100 - Digital Acceleration 8-8","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"account.lists[].id","value":"341bd824-2fa7-4042-9c27-2ece5bfef906","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"abm_inbound_list","web_experiences":[{"id":"342ea206-9226-4b96-9bf6-c9d20085d42d","state":"promoted","name":"NAMER ABM Top 100 - Digital Acceleration - Content Overlay Company Logo","description":"NAMER ABM Top 100 - Digital Acceleration - Content Overlay Company Logo","global":false,"priority":15,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/library/digital-acceleration/col/54f23701-2915-4bc2-b9e9-d3be05976049/introducing-fortios-7-6","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"178ae623-adcc-4776-b664-ad54fc73d85e","dom_update_group_state":"active","variation_key":"56d0c3a4-be60-4a0c-97e3-d96bc430bc64","variation_name":"Variation 1","dom_updates":[{"selector":"nav.flex \u003e div.justify-between","data":{"html_attributes":{},"styles":{},"content":"\n \u003cdiv class=\"flex flex-wrap grow justify-center\"\u003e\n \n \n \u003ca class=\"flex items-center max-w-max\" href=\" /library/digital-acceleration \"\u003e\n \n \u003cimg id=\"pf-header-company-logo\" alt=\"Logo\" class=\"h-12 mr-3 object-cover\" src=\"https://cdn.pathfactory.com/assets/11071/logos/811328/37adabc8-8044-4f5f-9612-77085eae9c35.png\" style=\"height:{{account.properties.ftntlogosize}}px\"\u003e\n \u003cimg src=\"{{account.properties.logo}}\" style=\"height:{{account.properties.logosize}}px;\"\u003e\n \u003c!--\n \u003cspan id=\"pf-header-company-name\" class=\"self-center text-lg hidden md:block font-semibold whitespace-nowrap \"\u003e\n \n \u003c/span\u003e\n --\u003e\n \u003c/a\u003e\n \n\n \u003c/div\u003e\n \u003c!--\n \u003cdiv class=\"block mx-4\"\u003e\n \u003cdiv class=\"menu-open\"\u003e\n \n \u003cbutton class=\"self-center navbar-burger lg:hidden\" aria-label=\"open menu\"\u003e\n \u003csvg fill=\"none\" height=\"35\" viewBox=\"0 0 32 32\" width=\"35\" xmlns=\"http://www.w3.org/2000/svg\"\u003e\n \u003crect class=\"text-gray-50\" fill=\"currentColor\" height=\"32\" rx=\"6\" width=\"32\"\u003e\u003c/rect\u003e\n \u003cpath class=\"text-gray-500\" d=\"M7 12H25C25.2652 12 25.5196 11.8946 25.7071 11.7071C25.8946 11.5196 26 11.2652 26 11C26 10.7348 25.8946 10.4804 25.7071 10.2929C25.5196 10.1054 25.2652 10 25 10H7C6.73478 10 6.48043 10.1054 6.29289 10.2929C6.10536 10.4804 6 10.7348 6 11C6 11.2652 6.10536 11.5196 6.29289 11.7071C6.48043 11.8946 6.73478 12 7 12ZM25 15H7C6.73478 15 6.48043 15.1054 6.29289 15.2929C6.10536 15.4804 6 15.7348 6 16C6 16.2652 6.10536 16.5196 6.29289 16.7071C6.48043 16.8946 6.73478 17 7 17H25C25.2652 17 25.5196 16.8946 25.7071 16.7071C25.8946 16.5196 26 16.2652 26 16C26 15.7348 25.8946 15.4804 25.7071 15.2929C25.5196 15.1054 25.2652 15 25 15ZM25 20H7C6.73478 20 6.48043 20.1054 6.29289 20.2929C6.10536 20.4804 6 20.7348 6 21C6 21.2652 6.10536 21.5196 6.29289 21.7071C6.48043 21.8946 6.73478 22 7 22H25C25.2652 22 25.5196 21.8946 25.7071 21.7071C25.8946 21.5196 26 21.2652 26 21C26 20.7348 25.8946 20.4804 25.7071 20.2929C25.5196 20.1054 25.2652 20 25 20Z\" fill=\"currentColor\"\u003e\u003c/path\u003e\n \u003c/svg\u003e\n \u003c/button\u003e\n \n \u003c/div\u003e\n \u003cdiv class=\"ozmenu\"\u003e\n \u003cdiv class=\"menu-close\"\u003e\n \u003ca class=\"absolute p-4 navbar-close top-5 right-3\" href=\"#\"\u003e\n \u003csvg fill=\"none\" height=\"12\" viewBox=\"0 0 12 12\" width=\"12\" xmlns=\"http://www.w3.org/2000/svg\"\u003e\n \u003cpath d=\"M6.94004 6L11.14 1.80667C11.2656 1.68113 11.3361 1.51087 11.3361 1.33333C11.3361 1.1558 11.2656 0.985537 11.14 0.860002C11.0145 0.734466 10.8442 0.66394 10.6667 0.66394C10.4892 0.66394 10.3189 0.734466 10.1934 0.860002L6.00004 5.06L1.80671 0.860002C1.68117 0.734466 1.51091 0.663941 1.33337 0.663941C1.15584 0.663941 0.985576 0.734466 0.860041 0.860002C0.734505 0.985537 0.66398 1.1558 0.66398 1.33333C0.66398 1.51087 0.734505 1.68113 0.860041 1.80667L5.06004 6L0.860041 10.1933C0.797555 10.2553 0.747959 10.329 0.714113 10.4103C0.680267 10.4915 0.662842 10.5787 0.662842 10.6667C0.662842 10.7547 0.680267 10.8418 0.714113 10.9231C0.747959 11.0043 0.797555 11.078 0.860041 11.14C0.922016 11.2025 0.99575 11.2521 1.07699 11.2859C1.15823 11.3198 1.24537 11.3372 1.33337 11.3372C1.42138 11.3372 1.50852 11.3198 1.58976 11.2859C1.671 11.2521 1.74473 11.2025 1.80671 11.14L6.00004 6.94L10.1934 11.14C10.2554 11.2025 10.3291 11.2521 10.4103 11.2859C10.4916 11.3198 10.5787 11.3372 10.6667 11.3372C10.7547 11.3372 10.8419 11.3198 10.9231 11.2859C11.0043 11.2521 11.0781 11.2025 11.14 11.14C11.2025 11.078 11.2521 11.0043 11.286 10.9231C11.3198 10.8418 11.3372 10.7547 11.3372 10.6667C11.3372 10.5787 11.3198 10.4915 11.286 10.4103C11.2521 10.329 11.2025 10.2553 11.14 10.1933L6.94004 6Z\" fill=\"#556987\"\u003e\n \u003c/path\u003e\n \u003c/svg\u003e\n \u003c/a\u003e\n \u003c/div\u003e\n \u003cul class=\"flex justify-center pf_font_preset_6 gap-8 ozmenu-nav\"\u003e\n \n \u003c/ul\u003e\n \n \u003cdiv class=\"flex w-50 block lg:hidden mx-auto flex-col gap-5\"\u003e\n \n \u003cdiv\u003e\n \n\n\n\n \u003ca class=\"\n btn leading-none btn-sm pf-cta pf_font_preset_7 bg-[#da291c] border-[#da291c]\n text-[#fff] \n \n hover:bg-primary-600 focus:ring-[#da291c] rounded-[4px] \n \" href=\"https://www.fortinet.com/library/digital-acceleration\" target=\"_blank\" data-pf-theme-artefact-id=\"cta-link\" data-pf-theme-block-id=\"pf-mobile-primary-cta-in-header\" data-pf-theme-block-type=\"component\" data-pf-theme-block-ref=\"cta\" data-pf-theme-block-label=\"More digital transformation content\"\u003e\n More digital transformation content\n\u003c/a\u003e\n\n\n\n\n\n \u003c/div\u003e\n \n \n \u003c/div\u003e\n \n \u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"hidden lg:block\"\u003e\n \u003cdiv class=\"flex items-center justify-end\"\u003e\n \n \u003cdiv\u003e\n \n\n\n\n \u003ca class=\"\n btn leading-none btn-sm pf-cta pf_font_preset_7 bg-[#da291c] border-[#da291c]\n text-[#fff] \n \n hover:bg-primary-600 focus:ring-[#da291c] rounded-[4px] \n \" href=\"https://www.fortinet.com/library/digital-acceleration\" target=\"_blank\" data-pf-theme-artefact-id=\"cta-link\" data-pf-theme-block-id=\"pf-primary-cta-in-header\" data-pf-theme-block-type=\"component\" data-pf-theme-block-ref=\"cta\" data-pf-theme-block-label=\"More digital transformation content\"\u003e\n More {{account.cleaned_properties.company_name}} content\n\u003c/a\u003e\n\n\n\n\n\n \u003c/div\u003e\n \n \n \u003c/div\u003e\n \u003c/div\u003e\n --\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"409e30f4-7652-4f0d-91af-12bce6ead43e","custom_javascript":null,"personalization_type":"modification"},{"selector":"i.fa-solid","data":{"html_attributes":{"href":"https://fortinet.com/library/digital-acceleration/"},"styles":{},"position":{"parent_selector":"div#sidebar-contents-content-page \u003e div.justify-between","index":1,"deconflictor":null},"content":"Discover more {{account.cleaned_properties.company_name}} content","custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a9417500-9f5d-4857-9d42-c8bf883a4534","custom_javascript":null,"personalization_type":"addition"},{"selector":"li:nth-of-type(1)","data":{"html_attributes":{},"styles":{},"content":" \u003ca onclick=\"\n window['initializeContentEvents'] \u0026amp;\u0026amp; typeof window['initializeContentEvents'] === 'function' \u0026amp;\u0026amp;\nwindow.initializeContentEvents('contentClick', {contentId: 618797})\n\" class=\"pf-content-card-link flex items-center justify-between space-x-3\" href=\"https://www.fortinet.com/library/digital-acceleration/col/54f23701-2915-4bc2-b9e9-d3be05976049/Fortinet-SD-WAN-Video\"\u003e\n \n \u003cdiv class=\"relative w-[40px] h-[56px] rounded-[3px] border border-gray-200 overflow-hidden\"\u003e\n \u003cimg src=\"https://cdn.pathfactory.com/assets/11071/thumbnails/782150/e0f43760-fcd9-4111-88b1-63b981e7270d.jpg\" alt=\"Simplify Networking and Security with Fortinet Secure SD-WAN\" class=\"pf-content-card-thumbnail object-cover w-full h-full\"\u003e\n \u003cspan class=\"pf-pinned-content-tag absolute bottom-0 w-full text-center text-[9px] bg-[#fff] text-[#ffffff]\" style=\"display: none;\"\u003e\n Featured\n \u003c/span\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"flex-1 min-w-0\"\u003e\n \u003cp class=\"pf-content-card-title pf_font_preset_7 text-[#fff] line-clamp-3\" style=\"\"\u003e\n Simplify Networking and Security with Fortinet Secure SD-WAN\n \u003c/p\u003e\n \u003c/div\u003e\n \u003c/a\u003e\n","custom":false,"tag":"li","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"85d19d90-6a78-4db1-918d-2bd8cc52b28c","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["account.cleaned_properties.company_name","account.properties.ftntlogosize","account.properties.logo","account.properties.logosize","user.random","account.lists[].id"],"custom_javascript":null,"custom_css":null,"condition":{"attribute":"account.resolution_strategy.confidence_score","value":0,"and":[],"or":[],"comparator":"greater_than_or_equal","filter":null,"aggregation":null}}]},{"id":"37","name":"List: Top 100 - Digital Acceleration ","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"boolean_join":"and","clauses":[{"attribute":"account.lists[].id","value":"341bd824-2fa7-4042-9c27-2ece5bfef906","comparator":"equal","filter":null,"aggregation":null}]}]},"version":3},"hold_out":"0.5","objective":"abm_inbound_list","web_experiences":[{"id":"d5fa382b-92d8-4ebd-b3bf-f5d93c6adc26","state":"promoted","name":"NAMER ABM Top 100 - Digital Acceleration - Company Name \u0026 Logo","description":"NAMER ABM Top 100 - Digital Acceleration - Company Name \u0026 Logo","global":false,"priority":13,"experience_type":"render","redirect_url":null,"url_host":"fortinet.com","url_path":"/library/digital-acceleration","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"3274ed4f-5734-40eb-9873-75e8be87fa9b","dom_update_group_state":"active","variation_key":"1f2dc6f7-b5ca-41ba-9411-aefcd4e41edf","variation_name":"Variation 1","dom_updates":[{"selector":"nav.section-base \u003e div.justify-between","data":{"html_attributes":{},"styles":{},"content":"\r\n \u003cdiv class=\"flex flex-wrap\"\u003e\r\n \r\n \u003ca class=\"flex items-center max-w-max\" href=\" /library/digital-acceleration \"\u003e \r\n \r\n \u003cimg id=\"pf-header-company-logo\" alt=\"Logo\" class=\"h-16 mr-3 object-cover\" src=\"https://cdn.pathfactory.com/assets/11071/logos/811328/37adabc8-8044-4f5f-9612-77085eae9c35.png\" style=\"height: {{account.properties.ftntlogosize}}px\"\u003e\r\n \u0026nbsp \u0026nbsp \u003cimg src=\"{{account.properties.logo}}\" style=\"height: {{account.properties.logosize}}px;\"\u003e\r\n \u003c!--\r\n \u003cspan id=\"pf-header-company-name\" class=\"self-center text-lg font-semibold whitespace-nowrap \"\u003e\r\n \r\n \u003c/span\u003e\r\n --\u003e\r\n \u003c/a\u003e\r\n \r\n \r\n\r\n \u003c/div\u003e\r\n \u003cdiv class=\"hidden lg:block grow mx-4\"\u003e\r\n \r\n \u003c/div\u003e\r\n \u003cdiv class=\"hidden lg:block\"\u003e\r\n \u003cdiv class=\"flex items-center justify-end\"\u003e\r\n \r\n \r\n \u003c/div\u003e\r\n \u003c/div\u003e\r\n \r\n ","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"daddadd6-fb6c-41df-8bd8-171477de50cf","custom_javascript":null,"personalization_type":"modification"},{"selector":"div#pf-hero-heading \u003e div.pf-rte-wrapper \u003e span","data":{"html_attributes":{},"styles":{},"content":"{{account.cleaned_properties.company_name}} and The Age of Digital Transformation","custom":false,"tag":"span","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"338b1508-722c-47e5-b2f8-bdf45283955c","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["account.cleaned_properties.company_name","account.properties.ftntlogosize","account.properties.logo","account.properties.logosize","user.random","account.lists[].id"],"custom_javascript":null,"custom_css":null,"condition":{"attribute":"account.resolution_strategy.confidence_score","value":1,"and":[],"or":[],"comparator":"greater_than_or_equal","filter":null,"aggregation":null}}]},{"id":"67","name":"NDR Whitepaper Analysis","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"user.random","value":0,"comparator":"greater_than_or_equal","filter":null,"aggregation":null},{"attribute":"query.utm_content","value":"FortiNDR-Whitepaper","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"c6cd0b36-a6b9-4b94-927f-87dc9db55152","state":"promoted","name":"NAMER ABM - An Analysis of Attacker Activity through NDR, EDR, and NGFW Data","description":"NAMER ABM - An Analysis of Attacker Activity through NDR, EDR, and NGFW Data","global":false,"priority":9,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for-you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"00193826-0962-4aaa-acf6-958c589a7f6a","dom_update_group_state":"active","variation_key":"e691739f-520c-4456-9d98-b33d6f469241","variation_name":"Variation 1","dom_updates":[{"selector":"div:nth-of-type(5) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"01cf510d-61cc-4249-8e87-79a4f835b1e3","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(6) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"3ba54b7c-78a4-4dbc-834d-12d436e6d5cc","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(7) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a7f6cb92-652c-4caf-8582-9ec492055bbb","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.analyst-validation-label \u003e div.wrap","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"92efac7a-806e-4f25-88e4-02e8de9616cd","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(9) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d5bcc0c1-0d92-4aba-adb8-9be0c87dcd3b","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(11) \u003e section.cs--padding","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"5261da2a-ee7c-443d-8ead-09a9d7057366","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(13) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"f7ff8a28-8be3-4ab3-a38b-c02897a48568","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section--features \u003e div.wrap","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"13fac2ae-1108-4f55-8b05-34d6f15f5bfa","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(15) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"f1024763-58fa-49e6-b3f2-fb5b2189f676","custom_javascript":null,"personalization_type":"modification"},{"selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","data":{"html_attributes":{},"styles":{"background-image":"none"},"content":"\n \u003cdiv class=\"resources-container container\" style=\"padding-top:10px;\"\u003e\n \u003cdiv\u003e\n\u003cstyle\u003e\n body {\n font-family: Arial, sans-serif;\n font-size: 20px;\n line-height: 1.6;\n color: #333;\n margin: 0 auto;\n padding: 20px;\n max-width: 100%;\n text-align: justify;\n text-justify: inter-word;\n }\n li {\n margin-left: 20px;\n padding-left: 20px;\n }\n @media screen and (max-width: 768px) {\n body {\n font-family: Arial, sans-serif;\n font-size: 18px;\n line-height: 1.6;\n color: #333;\n margin: 0 auto;\n padding: 20px;\n max-width: 100%;\n text-align: justify;\n text-justify: inter-word;\n }\n li {\n font-size: 18px;\n margin-left: 0px;\n padding-left: 0px;\n }\n }\n footer {\n font-size:14px;\n }\n h1, h2 {\n color: #0066cc;\n }\n h1, h2, h3 {\n text-align: left;\n }\n .executive-summary {\n background-color: #f0f0f0;\n padding: 15px;\n border-radius: 5px\n margin-top:0px;;\n }\n img {\n max-width: 100%;\n height: auto;\n }\n .figure {\n text-align: center;\n margin: 20px 0;\n }\n .figure img {\n max-width: 100%;\n height: auto;\n }\n .figure-caption {\n font-style: italic;\n margin-top: 10px;\n }\n \n\u003c/style\u003e\n\n\u003c!-- Start TOC --\u003e \n\u003cstyle\u003e\n\t.TOC h5 { \n\tmargin: 10px 0 0 0;\n\tcolor: #307fe2;\n\t}\n\t.TOC p {\n\tmargin:0px 0 5px 0; \n padding:0 0 0 0;\n text-align: left;\n\t}\n .TOC a {\n text-underline-offset: 5px;\n }\n.TOC a:link {\n color: #000;\n text-decoration: underline;\n text-decoration-thickness: 1px;\n }\n.TOC a:hover {\n color: #000;\n text-decoration: none;\n }\n.TOC a:visited {\n color: #000;\n text-decoration: none;\n }\n\t.two-column-text h4 {\n\t\tmargin:10px 0 0px 0;\n text-align: left;\n font-size:18px;\n\t\tbreak-after:avoid;\n\t\tbreak-inside: avoid;\n\t}\n\t .two-column-text ul {\n\t\t margin: 0px auto;\n padding-top: 5px;\n font-size:16px;\n text-align: left;\n\t\t orphans: 2;\n\t\t widows: 2;\n\t }\n\t.two-column-text {\n\t\tcolumn-count: 2;\n\t\tcolumn-gap: 20px;\n\t\tpadding: 15px 0px 15px 0px;\n\t\twidth: 100%;\n\t\tmargin: 0px 20px 0px 20px;\n\t}\n\n\t/* Optional: style for headings that span across columns */\n\t.column-span-all {\n\t\tcolumn-span: all;\n\t}\n\n\t/* Responsive design */\n\t@media (max-width: 768px) {\n\t\t.two-column-text {\n\t\t\tcolumn-count: 1;\n\t\t}\n\t}\n\u003c/style\u003e\n\u003cdiv class=\"TOC two-column-text\" id=\"TOC\" style=\"margin: 0px 0px 40px 0px;\"\u003e\n\u003ch1 class=\"column-span-all\" style=\"text-align:center; margin: 0px 0px 20px 0px; padding:0ps auto; font-weight:400;\"\u003eContents\u003c/h1\u003e\n\n\u003ca href=\"#\"\u003e\n\u003ch4\u003eExecutive Summary\u003c/h4\u003e\u003c/a\u003e\n\u003ca href=\"#tactics\"\u003e\u003ch4\u003eMITRE ATT\u0026CK Tactics Observed in 2023\n\u003c/h4\u003e\u003c/a\u003e\n\u003ca href=\"#techniques\"\u003e\u003ch4\u003eMITRE ATT\u0026CK Techniques Observed in 2023\n\u003c/h4\u003e\u003c/a\u003e\n\u003cul\u003e\n \u003cli style=\"margin-top: 10px;\"\u003eWidespread use of C2 techniques\n \u003cli\u003eContinued use of commodity remote access trojan (RAT) malware\n \u003cli\u003eValid accounts are increasingly used for defense evasion\n \u003cli\u003ePowerShell is often used for malicious activity\n \u003cli\u003eEarly intrusion discovery techniques are prevalent\n\u003c/ul\u003e\n\u003ca href=\"#detection\"\u003e\u003ch4\u003eDetecting the Rhysida Ransomware Intrusion\n\u003c/h4\u003e\u003c/a\u003e\n\u003cul\u003e\n \u003cli style=\"margin-top: 10px;\"\u003eRhysida incident investigation\n\u003c/ul\u003e\n\u003ca href=\"#tips\"\u003e\u003ch4\u003eTips for Combating Ransomware Attacks \n\u003c/h4\u003e\u003c/a\u003e\n\u003cul\u003e\n \u003cli style=\"margin-top: 10px;\"\u003eInitial Access\n \u003cli\u003eExecution and Persistence\n \u003cli\u003eDefense Evasion, Lateral Movement, Privilege Escalation\n \u003cli\u003eCommand and Control\n \u003cli\u003eData Exfiltration\n\u003c/ul\u003e\n\n\u003ca href=\"#conclusion\"\u003e\u003ch4\u003eConclusion\n\u003c/h4\u003e\u003c/a\u003e\n\n\u003c/div\u003e\n\n\u003c!-- End TOC --\u003e \n\n \u003ch2 style=\"margin-top:0px;\"\u003eExecutive Summary\u003c/h2\u003e\n \u003cdiv class=\"executive-summary\"\u003e\n Intrusions are complex to detect, as attackers continuously evolve their techniques to avoid exposure, progressing through multiple attack stages to remain undetected for an extended dwell time. Once they have successfully breached an organization, threat actors often use common practices, such as multi-hop proxies, combining malicious activity with legitimate network \ntraffic, ingress tool transfers, and forced authentication to advance their efforts. These clever activities make it challenging for security teams to discover and distinguish between genuine and malicious activity. \u003c/p\u003e\n\u003cp\u003eTo combat this challenge, security teams often use telemetry and observations from multiple security tools to gain a complete picture of the events happening within their networks. Security teams need unified visibility across the environment, correlating \nand analyzing multiple data sources to gain more context and help them decide on the right response and mitigation strategies. \nThis white paper takes a closer look at the valuable insights security teams can gain when they correlate network detection and \nresponse (NDR), endpoint detection and response (EDR), and next-generation firewall (NGFW) data across the network. These \nmulti-dimensional analytical and response capabilities help teams detect any evidence of malicious behavior early in the attack life cycle, ultimately accelerating analysis and enabling analysts to respond to issues quickly. \u003c/p\u003e\n\u003cp\u003eThe data provided in this report is the result of the FortiGuard Labs Applied Threat Research (ATR) team’s analysis of more than 11 trillion NDR-originated network events in 2023, which offer insights into the most observed MITRE ATT\u0026CK tactics and techniques attackers used in that same timeframe to carry out their operations. Any source reporting on “top” ATT\u0026CK techniques is inherently dependent on the lens through which they’re being viewed. This report reveals network-based artifacts that provided FortiNDR Cloud with observations or detections of attacker activity. \u003c/p\u003e\n \u003c/div\u003e\n\n \u003cdiv id=\"tactics\"\u003e\u003c/div\u003e\n \u003ch2\u003eThe Most Common MITRE ATT\u0026CK Tactics Observed in 2023 \u003c/h2\u003e\n \u003cp\u003eFortiNDR Cloud network sensors perform deep packet inspection of all observed network traffic and extract key protocol \nmetadata for processing. This metadata is organized into records called “events.” Subsequently, events are then correlated into \nobservations. Detections are triggered when events or observations match specific criteria. \nIn 2023, FortiNDR Cloud analyzed 11 trillion network events from across Fortinet’s global customer base. The analysis showed \nthat out of more than 463,000 detections observed in 2023, customers identified less than 1% as false positives.\u003c/p\u003e\n\u003cdiv class=\"figure\"\u003e\n\u003cimg\nsrc=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Screenshot%25202024-11-04%2520at%252011.27.44%25E2%2580%25AFAM%2520(002).png\" style=\"clip-path: inset(0% 0% 30% 0%);\"\u003e\n\u003cp class=\"figure-caption\" style=\"padding-bottom:20px;\"\u003eFigure 1: Less than 1% of FortiNDR Cloud detections were labeled as false positives in 2023\u003c/p\u003e\n\u003c/div\u003e\n\u003cp\u003e FortiNDR Cloud detections are automatically mapped to the MITRE ATT\u0026CK framework. Below is a look at the most common detections observed across the data set: \u003c/p\u003e\n\u003cdiv class=\"figure\"\u003e\n\u003cimg\nsrc=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Screenshot%25202024-11-04%2520at%252011.28.30%25E2%2580%25AFAM%2520(002).png\"\n \u003cp class=\"figure-caption\" style=\"padding-bottom:20px;\"\u003eFigure 2: FortiNDR Cloud detections are mapped to MITRE ATT\u0026CK tactics\u003c/p\u003e\n\u003c/div\u003e\n\n\u003cp\u003eOur analysis uncovered high volumes of command and control (C2) (44%) and execution activity (38%). Because C2 techniques \nare network-based, network data provides the greatest opportunity to detect such techniques. However, the techniques used \nfor the Impact and Credential Access tactics do not provide significant artifacts detectable through network data; hence, there \nare negligible detections. \u003c/p\u003e\n\u003cp\u003e Regarding execution activity, FortiNDR Cloud detects malicious portable executable (PE) file activity and is mapped to the MITRE \nATT\u0026CK technique of T1204: User Execution. These detections are triggered based on hash values produced by FortiNDR \nCloud when a user downloads the file. Behind the scenes, FortiNDR Cloud submits the hashes to the FortiGuard Indicators of \nCompromise (IOC) service, which determines the detection’s malicious nature and confidence level based on the data received.\u003c/p\u003e\n\n \u003cdiv iid=\"techniques\"\u003e\u003c/div\u003e\n \u003ch2\u003eThe Most Common MITRE ATT\u0026CK Techniques Observed in 2023\u003c/h2\u003e\n \u003cp\u003eThe chart below ranks the most observed MITRE ATT\u0026CK techniques under each tactic. The percentages correspond to the \nproportion of detections by technique within each tactic. Several MITRE ATT\u0026CK techniques are mapped to multiple tactics. \nFor that reason, each detection is applied to the most relevant tactic based on the context in which it was observed. \u003c/p\u003e\n\n \u003cdiv class=\"figure\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/A91jmwtti_14qvc7m_8ss%2520copy.png\" \n \u003cp class=\"figure-caption\"\u003eFigure 3:The MITRE ATT\u0026CK heatmap shows the ATT\u0026CK techniques observed through FortiNDR Cloud\u003c/p\u003e \n \n \u003c/div\u003e\n \u003cp\u003e Based on our analysis of the detections spotted across the entire MITRE ATT\u0026CK framework, we observed the following trends:\n \u003c/p\u003e \n \u003cul\u003e\n \u003cb\u003e \u003cli\u003eWidespread use of C2 techniques:\u003c/b\u003e\n Attackers continue to use a variety of C2 techniques, such as Domain Name System \n(DNS) tunneling, long DNS queries, and web shells. Without consistent C2, adversaries cannot interact with their implants or \naccess a victim’s environment to achieve their objectives. Building robust C2 is critical in determining an adversary’s success \nduring an intrusion. When successfully utilized, C2 provides an adversary with consistent access into the host or environment. \nIt obscures the initial ingress point and allows the adversary to continue their mission, even if defenders secure the original \nexploit that allowed initial access.\n\u003c/p\u003e\n \nGiven the criticality of C2 in enabling an adversary to effectively pursue their objectives, this provides defenders with \nconsistent opportunities for detection. Network metadata is an immutable “source of truth” of any network activity, including \nC2, as attackers cannot manipulate or change network packets. Blocking observed C2 communications or destroying an \nattacker’s C2 infrastructure often stops a cyberattack in its tracks. Addressing these common tactics, techniques, and \nprocedures can significantly reduce the danger presented by C2 infrastructure \u003c/li\u003e\n\u003cb\u003e\u003cli\u003e Continued use of commodity remote access trojan (RAT) malware:\u003c/b\u003e RATs, such as Lokibot and IcedID banking Trojan, \ncontinue to trend in detection activity. Loki, an open-source remote access tool, provides attackers with features like file \ntransfer over HTTP or SFTP, launching a local browser, taking screenshots, and running keyloggers. Loki is often used as a \npost-exploitation tool to advance malicious activity. The FortiGuard ATR team considers Loki to be high severity given that \nit’s commonly used for lateral movement following a compromise of a single host. IcedID banking Trojan, on the other hand, \nhooks into users’ browser sessions and can take screenshots to steal credentials for financial institutions. IcedID is also used \nto facilitate Access-as-a-Service offerings where access to compromised networks is sold to additional malicious actors. The \nFortiGuard ATR team considers IcedID high severity due to granting malicious actors high levels of access to an organization’s \nenvironment and sensitive data. These tools are often used as a precursor to conduct further C2 activity. \u003c/li\u003e\n\u003cb\u003e\u003cli\u003e Valid accounts are increasingly used for defense evasion:\u003c/b\u003e The Valid Accounts technique (T1078) in the Defense Evasion \nphase of MITRE ATT\u0026CK is still a relevant indicator of potential threat activity. This technique detects how adversaries obtain \nand abuse credentials of existing accounts to execute Initial Access, Persistence, Privilege Escalation, or Defense Evasion. \nOne such example is how FortiNDR Cloud detects a customer’s internal Remote Desktop Protocol (RDP) servers being \naccessed by individuals outside the corporate network. This is generally an undesired configuration, as sensitive information \nmay be exposed, leaving the business open to attack. Internet-facing services can also be subject to regular brute-force \nattempts by scanners and compromised devices. Another such detection associated with Valid Accounts is the Domain \nAccounts technique (T1078.002), which looks at domain controllers authenticating with a previously unseen NT LAN Manager \n(NTLM) username. This type of activity may indicate that a threat actor has gained access to a domain controller. \u003c/li\u003e\n\u003cb\u003e\u003cli\u003e PowerShell is often used for malicious activity: \u003c/b\u003eOur analysis shows that attackers continue to use PowerShell for malicious \nactivity. PowerShell is a popular scripting tool that is used as a staging tool for malware and for developing more robust \ntoolkits, such as the Empire post-exploitation tools. While commonly used in systems administration, malware authors use \nPowerShell scripts extensively for post-exploitation actions. FortiNDR Cloud covers various detection techniques using \nPowerShell in the following categories: Ingress Tool Transfer (T1105) and PowerShell (T1059.001). \u003c/li\u003e\n\u003cb\u003e\u003cli\u003e Early intrusion discovery techniques are prevalent:\u003c/b\u003e Several suspicious Active Directory and Lightweight Directory \nAccess Protocol (LDAP) enumerations were detected, including enumeration of users, groups, domain trusts, and others. \nThreat actors can use LDAP or Distributed Computing Environment and Remote Procedure Calls to enumerate all groups, \nadministrators, users, computers, domain controllers, and domain trusts within a domain. After compromising a network, \nadversaries may query Active Directory to better understand an organization’s network layout and assets. Detecting adversary \nactivity during discovery allows for intrusions to be isolated before adversaries can properly gain a foothold in the network. \u003c/li\u003e\n\u003c/ul\u003e\n \u003cdiv id=\"detection\"\u003e\u003c/div\u003e\n \u003ch2\u003e The Rhysida Ransomeware Intrusion\u003c/h2\u003e \u003cp\u003e\u003cstrong\u003eReal-World Example of Unified Network and Endpoint Detections in Action:\u003c/strong\u003e\u003c/p\u003e\n \u003cp\u003e When comparing our findings in this report with a real-world attack scenario, such as the Rhysida ransomware intrusion, we can \nexamine specific attacker techniques and share valuable insights into the tactics used by today’s ransomware groups, giving \nsecurity teams tips for protecting against these malicious activities.\u003cp\u003e\nThe Rhysida group was first identified in May 2023 when they claimed their first victim. This group deploys a ransomware \nvariant known as Rhysida and offers it as Ransomware-as-a-Service to fellow threat actors via the dark web. Since its arrival, \nthe group has listed at least 50 victims across the world on its website. The group made headlines when it was reported that \nthey had successfully deployed their ransomware in systems associated with the Chilean Army. \n\n\n \u003cdiv class=\"figure\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Screenshot%25202024-11-04%2520at%252011.28.15%25E2%2580%25AFAM%2520(002).png\" alt=\"FortiNDR ANN\"\u003e\n \u003cp class=\"figure-caption\"\u003eFigure 4: Rhysida victims by industry\u003c/p\u003e\n \u003c/div\u003e\n\u003cdiv class=\"figure\"\u003e\n \u003cimg\nsrc=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Screenshot%25202024-11-04%2520at%252011.32.01%25E2%2580%25AFAM%2520(002).png\"\u003e\n\u003cp class=\"figure-caption\"\u003eFigure 5: Rhysida victims by location\u003c/p\u003e\n \u003c/div\u003e\n\u003cp\u003e Rhysida’s list of victims includes organizations from various industries, including education and manufacturing. Victims of \nRhysida intrusions are geographically diverse, with the United States, France, Germany, England, and Italy being the top five \ncountries in terms of the number of victims compromised. \u003c/p\u003e\nThe diagram below details one intrusion that resulted in the deployment of the Rhysida ransomware. The FortiGuard Managed \nDetection and Response team detected this intrusion using FortiEDR, which was later investigated by the FortiGuard Incident \nResponse team. \u003c/p\u003e\n\u003cimg\nsrc=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Screenshot%25202024-11-04%2520at%252011.32.15%25E2%2580%25AFAM.png\"\u003e\n \u003cp style =\"text-align: center;\"\u003e Figure 6: The attack timeline of the Rhysida intrusion\u003c/p\u003e\n \u003ch3\u003eFortinet investigation of a Rhysida ransomware incident\u003c/h3\u003e\n \u003cp\u003eRhysida group has been observed using legitimate software such as PowerShell to perform discovery functions and find \ninformation about users and systems within the network. We’ve observed attackers using PSExec to schedule tasks and change \nregistry keys to maintain persistence, leveraging AnyDesk for remote connections and relying on WinSCP for file transfers. The \ngroup also attempted to exfiltrate data from various systems using a publicly available cloud storage platform. \nWe have observed Rhysida attack instances across different victims, yet these attacks typically follow a similar pattern: \n\u003col\u003e\n \u003cli\u003e Rhysida operators acquire credentials and access environments through victim VPN devices.\u003c/li\u003e\n \u003cli\u003e Attackers perform lateral movement through RDP to key servers such as domain controllers. \u003c/li\u003e\n \u003cli\u003e Operators then perform credential dumping using basic methods, such as taskmanager.exe or procdump. \u003c/li\u003e\n \u003cli\u003e Attackers deploy a SOCKS-based PowerShell backdoor as secondary access. \u003c/li\u003e\n \u003cli\u003e Threat actors conduct data exfiltration after manual file appraisal through RDP or AnyDesk. \u003c/li\u003e\n \u003cli\u003e Operators deploy ransomware to ESXi hypervisors first to maximize impact.\u003c/li\u003e\n \u003c/ol\u003e\n \u003cdiv id=\"tips\"\u003e \u003c/div\u003e\n \u003ch2\u003eTips for Detecting and Combating Ransomware Attacks\u003c/h2\u003e\n \u003cp\u003eWhere the above demonstrates a case study of the techniques employed by Rhysida ransomware operators, there are significant \ncommonalities across various ransomware operators that analysts can use to hunt for and prevent ransomware attacks. \n\u003cp\u003e Below are actionable recommendations that security teams can follow to combat ransomware attacks based on these \ncommonalities. The attack techniques outlined here refer to previously observed and mentioned in the report, all mapped to the \nMITRE ATT\u0026CK framework.\u003c/p\u003e\n\u003cdiv class=\"figure\"\u003e\n \u003cimg\nsrc=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/ransomware_techniques%2520(002).png\"\u003e\n \u003cp class=\"figure-capture\"\u003e Figure 7: Observed ransomware techniques across the MITRE ATT\u0026CK framework\u003c/p\u003e\n \u003c/div\u003e\n \u003cp\u003e The diagram above represents a ransomware attack where the attacker leverages common ransomware tactics and techniques outlined in this report. Each MITRE ATT\u0026CK tactic presents security teams with unique detection and mitigation opportunities, \nwhich we outline below. \u003c/p\u003e\n\u003cimg\nsrc=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/techniques_identified%2520(002).png\"\u003e\n\u003cp class=\"executive-summary\" style=\"margin-top:-10px;\"\u003e\u003cb style=\"color:red\"\u003e Initial Access\u003c/b\u003e \u003cbr\u003e Attackers often use valid credentials or exploit a public-facing application to access network resources. The ransomware group may have obtained access through an initial access broker.\u003cbr\u003e \u003cb\u003eThreat hunting tip:\u003c/b\u003e Despite using valid credentials, security analysts should leverage NDR-based and behavioral analytics to determine how initial access occurred by reviewing historical data to look for anomalous web traffic (PE downloads, ISO, and ZIP files) that indicate unusual user activity.\u003cbr\u003e \u003cb\u003eMitigation strategy:\u003c/b\u003e Enable multi-factor authentication (MFA), establish a cybersecurity awareness program for employees to prevent phishing attacks, and regularly patch your vulnerabilities. Establish governance that limits access to sensitive systems requiring administrator permissions. \u003c/p\u003e\n\n\u003cimg\nsrc=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/techniques_identified2%2520(002).png\"\u003e\n\u003cp class=\"executive-summary\" style=\"margin-top:-10px;\"\u003e\u003cb style=\"color:green\"\u003e Execution and Persistence\u003c/b\u003e \u003cbr\u003e Once the attacker gains access to an endpoint, they will conduct various host-based activities, such as discovery and defense evasion, allowing them to establish persistence. \n\u003cbr\u003e\n\u003cbr\u003eRansomware perpetrators may leverage Windows Command Shell and PowerShell, as shown in the image below. In this instance, the ransomware utilizes a native API to perform actions like querying registry keys and modifying registry values. During system startup, a scheduled task named “Rhsd” executes the ransomware payload, ensuring the malicious code is activated with each system startup. Also, similar behavior was observed during the analysis of SystemBC, which is a variety of proxy malware. \u003cbr\u003e \u003cbr\u003e\n\n \u003cimg\nsrc=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/wp_attacker-activity-data%2520(1).jpg\"\u003e\n\u003cbr\u003eFigure 8: FortiEDR analyzes Rhysida ransomware\n\u003cbr\u003e \u003cbr\u003e \u003cb\u003eThreat hunting tip:\u003c/b\u003e Security analysts should leverage EDR-based detections to determine when malicious executables were installed and deployed and block malware installation. They should review historical NDR data to look for anomalous web \ntraffic associated with these executables. \u003cbr\u003e \u003cb\u003eMitigation strategy:\u003c/b\u003e EDR detections should be shared and correlated with telemetry from other integrated response tools to streamline the response process, ensuring the attacker has not expanded their presence to other endpoints. \u003c/p\u003e\n\u003cimg\nsrc=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/techniques_identified3%2520(002).png\"\u003e\n\u003cp class=\"executive-summary\" style=\"margin-top:-10px;\"\u003e \u003cb style=\"color:turquoise\"\u003eDefense Evasion, Lateral Movement, Privilege Escalation\u003c/b\u003e \u003cbr\u003e After establishing and maintaining persistence, the attacker moves to evade detection and expand their presence on the network, moving laterally across the environment or escalating privileges. Ransomware groups leverage PowerShell scripts for multiple purposes. The script may terminate processes related to antivirus services, modify RDP configurations, delete \nshadow copies, and leverage malicious executables to clear event logs.\u003cbr\u003eWe’ve observed ransomware groups using PsExec to execute PowerShell execution scripts. After that, the ransomware is copied to the target system using valid user credentials. \u003cbr\u003e\u003cbr\u003e\n\u003cimg\nsrc=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/saved.jpg\"\u003e \u003cbr\u003e Figure 9: FortiNDR detects PSExec activity\n \u003cbr\u003e\u003cbr\u003e\u003cb\u003eThreat hunting tip: \u003c/b\u003eLeverage EDR to expand the scope of the hunt to see if any additional hosts may have interacted with suspicious websites or downloaded suspicious files. With NDR technology, the analyst can search for these downloads on endpoints that may not have an EDR agent installed, providing comprehensive visibility into any endpoints connected \nto the network. \u003cbr\u003e\u003cb\u003e Mitigation strategy:\u003c/b\u003e Leverage NDR to detect anomalous and malicious network activities. security operations teams should proactively hunt for threats using these detections. \u003c/p\u003e\n\u003cimg\nsrc=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/techniques_identified4%2520(002).png\"\u003e\n\u003cp class=\"executive-summary\" style=\"margin-top:-10px;\"\u003e \u003cb style=\"color:blue\"\u003eCommand and Control \u003c/b\u003e\u003cbr\u003e After evading detection, the attacker often moves to expand their presence on the network, establishing their C2 infrastructure. Ransomware groups may use commodity backdoors like PortStarter and SystemBC and leverage legitimate remote desktop application tools, such as AnyDesk and TeamViewer to obtain remote access. \u003cbr\u003e\u003cb\u003eThreat hunting tip:\u003c/b\u003e Leverage EDR to expand the scope of the hunt to see if any additional hosts may have interacted with suspicious websites or downloaded suspicious files. With NDR, the analyst can search for these downloads on endpoints that may not have an EDR agent installed, providing you with comprehensive visibility across all endpoints connected to \nyour network.\u003cbr\u003e\u003cb\u003eMitigation strategy:\u003c/b\u003e Block all communications with C2 infrastructure or established botnets using NGFW capabilities. Prior to blocking known C2 communications, analysts should understand the full scope of the attack by leveraging EDR and NDR to monitor C2 traffic, ensuring all attack activity is recorded and blocked accordingly. \u003c/p\u003e\n\u003cimg\nsrc=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/techniques_identified5%2520(002).png\"\u003e \u003cp class=\"executive-summary\" style=\"margin-top:-10px;\"\u003e\u003cb style=\"color:purple\"\u003eData Exfiltration \u003c/b\u003e\u003cbr\u003eOnce the attacker has successfully evaded detection, established their C2 infrastructure, and identified and collected valuable data, they will exfiltrate this data using their established C2 infrastructure or over an alternative protocol. \u003cbr\u003e Ransomware groups will employ various methods for data exfiltration, including WinSCP, 7zip, MegaSync, and, in some cases, PowerShell data exfiltration scripts.\u003cbr\u003e\u003cb\u003eThreat hunting tip:\u003c/b\u003e Monitor network protocols and existing C2 channels for anomalous network traffic. These protocols include FTP, SMTP, HTTP/S, DNS, SMB, or any other network protocol not being used as the main C2 channel. This can also include web services such as cloud services. The attacker’s existing C2 infrastructure can also be used for data exfiltration. Analysts should leverage NDR and EDR tools to monitor and detect this traffic.\u003cbr\u003e \u003cb\u003eMitigation strategy:\u003c/b\u003e Block or prevent large outbound data transfers to lower the reputation of virtual private server providers or file-sharing services. Leverage data loss prevention services from a NGFW to assist in monitoring the organization’s data. \u003c/p\u003e \n\u003cdiv id=\"conclusion\"\u003e\u003c/div\u003e\n\u003ch2\u003eConclusion \u003c/h2\u003e \u003cp\u003eGiven the cost and effort required to find novel and effective exploitation methods, threat actors need to establish and maintain persistence in almost any attack scenario. Leveraging the additional visibility and capabilities provided by the combination of NDR, EDR, and NGFW solutions, security teams are better able to detect intrusions early and help level the playing field against ever advancing adversaries.\u003c/p\u003e \n\u003cp\u003eOur research indicates that best practices, such as regular vulnerability patching, implementing MFA, deploying EDR technology, continually monitoring network assets using an NDR solution, and employing a robust NGFW can go a long way in preventing or stopping these attacks before attackers can complete their mission. \u003c/p\u003e\n\u003cp\u003eDeploying a unified detection and response architecture provides analysts with an end-to-end view of an attacker’s actions, \naccelerating investigation times and providing full attack visibility while reducing alert triage times. \u003c/p\u003e\n\n \u003cdiv style=\"display:flex;margin:50px 0px 50px 0;justify-content: center;\"\u003e\n \u003cstyle\u003e\n a:link {text-decoration:none;}\n a:hover {text-decoration:none;}\n a:visited:{text-decoration:none;}\n \u003c/style\u003e\n \u003ca href=\"https://www.fortinet.com/library/secops\" alt=\"Visit the Fortinet SecOps content portal.\" target=\"_blank\"\u003e\n \u003cdiv style=\"background-color: dc291c; color:#fff; margin: 20px; padding: 10px 20px 10px 20px; align-text:justify; border-radius:8px;\"\u003e\n \u003cp\u003eDiscover more SecOps content\n\u003c/p\u003e\n\u003c/div\u003e\n\u003c/a\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"178a29fb-1b91-429b-95ef-a8d89f471932","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section","data":{"html_attributes":{"class":"section hero product-hero","style":"background: url(\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Screenshot%25202024-11-07%2520123717.png\") 0% 0% / cover; border-bottom: 0px; "},"styles":{"background-image":"url(https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Screenshot%25202024-11-07%2520123717.png)"},"content":"\n\n \u003cdiv class=\"wrap\" \u003e\n \u003cdiv class=\"row banner\" style=\"\"\u003e\n \u003cdiv class=\"col-lg-8 col-8 col-md-12 col-sm-12\"\u003e\n \u003cdiv class=\"section-content\"\u003e\n \u003cstyle\u003e\n .text-box {\n display: inline-block;\n margin:200px 0 0 100px;\n padding: 10px;\n background-image: linear-gradient(rgba(0, 0, 0, 0.5), rgba(0, 0, 0, 0.5));\n color: white; \n }\n @media screen and (max-width: 768px) {\n .text-box {\n display: inline-block;\n margin:200px 0 0 10px;\n padding: 10px;\n background-image: linear-gradient(rgba(0, 0, 0, 0.5), rgba(0, 0, 0, 0.5));\n color: white; \n }\n }\n \u003c/style\u003e\n \u003cdiv class=\"text-box\"\u003e\n \u003ch1\u003eAn Analysis of Attacker Activity \nthrough NDR, EDR, and NGFW Data\u003c/h1\u003e\n \u003c/div\u003e\n \u003cdiv style=\"display: inline-block;\n padding: 10px;\n background-image: linear-gradient(rgba(0, 0, 0, 0.5), rgba(0, 0, 0, 0.5));\n color: white; margin:20px 0 0 100px;\"\u003e\n WHITE PAPER\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n ","custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a1590316-0a12-4b21-9aa0-7ff30736ddd1","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","query.utm_content"],"custom_javascript":"document.title = \"An Analysis of Attacker Activity through NDR, EDR, and NGFW Data\";","custom_css":null,"condition":null},{"id":"122e4cb5-b100-4ddd-9223-dfc4704a18ba","state":"promoted","name":"Sidepop for NDR","description":"Sidepop for NDR","global":true,"priority":0,"experience_type":"questionnaire","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for-you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":true,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"6c150a46-c198-4c01-8870-e3be42aab349","dom_update_group_state":"active","variation_key":"ace5f3e3-78db-4e21-8a10-a5c3414059fa","variation_name":"Variation 1","dom_updates":[],"questionnaire":{"id":"a94583fc-2c20-4c37-a47e-0973ab977157","config":{"primaryColor":"#2196f3"},"component_config":{"colors":{"primary":"#FFFFFF","icon_color":"#FF0000"},"styles":{"button":"border-radius: 10px; color: #da290c;","title":"color: white;","snippet":"color: white;"},"disable_mutiny_branding":false,"inherit_fonts":false,"success_button_theme":null,"layout":{"image_type":"none","image_url":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Citi.svg.png"},"show_at_scroll_percent":7,"open_mode":"new_tab","disable_success_message":false},"key":"822d1e4e-25f9-4325-9918-936e13fd29c1","questionnaire_type":"fab","hold_out":1.0,"url_host":"www.fortinet.com","url_path":"/for-you","url_condition":null,"condition":null,"questions":[{"title":"Welcome!","snippet":"\n\u003cb\u003eWant to find out more about our solutions for SecOps?\u003c/b\u003e","key":"hey_adobe","question_type":"multiple_choice","question_options":[{"token":"1d97ac8d-64d5-4cad-90c9-55c692b4fe21","title":"link","value":"f0f0fabb-65cd-447f-98d1-3fb971a4d645","option_type":"link","input_type":null,"link":null,"success_headline":null,"success_snippet":null,"success_cta":"READ MORE","success_cta_link":"https://www.fortinet.com/library/secops/"}],"cta":null,"cta_link":null,"fallback_success_headline":"That's awesome!","fallback_success_snippet":"See how IBM increased their efficiency by up to 30%!","fallback_success_cta":"Close","fallback_success_cta_link":"https://fortinet.com/for-you"}],"resource_type":"Questionnaire","resource_id":"a94583fc-2c20-4c37-a47e-0973ab977157","priority":0,"version":2},"component_stylesheet_id":"313d129c-f5ab-4b60-90ca-6f8aac09eee5","data_dependencies":["user.random","query.utm_content"],"custom_javascript":"function addStylesheet(content) {\n const stylesheet = document.createElement(\"style\");\n stylesheet.innerHTML = content;\n document.body.appendChild(stylesheet);\n}\n\naddStylesheet(`\n /*Change background color*/\n .mutiny-sidepop div[class^=\"popupBackground\"] {\n background-color: red;\n }\n\n/* Anchor button styles */\n.mutiny-sidepop .mutiny-sidepop-button {\n background-color: red !important;\n color: red !important;\n}\n`);\n\n\n\n","custom_css":null,"condition":null}]},{"id":"65","name":"Outbreak Alerts - Ford Motor","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"user.random","value":0,"comparator":"greater_than_or_equal","filter":null,"aggregation":null},{"attribute":"query.utm_content","value":"Outbreak-Ford","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"aabaed5d-0f94-4399-ac66-438a251af85d","state":"promoted","name":"NAMER ABM Outbreak Reports 2023 Ford Motor","description":"NAMER ABM Outbreak Reports 2023 Ford Motor","global":false,"priority":10,"experience_type":"render","redirect_url":null,"url_host":"fortinet.com","url_path":"/for-you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"2e6de793-efbc-486f-a174-1dc608a77930","dom_update_group_state":"active","variation_key":"e75ab6ca-ba63-4e0a-980a-f7b7cea5b277","variation_name":"Variation 1","dom_updates":[{"selector":"a.btn","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"b1b989ae-dfd7-4b36-bab0-6942ca9861ea","custom_javascript":null,"personalization_type":"modification"},{"selector":"div[class*=\"Resources\"]","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"main#CONTENT","index":3,"deconflictor":null},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"b0f0dc64-9d94-4f03-bd42-ddc72a82ca97","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.section-content \u003e p","data":{"html_attributes":{},"styles":{},"content":"\u003cspan style=\"font-weight:600; font-size:28px:\"\u003edeveloped for\u003c/span\u003e\u003cimg src=\"https://cdn.pathfactory.com/assets/11071/icons/925565/f922121a-01c0-4350-a4e9-a6e28cf2e065.png\" style=\"height:50px; padding:0 10 0 15;\"\u003e \u003cspan style=\"font-weight:600; font-size:28px:\"\u003eby\u003c/span\u003e\u003cspan style=\"font-weight:800; font-size:26px;padding:0 0 0 10;letter-spacing:-.8px;\"\u003eFortiGuard Labs\u003c/span\u003e","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"7af3a806-4762-4a2b-9207-284e6d45149e","custom_javascript":null,"personalization_type":"modification"},{"selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d8ab173a-5b35-40f0-af9b-4273f701a600","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container \u003e div[class*=\"Title\"] \u003e h2.new--design","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"47ec0081-5778-495a-bd73-ec2c7021ac06","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":1.0},"content":"\u003cdiv class=\"C11-Text-Columns\" \u003e\n \u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0;}\n a {margin:0 0 5 0;\n color: blue;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003cp\u003eIn 2023, there were multiple\noutbreaks alerts released each\nmonth, making it a notable\nyear in terms of the frequency\nof significant incidents with\nwidespread reach.\n\u003c/p\u003e\n\u003cp\u003e\nThe Outbreaks highlights various\nTargeted and 0-day Attacks,\nWeaponized Vulnerabilities,\nMalware/Ransomware Campaigns\nand OT/IoT threats.\n\u003c/p\u003e\n\u003cp\u003e\nThis diversity emphasizes the\nimportance of timely threat intel\nand proactive protections to help\nan organization remain safe using a\nmulti-layered security approach in\naddressing different threat vectors.\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3 style=\"margin-top:10;\"\u003eVulnerabilities (23)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdobe ColdFusion Deserialization of\nUntrusted Data\n\u003cli\u003eApache RocketMQ RCE\n\u003cli\u003eCacti Command Injection\n\u003cli\u003eCWP Control Web Panel Command Injection\n\u003cli\u003eFortra GoAnywhere MFT RCE\n\u003cli\u003eGoogle Chromium WebP\n\u003cli\u003eIBM Aspera Faspex RCE\n\u003cli\u003eIvanti Endpoint Manager Mobile\nAuthentication Bypass\n\u003cli\u003eJetBrains TeamCity Authentication Bypass\n\u003cli\u003eJoomla! CMS Improper Access Check\n\u003cli\u003eMicrosoft Office and Windows HTML RCE\n\u003cli\u003eMicrosoft Outlook Elevation of Privilege\n\u003cli\u003eOracle WebLogic Server\n\u003cli\u003ePaperCut MF/NG Improper Access Control\n\u003cli\u003eProgress MOVEit Transfer SQL Injection\n\u003cli\u003eTeclib GLPI RCE\n\u003cli\u003eThinkPHP RCE\n\u003cli\u003eTP-Link Archer AX-21 Command Injection\n\u003cli\u003eVMware Aria Operations for Networks\nCommand Injection\n\u003cli\u003eWooCommerce Payments Improper\nAuthentication\n\u003cli\u003eZoho ManageEngine RCE\n\u003cli\u003eZyxel Multiple Firewall\n\u003cli\u003eZyxel Router Command Injection\n\u003c/ul\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3 style=\"margin-top:10;\"\u003eTargeted Attack (8)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e3CX Supply Chain Attack\n\u003cli\u003eApache ActiveMQ Ransomware Attack\n\u003cli\u003eCisco IOS XE Web UI Attack\n\u003cli\u003eCitrix Bleed Attack\n\u003cli\u003eHTTP/2 Rapid Reset Attack\n\u003cli\u003eProgress Telerik UI Attack\n\u003cli\u003eRealtek SDK Attack\n\u003cli\u003eVMware ESXi Server Ransomware Attack\n\u003c/ul\u003e\n\u003ch3 style=\"margin-top:10;\"\u003eMalware (3)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAgent Tesla Malware Attack\n\u003cli\u003eLazarus RAT Attack\n\u003cli\u003eRouter Malware Attack\n\u003c/ul\u003e\n\u003ch3 style=\"margin-top:10;\"\u003eOT/IoT (4)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCosmicEnergy Malware\n\u003cli\u003eMultiple Vendor Camera System Attack\n\u003cli\u003eSolarView Compact Command Injection\n\u003cli\u003eTBK DVR Authentication Bypass Attack\n\u003c/ul\u003e\n\n \u003c/div\u003e\n\u003c/div\u003e\n\n\n\n\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c08e546b-152f-4291-907a-ff9aa631fa53","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e0d0ae5d-bbf5-4080-a7ff-ddc907259486","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container \u003e div[class*=\"Title\"] \u003e h2.new--design","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"h2","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d83fd594-ad63-499b-ac13-6b9874f4e19c","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.resources-row","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9fbac6d3-cbd0-44c2-ac40-ec9c2f31094a","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e3b49aca-4877-44c1-96ad-08b2c0091c1b","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(15) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"77b33639-27d7-49b5-be47-956dedc8acc6","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section--features","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9c16e516-7603-4131-8773-95ad72e7b71d","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(13) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"1375d939-5311-4d76-9d70-4ccf389a56a9","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(11) \u003e section.cs--padding","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ddf3f639-39af-49e8-a816-c4e24776b91e","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(9) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"2953fd0c-a13d-4b38-b41f-b134963f24e0","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.analyst-validation-label","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e87a3e0c-13b3-4bec-949f-3716c81496e8","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(7) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"1586efb1-75e7-4792-ab52-44c7325839f1","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(6) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9344aa0a-35e9-44e8-832c-fa0fafa98a75","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(5) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"5d920e48-fccd-4cf3-af4f-367348f63b5d","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.modal--support-window","data":{"html_attributes":{},"styles":{},"content":"\u003ca href=\"https://www.fortinet.com/fortiguard/outbreak-alert-subscription?utm_source=website\u0026utm_medium=fortiguardlabssp\u0026utm_campaign=oa-fortiguard-labs\u0026utm_content=outbreak-alerts-subscribe\" target=\"_blank\" class=\"threats-button\" style=\"\"\u003e\u003csvg xmlns=\"http://www.w3.org/2000/svg\" version=\"1.1\" viewBox=\"0 0 24 24\"\u003e\n \u003cdefs\u003e\n \u003cstyle\u003e\n .cls-1 {\n fill: #fff;\n }\n \u003c/style\u003e\n \u003c/defs\u003e\n \u003c!-- Generator: Adobe Illustrator 28.6.0, SVG Export Plug-In . SVG Version: 1.2.0 Build 709) --\u003e\n \u003cg\u003e\n \u003cg id=\"a\"\u003e\n\u003cpath class=\"cls-1\" d=\"M22.5,20.2L12.7,3c-.1-.2-.4-.4-.7-.4s-.5.1-.7.4L1.5,20.2c-.1.2-.1.5,0,.7.1.2.4.4.7.4h19.6c.3,0,.5-.1.7-.4.1-.2.1-.5,0-.7ZM13.2,19.2h-2.4v-2.2h2.4v2.2ZM13.2,15.3h-2.4v-6.6h2.4v6.6Z\"/\u003e\n \u003c/g\u003e\n \u003c/g\u003e\n\u003c/svg\u003e\u003cspan\u003eSubscribe \u003cbr\u003eto Outbreak Alerts\u003c/span\u003e\u003c/a\u003e\u003ca href=\"/corporate/about-us/contact-us\" class=\"contact-button\"\u003e\u003csvg width=\"13px\" height=\"22px\" viewBox=\"0 0 13 22\" version=\"1.1\" xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\"\u003e\u003cg stroke=\"none\" stroke-width=\"1\" fill-rule=\"evenodd\"\u003e\u003cpath d=\"M11,17 L2,17 L2,3 L11,3 L11,17 Z M6.5,21 C5.67157288,21 5,20.3284271 5,19.5 C5,18.6715729 5.67157288,18 6.5,18 C7.32842712,18 8,18.6715729 8,19.5 C8,20.3284271 7.32842712,21 6.5,21 L6.5,21 Z M10.5,0 L2.5,0 C1.11928813,2.22044605e-16 0,1.11928813 0,2.5 L0,19.5 C0,20.8807119 1.11928813,22 2.5,22 L10.5,22 C11.8807119,22 13,20.8807119 13,19.5 L13,2.5 C13,1.11928813 11.8807119,4.4408921e-16 10.5,4.4408921e-16 L10.5,0 Z\"\u003e\u003c/path\u003e\u003c/g\u003e\u003c/svg\u003e\u003cspan\u003eContact Us\u003c/span\u003e\u003c/a\u003e\u003ca href=\"/demo-center\" class=\"demo-button\"\u003e\u003csvg width=\"24px\" height=\"17px\" viewBox=\"0 0 24 17\" version=\"1.1\" xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\"\u003e\u003cg stroke=\"none\" stroke-width=\"1\" fill-rule=\"evenodd\"\u003e\u003cpath d=\"M20,12 L4,12 L4,2 L20,2 L20,12 Z M14,15 L10,15 L10,14 L14,14 L14,15 Z M22,15 L22,0 L2,0 L2,15 L0,15 L0,17 L24,17 L24,15 L22,15 L22,15 Z\"\u003e\u003c/path\u003e\u003c/g\u003e\u003c/svg\u003e\u003cspan\u003eFree Demo\u003c/span\u003e\u003c/a\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"cf9345ff-d1cc-4773-a663-a17f1495282c","custom_javascript":null,"personalization_type":"modification"},{"selector":"h1","data":{"html_attributes":{},"styles":{},"content":"\u003cp style=\"line-height:1;margin: 20 0 10 0; text-align:left;width=80%;\"\u003eOutbreak Alerts Annual Report \u003c/p\u003e\u003cspan style=\"color: lightgreen;font-weight:400;margin-top: 0;\"\u003e2023\u003c/span\u003e\n\u003cp style=\"color: lightgreen;font-weight:400;margin-top: 0; text-align:left;\"\u003eAutomotive Sector \u003c/p\u003e","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"338e7d6e-b2cb-4576-84d7-02abf4f40786","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section","data":{"html_attributes":{"style":"display:none;"},"styles":{"background-image":"none"},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"06997a90-5ee7-47e4-b522-b840b4661f14","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":2.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"outbreak-release\"\u003eOutbreak Release Timeline\u003c/h1\u003e\n \u003cp style=\"margin:0 50px 0 50px;\"\u003eThe data reveals a continuous stream\nof critical cyber threats throughout\nthe year 2023. There were notable\nincreases in the number of outbreaks\nbetween March and July.\n\u003c/p\u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-12.jpg\"\u003e\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"fd719570-ba59-4344-abc1-8d20a5bb61c1","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":5.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"malware\"\u003eMalware Profile\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eOverall Malware and 0-day Detections\u003c/h3\u003e\n\u003cp\u003eIn 2023, FortiGuard Labs observed an average of 250 million total malware detections per month. Among those were 6 million 0-day (or unknown) malware detections per month.\n\u003c/p\u003e\n\u003cp\u003e\nThe Microsoft Windows executable file type remained the most common vehicle for malware attacks followed by Microsoft Office file type.\n\u003c/p\u003e\u003cp\u003e\nSimilar to the previous year, the top malwares were the \u003cspan style=\"color:green;\"\u003eMSOffice/CVE_2017_11882.C\u003c/span\u003e and \u003cspan style=\"color:green;\"\u003eMSExcel/CVE_2018_0798.BOR\u003c/span\u003e which are both file-based stack buffer overflow vulnerability in Microsoft Office.\n\u003c/p\u003e\n\u003cp\u003e\n The exploit can run malicious shellcode which will allow the malware to attempt to download the next malicious payload.\n\u003c/p\u003e\n\n\u003c/div\u003e\n\u003cdiv class=\"col-8 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-123.png\" style=\"background-color:black\"\u003e\n\u003cp\u003eMonthly blocked count of Total Malware and 0-day Detection. Total per file type.\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\u003cdiv\u003e\n","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e2350fdc-b9f2-4e16-bda0-00e69d095c0f","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":6.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"active-malware\"\u003eSignificant Active Malware\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eAsh Trojan\u003c/h3\u003e\n\u003cp\u003eThe Ash trojan is an installer script-based malware\nthat incorporates numerous junk instructions to\nevade Antivirus programs. It was quite prevalent in\nEuropean and Asian countries with million block hits\nper month.\n\u003c/p\u003e\n\u003cp\u003eThis malware was quite epidemic because it was used alongside the recent Lazarus Remote Access Trojan Attack.\n\u003c/p\u003e\n\u003cp\u003e\n Detection signature for Ash Trojan: \u003cspan style=\"color:orangered;\"\u003eW32/Ash!tr\u003c/span\u003e\n\u003c/p\u003e\n\n\u003c/div\u003e\n\u003cdiv class=\"col-8 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-130-4.png\" style=\"background-color:black\"\u003e\n\u003cp\u003eMonthly blocked count and total per country of Ash Trojan.\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eStealer 36680 Trojan\u003c/h3\u003e\n\u003cp\u003eThe Stealer 36680 trojan is a .NET based Windows\nexecutable malware that hides and encrypts its\nmalicious code specifically in the ‘Resource’ section.\n\u003c/p\u003e\n\u003cp\u003e\nThe decrypted code is another Windows executable program that contains the payload. This malware was first discovered in May 2023 and continued to prevail with an average of 4 million blocked hits per month.\n\u003c/p\u003e\n\u003cp\u003e\n Detection signature for the Stealer 36680 Trojan: \u003cspan style=\"color:orangered;\"\u003eMSIL/Stealer.36680!tr\u003c/span\u003e\n\u003c/p\u003e\n\n\u003c/div\u003e\n\u003cdiv class=\"col-8 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-136.png\" style=\"background-color:black\"\u003e\n\u003cp\u003eMonthly blocked count and total per country of Stealer 36680 Trojan.\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\n\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eWannaMine Trojan\u003c/h3\u003e\n\u003cp\u003eThe WannaMine trojan has a call home requests to\n“doc.conf1g.com.”\n\u003c/p\u003e\n\u003cp\u003e\nThat domain name is categorized as the command-and-control (C2) server for WannaMine which is a known malicious mining service. This malware was heavily seen in Tunisia, a country in North Africa, with a total of 11 million block hits.\n\u003c/p\u003e\n\u003cp\u003e\n Detection signature for WannaMine trojan: \u003cspan style=\"color:orangered;\"\u003eW32/Agent.EFD9!tr\u003c/span\u003e\n\u003c/p\u003e\n\n\u003c/div\u003e\n\u003cdiv class=\"col-8 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-142.png\" style=\"background-color:black\"\u003e\n\u003cp\u003eMonthly blocked count and total per country of WannaMine trojan.\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"63499c32-aea9-4bbb-b3a5-85016ca71f41","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":8.0},"content":"\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"ot-ics\"\u003eOT/ICS Profile Summary\u003c/h1\u003e\n\n \u003cdiv class=\"C11-Text-Columns\"\u003e\n \u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-3 match-height col-sm-12\"\u003e\n \n \u003cp\u003eOperational Technology (OT) and Industrial\nControl Systems (ICS) face unique and critical\ncybersecurity threats that can have severe\nconsequences on physical infrastructure and\nindustrial processes.\n\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-3 match-height col-sm-12\"\u003e\n \u003ch5\u003eTargeted Attacks on Critical Infrastructure\u003c/h5\u003e\n \u003cp style=\"font-size:13px;\"\u003e\n Adversaries increasingly target critical infrastructure, such as energy, water, transportation, and manufacturing sectors, aiming to disrupt operations, cause physical damage, or compromise safety systems.\n\u003c/p\u003e \n\u003c/div\u003e\n\u003cdiv class=\"col-3 match-height col-sm-12\"\u003e\n \u003ch5\u003eSpecifically Crafted Malware\u003c/h5\u003e\n \u003cp style=\"font-size:13px;\"\u003e\n Cyber threats to OT/ICS often involve specially crafted malware designed to manipulate or disrupt industrial processes Examples include Stuxnet, Triton, and Industroyer, which target control systems and programmable logic controllers (PLCs). \n\u003c/p\u003e \n\u003c/div\u003e\n\u003cdiv class=\"col-3 match-height col-sm-12\"\u003e\n \u003ch5\u003eConvergence of IT and OT\nNetworks\u003c/h5\u003e\n \u003cp style=\"font-size:13px;\"\u003e\n The convergence of Information Technology (IT) and OT networks increases the attack surface. Threats that begin in IT environments may move laterally into OT networks, potentially impacting critical infrastructure.\n\u003c/p\u003e \n\u003c/div\u003e\n\u003c/div\u003e\n\u003cp\u003eHere is a summary of some key aspects of OT/ICS cyber threats…\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n \u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-10 match-height col-sm-12\"\u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-201-1.png\"\u003e\n\u003cp\u003eTop 10 OT vendor with unique exploit attempts per device and month.\n \u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-2 match-height col-sm-12\"\u003e\n \u003ch5\u003eExploitation attempts on Advantech, LAquis and Schneider Electric comprised 60% of the top 10 OT vulnerabilities.\n\u003c/h5\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"77197e28-cf9a-4313-9cc5-0e7b64686e3f","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":11.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"challenges\"\u003eChallenges to the Cyber Landscape in 2024\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003cp\u003e\n The cybersecurity landscape is ever changing, marked by the continual emergence of new threats. Being aware of the primary challenges enables organizations to remain vigilant against evolving risks and adjust their cybersecurity strategy accordingly.\n\u003c/p\u003e\n\u003cp\u003e\n Understanding these key challenges is vital for efficient risk management, safeguarding sensitive data, ensuring uninterrupted business operations, fostering trust, and staying proactive against emerging threats.\n\u003c/p\u003e\n\u003cp\u003e\n Let’s discuss what are some of the key challenges…\n \u003c/p\u003e\n \n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%252072%2520copy%252010.png\" style=\"width:100px;margin:0 0 0 120;padding:0 0 0 0; \"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c; color:white;\"\u003eIncreased sophistication of attacks\u003c/h3\u003e\n\u003cp\u003e\nCyber attackers are becoming more sophisticated, using advanced tactics such as artificial intelligence (AI) and machine learning (ML) to enhance the effectiveness of their campaigns.\n\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e \n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%252072%2520copy%25208.png\" style=\"width:100px; margin-left:120px;\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c; color:white;\"\u003eZero-day exploits\u003c/h3\u003e\n\u003cp\u003e\nThe discovery and exploitation of previously unknown vulnerabilities, known as \nzero-day exploits, remain a persistent challenge, as they provide attackers with the \nopportunity to bypass existing security measures.\n\u003c/p\u003e\n\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%252072%2520copy%25209.png\" style=\"width:100px; margin-left:120px;\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c; color:white;\"\u003eRansomware proliferation\u003c/h3\u003e\n\u003cp\u003e\nRansomware attacks continue to surge, with threat actors employing advanced \ntechniques like double extortion, targeting critical infrastructure, and demanding \nlarger ransom payments Some ransomware attacks involve a more hands-on, \nhuman-operated approach, allowing attackers to tailor their strategies, evade \ndetection, and increase the effectiveness of their campaigns.\n\u003c/p\u003e \n\u003c/div\u003e\n\u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%252072%2520copy%25206.png\" style=\"width:100px; margin-left:120px;\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c; color:white;\"\u003eNation-state threats\u003c/h3\u003e\n\u003cp\u003e\nState-sponsored cyber threats pose significant challenges, with nation-states \nengaging in cyber-espionage, cyber warfare, and attempts to disrupt \ncritical infrastructure.\n\u003c/p\u003e\n\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%252072%2520copy%25207.png\" style=\"width:100px; margin-left:120px;\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c; color:white;\"\u003eIoT vulnerabilities\u003c/h3\u003e\n\u003cp\u003e\nThe proliferation of Internet of Things (IoT) devices introduces new security \nchallenges, as many of these devices may have inadequate security features, \nmaking them potential targets for exploitation.\n\u003c/p\u003e\n \u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"aa713e7d-aed1-4afa-9815-6c34402b8a1e","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":7.0},"content":"\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"observations\"\u003eRansomeware observations and highlights\u003c/h1\u003e\n\u003cp\u003eSeveral noteworthy developments and observations regarding ransomware:\u003c/p\u003e\n \u003cdiv class=\"C11-Text-Columns\"\u003e\n \u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eRansomware-as-a-Service (RaaS) model\u003c/h3\u003e\n \u003cp\u003eThe prevalence of the RaaS model persists as a notable trend This model empowers less technically proficient individuals to execute ransomware attacks by utilizing pre-designed malware provided by more advanced developers, leading to the widespread dissemination of ransomware.\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eTargeted Attacks\u003c/h3\u003e\n \u003cp\u003eWhile indiscriminate attacks on individuals and small businesses persist, there is an escalating trend of focused attacks on larger organizations, government entities, and critical infrastructure. Attackers conduct comprehensive reconnaissance before initiating their attacks.\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eDiverse Tactic\u003c/h3\u003e\n \u003cp\u003eRansomware operators continue to refine their tactics, utilizing various methods for initial access. These methods encompass phishing emails, exploiting software vulnerabilities, compromising remote desktop protocols, and even employing supply chain attacks or targeting software vendors to broaden their victim pool.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003cp\u003eLet's focus on significant widespread ransomware.\u003c/p\u003e\n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eCrysis Ransomware\u003c/h3\u003e\n \u003cp\u003eAlias: \u003cspan style=\"color:green\"\u003eDharma\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eExtension: \u003cspan style=\"color:green\"\u003e.mao, .CY3, .d0n\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eDetection: \u003cspan style=\"color:orangered\"\u003eW32/Crysis.P!tr.ransom\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eCrySIS, also known as Dharma, is a type of ransomware that first appeared around 2016. Like other ransomware variants, CrySIS encrypts files on a victim’s computer or network, rendering them inaccessible.\u003c/p\u003e\n \u003cp\u003eCrySIS typically spreads through phishing emails, malicious attachments, or compromised websites. Once it infiltrates a system, it begins encrypting files using a strong encryption algorithm, making it challenging to recover the files without the decryption key.\u003c/p\u003e\n \u003cp\u003eLearn more: \u003ca href=\"https://www.fortinet.com/blog/threat-research/ransomware-roundup-playing-whack-a-mole-with-new-crysis-dharma-variants\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eThreat Research\u003c/a\u003e\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-8 match-height col-sm-12\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-150.png\" style=\"background-color:black\"\u003e\n \u003cp\u003eMonthly blocked count and total devices per country of Crysis Ransomware.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n\u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eGogaLocker Ransomware\u003c/h3\u003e\n \u003cp\u003eExtension: \u003cspan style=\"color:green\"\u003e.locked\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eDetection: \u003cspan style=\"color:orangered\"\u003eW32/Crypren.AFFL!tr.ransom\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eGoga Locker is a type of ransomware that has been known to target businesses specifically Industrial OT environments.\n\u003c/p\u003e\n\u003cp\u003e\nOne of the world’s biggest producers of aluminum was hit by GogaLocker ransomware attack in 2019 that shut down its worldwide network and disrupted its operation.\n\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-8 match-height col-sm-12\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-173-2.png\" style=\"background-color:black\"\u003e\n \u003cp\u003eMonthly blocked count and total devices per country of GogaLocker Ransomware.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e \n\u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eREvil Ransomware\u003c/h3\u003e\n \u003cp\u003eAlias: \u003cspan style=\"color:green\"\u003eSodinokibi Extension: .sodinokibi\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eDetection: \u003cspan style=\"color:orangered\"\u003eW32/Sodinokibi!tr.ransom\u003c/span\u003e\u003c/p\u003e\n \u003cp\u003eREvil ransomware is infamous for targeting high-profile victims and demanding large ransom payments.\n \u003c/p\u003e\n \u003cp\u003e\nIt has been involved in high-stakes attacks against \nbusinesses. REVil is often associated with a \nRansomware-as-a-Service model. This means that the \ncreators of the ransomware provide it to other criminal \nactors, who then use it to conduct attacks.\n\u003c/p\u003e\n\u003cp\u003e \nRansomware attacks, including those involving REVil, \nhave led to significant financial losses, data breaches, \nand disruptions in various sectors. The targets of \nREVil attacks have included various organizations and \nbusinesses around the world. Ransomware attacks often \nfocus on industries with critical data, such as healthcare, \nfinance, and government. \n\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-8 match-height col-sm-12\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-152-5.png\" style=\"background-color:black\"\u003e\n \u003cp\u003eMonthly blocked count and total devices per country of REvil Ransomware.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e \n \n \n \u003c/div\u003e\n","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"2f0808ac-ca97-464b-996e-cf8d26d57fb5","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":9.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;line-height: 1.1; background-color:#3cb07c;\" id=\"ot-ics-threats\"\u003eLet’s focus on some signifiant targeted OT/ICS vulnerabilities and threats\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eCosmicEnergy Malware\u003c/h3\u003e\n\u003ch5\u003eOT Malware designed to cause electric power disruption\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\nThe CosmicEnergy malware was observed targeting the operational technology sector.\u003c/p\u003e \n\u003cp\u003e\nAccording to the reports, the malware is specifically designed to cause electric power \ndisruption through exploiting IEC 60870-5-104 protocol That protocol is commonly used in \nelectric transmission and distribution operations in Europe, the Middle East, and Asia. \n\u003c/p\u003e\n\u003cp\u003eBased on FortiGuard Labs, detection hits were seen in the following countries: Bulgaria, Canada, Israel, and United Kingdom The identification of this malware exemplifies that the threat actors are actively engaged to disrupt critical infrastructure and using new design flaws to create new malware which share technical similarities with other OT malware families.\n\u003c/p\u003e\n\u003cp\u003eDetection Signature: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/cosmicenergy-malware\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOT Security Service\u003c/a\u003e\n\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eIgnition Authentication Bypass\u003c/h3\u003e\n\u003ch5\u003eCVE-2022-35871\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\nIgnition is a software platform provided by Inductive that utilizes HMI (Human Machine Interface), SCADA (Supervisory Control and Data Acquisition), and MES (Manufacturing Execution System) functionalities.\n\u003c/p\u003e\n\u003cp\u003e\nThe platform provides real-time status and control screens for monitoring and managing machines A security vulnerability has been identified, allowing remote unauthenticated attackers to execute arbitrary code.\n\u003c/p\u003e\n\u003cp\u003e\nBased on FortiGuard Labs, detection hits were seen in the following countries: Belgium, Brazil, Canada, Spain and United States.\n\u003c/p\u003e\n\u003cp\u003eDetection Signature: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/52024\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOT Security Service\u003c/a\u003e\n\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eMilesight Routers Information Disclosure\u003c/h3\u003e\n\u003ch5\u003eCVE-2023-43261\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\nMilesight specializes in providing intelligent IoT and video surveillance products, with a primary emphasis on IoT technologies and industrial solution.\n\u003c/p\u003e\n\u003cp\u003e\nThe Milesight router information disclosure vulnerability exposes sensitive information and enables unauthorized access to the device. This vulnerability is attributed to a misconfiguration that activates directory listing on the router systems, making log files openly accessible to the public.\n\u003c/p\u003e \n\u003cp\u003eDetection Signature: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/54096\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOT Security Service\u003c/a\u003e\n\u003c/p\u003e\n \u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"6515e3a7-ee14-4da4-8bfd-dd56807ec5c2","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":10.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"notable-ttps\"\u003eLet’s focus on notable TTPs\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eExploit Public-Facing Application (T1190)\u003c/h3\u003e\n\u003ch5\u003eTactic: Initial Access\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\nT1190 is the most frequently observed technique by\nthe Outbreaks in 2023.\n\u003c/p\u003e\n\u003cp\u003e\nAttackers try to take advantage of weaknesses in \napplications accessible to the public, aiming to gain \nunauthorized access to systems or manipulate the \nbehavior of the applications. Adversaries could exploit \nestablished vulnerabilities within these applications, \nutilize custom exploits, or employ social engineering \ntechniques to compromise their security.\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://attack.mitre.org/techniques/T1190/\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eExploit Public-Facing Application,\nTechnique T1190 - Enterprise | MITRE ATT\u0026CK®\u003c/a\u003e\n\u003c/p\u003e\n\u003c/div\u003e\n\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003ePhishing (T1566)\u003c/h3\u003e\n\u003ch5\u003eTactic: Initial Access\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\nAdversaries use phishing to deceive individuals into providing sensitive information or executing malicious actions.\n\u003c/p\u003e\n\u003cp\u003e\nPhishing attacks commonly involve emails, but they can also use other communication channels such as instant messaging, social media, or even phone calls Ransomware gangs often use phishing as a primary method to deliver their malicious payloads LockBit is a ransomware strain that has been observed using phishing emails for initial access Sodinokibi, also known as REvil, has been associated with phishing campaigns that leverage malicious attachments or links.\n\u003c/p\u003e \n\u003cp\u003eFor more info: \u003ca href=\"https://attack.mitre.org/techniques/T1566/\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003ePhishing, Technique T1566 -\nEnterprise | MITRE ATT\u0026CK®\u003c/a\u003e\n\u003c/p\u003e\n\u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eDeobfuscate/Decode Files\nor Information (T1140)\u003c/h3\u003e\n\u003ch5\u003eTactic: Defense Evasion\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\n“Deobfuscate” or “decode” refers to the process of reversing the obfuscation or encoding applied to files or information.\n\u003c/p\u003e\n\u003cp\u003e\nObfuscation and encoding techniques are often used by attackers to hide the true nature of malicious code, making it more challenging for security tools to detect and analyze. The Agent Tesla Malware uses a deobfuscation technique with the Rijndael symmetric encryption \nalgorithm.\n\u003c/p\u003e \n\u003cp\u003eFor more info: \u003ca href=\"https://attack.mitre.org/techniques/T1140/\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eDeobfuscate/Decode Files or\nInformation, Technique T1140 - Enterprise |\nMITRE ATT\u0026CK®\u003c/a\u003e\n\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eExploitation of Remote\nServices (T1210)\u003c/h3\u003e\n\u003ch5\u003eTactic: Lateral Movement\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\nTechnique T1210 is highly prevalent, highlighting the importance of securing remote service protocols against unauthorized access and exploitation.\n\u003c/p\u003e\n\u003cp\u003e\nRemote services such as web servers, databases, and other networked services are common targets for exploitation Adversaries leverage known vulnerabilities or use custom exploits to compromise these services.\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://attack.mitre.org/techniques/T1210/\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eExploitation of Remote Services,\nTechnique T1210 - Enterprise | MITRE ATT\u0026CK®\u003c/a\u003e\n\u003c/p\u003e\n\u003c/div\u003e\n\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eOther notable TTPs include:\u003c/h3\u003e\n\u003ch5\u003eNative API (T1106)\u003cbr\u003e\nProcess Injection (T1055)\u003cbr\u003e\nMasquerading (T1036\u003cbr\u003e\nCreate or Modify System Process (T1543)\u003cbr\u003e\nModify Registry (T1112)\u003cbr\u003e\nProcess Injection (T1055)\u003c/h5\u003e\n\n\u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \n\u003cp style=\"font-weight:600; background-color:#3cb07c; color:white;padding:20px 5px 20px 20px;\"\u003e\nThe insights drawn from the data underscore the complexity and diversity of cyber threats and their applied techniques and tactics.\n\u003c/p\u003e \n\n\u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a1378873-2782-4d2c-9977-53f66e19391f","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":3.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"significant-outbreaks\"\u003eLet’s focus on several significant outbreaks in 2023\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003e3CX Supply Chain Attack\u003c/h3\u003e\n\u003cp\u003eTrojanized VOIP application\u003c/p\u003e\n\u003ch5 style=\"color:green;\"\u003e(CVE-2023-29059)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\u003cb\u003eAPT Group(s):\u003c/b\u003e Labyrinth.Chollima\u003cbr\u003e\n\u003cb\u003eDarknet Activity: \u003c/b\u003eYes\n\u003c/p\u003e\n\u003cp\u003e\nThe FortiGuard Labs observed that the threat actors abused a popular business communication software produced by 3CX \n\u003c/p\u003e\n\u003cp\u003e\nTheir voice and video conferencing application was trojanized and used to attack multiple organizations to gather sensitive information using an info stealer Malware Based on the telemetries of blocked download of the malware payload, the geographic spread of victims spans across Australia, Austria, Canada, Germany, Italy, Netherlands, South Africa, Switzerland, United States, and United Kingdom countries.\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/3cx-supply-chain-attack\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOutbreak\u003c/a\u003e | \u003ca href=\"https://www.fortinet.com/blog/threat-research/3cx-desktop-app-compromised\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eThreat Research\u003c/a\u003e\n\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eAgent Tesla Malware Attack\u003c/h3\u003e\n\u003cp\u003eNew variant in the wild\u003c/p\u003e\n\u003ch5 style=\"color:green;\"\u003e(CVE-2018-0802, CVE-2017-11882)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\u003cb\u003eAPT Group(s)\u003c/b\u003e\nBitter,.Cloud.Atlas,.Ocean.lotus,.\nTa413,.Tonto.Team\u003cbr\u003e\n\u003cb\u003eRansomware Group(s)\u003c/b\u003e\nREvil\n\u003c/p\u003e\n\u003cp\u003e\nIn September 2023, FortiGuard Labs detected a phishing campaignthat exploits Microsoft Office vulnerabilities and disseminates a newvariant of Agent Tesla malware.\n\u003c/p\u003e\n\u003cp\u003e\nThis malware has been seen with multiple iterations for almost a decade In this particular campaign, it utilized a Remote Access Trojan (RAT) to initiate access and data-stealing mechanism to extract sensitive information from stored credentials, keylogging data, and screenshots from various software programs like Google Chrome, Mozilla Firefox, and Microsoft Outlook \n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/agent-tesla-malware-attack\" target=\"_blank\" style=\"color:blue;\"\u003eOutbreak \u003c/a\u003e | \u003ca href=\"https://www.fortinet.com/blog/threat-research/agent-tesla-variant-spread-by-crafted-excel-document\" target=\"_blank\" style=\"color:blue;\"\u003eThreat Research.\u003c/a\u003e\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eFortra GoAnywhere MFT RCE\u003c/h3\u003e\n\u003cp\u003eA zero-day exploited in the wild\u003c/p\u003e\n\u003ch5\u003e(CVE-2023-0669)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\n\u003cb\u003eRansomware Group(s) \u003c/b\u003e Cl0p,.Ta505\n\u003cbr\u003e\n\u003cb\u003eExploit publicly available? \u003c/b\u003eYes\n\u003c/p\u003e\n\u003cp\u003e\nThe GoAnywhere MFT is a secure managed\nfile transfer solution that streamlines\nthe exchange of data between systems,\nemployees, customers, and trading partners.\n\u003c/p\u003e\n\u003cp\u003e\nThe security flaw tagged CVE-2023-0669 \nenables attackers to remotely execute code on unpatched GoAnywhere MFT.\n\u003c/p\u003e\n\u003cp\u003e\nThe Clop ransomware claimed to have successfully breach about 130 organizations using this vulnerability \n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/goanywhere-mft-rce\" target=\"_blank\" style=\"color:blue;\"\u003eOutbreak\u003c/a\u003e\u003c/p\u003e\n\n \u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eJetBrains TeamCity\nAuthentication Bypass\u003c/h3\u003e\n\u003cp\u003eAdvanced Persistent Threat Groups\nexploiting the flaw in (CI/CD) application\u003c/p\u003e\n\u003ch5 style=\"color:green;\"\u003e(CVE-2023-42793)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\u003cb\u003eAPT Group(s):\u003c/b\u003e Apt29,.Diamond.Sleet\u003cbr\u003e\n\u003cb\u003eDarknet Activity: \u003c/b\u003eYes\n\u003c/p\u003e\n\u003cp\u003e\nMultiple threat actors have been seen\nexploiting the authentication bypass flaw\nin JetBrains TeamCity that led to remote\ncode execution.\n\u003c/p\u003e\n\u003cp\u003e\nIf compromised, these attackers could access a \nTeamCity server, gaining entry to the software \ndeveloper’s source code, signing certificates, \nand software deployment procedures This \naccess could also be misused to carry out \nattacks on supply chain operations.\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/jetbrains-teamcity-rce\" target=_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOutbreak\u003c/a\u003e | \u003ca href=\"https://www.fortinet.com/blog/threat-research/teamcity-intrusion-saga-apt29-suspected-exploiting-cve-2023-42793\" target=_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eThreat Research\u003c/a\u003e\n\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eLazarus RAT Attack\u003c/h3\u003e\n\u003cp\u003eAPT groups exploiting Log4j2\nvulnerability to deploy Remote\nAccess Trojans (RAT)\u003c/p\u003e\n\u003ch5 style=\"color:green;\"\u003e(CVE-2021-44228)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\u003cb\u003eAPT Group(s)\u003c/b\u003e\nAndariel, Dev-0270, Lazarus, Phosphorus, Teal Kurma\u003cbr\u003e\n\u003cb\u003eRansomware Group(s)\u003c/b\u003e\nLockbit\n\u003c/p\u003e\n\u003cp\u003e\nIn March 2023, a new campaign conducted\nby the Lazarus and other groups were\nseen employing new DLang-based Remote\nAccess Trojans (RATs) malware in the wild.\n\u003c/p\u003e\n\u003cp\u003e\nThe APT groups were targeting manufacturing, \nagricultural and physical security companies by \nexploiting the Log4j vulnerability and using it \nfor initial access leading to a C2 (command and \ncontrol) channel with the attacker. \n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/lazarus-rat-attack\" target=\"_blank\" style=\"color:blue;\"\u003eOutbreak\u003c/a\u003e\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \n \u003ch3\u003eProgress MOVEit Transfer SQL Injection\u003c/h3\u003e\n\u003cp\u003eExploited in data theft and ransomware attacks\u003c/p\u003e\n\u003ch5\u003e(CVE-2023-34362, CVE-2023-35708, CVE-2023-35036)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\n\u003cb\u003eRansomware Group(s) \u003c/b\u003e Cl0p\n\u003cbr\u003e\n\u003cb\u003eDarknet Activity? \u003c/b\u003eYes\n\u003c/p\u003e\n\u003cp\u003e\nMOVEit Transfer is a managed file transfer\n(MFT) solution developed by Ipswitch, a\nsubsidiary of Progress Software, that allows\nthe enterprise to securely transfer files\nbetween business partners and customers\nusing SFTP, SCP, and HTTP-based uploads.\n\u003c/p\u003e\n\u003cp\u003eAllegedly exploited by the Cl0p ransomware threat actor, high-profile government, finance, media, aviation, and healthcare organizations have reportedly been affected, with data exfiltrated and stolen. \n\u003c/p\u003e\u003cp\u003eThe attack stemmed from multiple SQL injection vulnerability found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer’s database.\n\u003c/p\u003e\u003cp\u003eThe attacker may then be able to execute malicious SQL code that can change or delete database elements.\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/53318\" target=\"_blank\" style=\"color:blue;\"\u003eOutbreak\u003c/a\u003e | \u003ca href=\"https://www.fortinet.com/blog/threat-research/moveit-transfer-critical-vulnerability-cve-2023-34362-exploited-as-a-0-day\" target=\"_blank\" style=\"color:blue;\"\u003eThreat Research\u003c/a\u003e\u003c/p\u003e\n\n \u003c/div\u003e\n\t\u003c/div\u003e\n\t\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n\u003ch3\u003eHTTP/2 Rapid Reset\u003c/h3\u003e\n\u003cp\u003eZero-Day DDoS Attack\u003c/p\u003e\n\u003ch5\u003e(CVE-2023-44487)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\n\u003cb\u003eExploit publicly available \u003c/b\u003e Yes\n\u003cbr\u003e\n\u003cb\u003eDarknet Activity? \u003c/b\u003eYes\n\u003c/p\u003e\n\u003cp\u003e\nHTTP/2 protocol aims to address the limitations of HTTP/1.1 by providing a more efficient and faster web browsing experience.\n\u003c/p\u003e\n\u003cp\u003e\nIt.is.widely.adopted.by.modern.web.browsers.and.public.cloud.servers. to.optimize.the.delivery.of.web.content..The.HTTP/2.Rapid.Reset.is.a. distributed.denial.of.service.(DDoS).attack.on.Web.servers..The.attack. leverages.a.flaw.in.the.implementation.of.protocol.HTTP/2.by.sending. high.volume.of.HTTP.requests.\n\u003c/p\u003e\n\u003cp\u003e\nAttackers.can.cause.a.significant.increase.in.the.CPU.utilization.on. the.servers.that.eventually.can.cause.denial.of.service.by.resource. exhaustion..In.October.2023,.Google.posted.a.report.that.they’ve. blocked.the.largest.attack.in.history.which.reached.up.to.398.million. requests.per.second..\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/http2-rapid-reset-attack\" target=\"_blank\" style=\"color:blue;\"\u003eOutbreak\u003c/a\u003e \n\u003c/p\u003e\n\n \u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"vulnerability\"\u003eVulnerability Profile\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003cp\u003e\n Cyber actors choose vulnerabilities to exploit based on several factors including consideration of strategic goals, industry-specific targets, and evasion tactics. Understanding different vulnerability types and prioritizing the remediation are crucial to a risk based approach to security. That brings several advantages, such as:\n \u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e \n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%25201%2520copy%25204.png\" style=\"width:100px;margin:0 0 0 0;padding:0 0 0 0; \"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c;color:white;\"\u003eRisk Assessment\u003c/h3\u003e\n\u003cp\u003e\nIdentify the vulnerability types, assess their potential risks associated with specific weaknesses in systems, applications, or networks and then prioritize security efforts by focusing on vulnerabilities with higher risk levels.\n\u003c/p\u003e\n \n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%25201%2520copy%25203.png\" style=\"width:100px\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color:#3cb07c; color:white;;\"\u003eAttack Surface Analysis\u003c/h3\u003e\n\u003cp\u003e\nUnderstand the entry point that could be exploited by attackers to guide efforts to reduce and secure based on the vulnerability types and their attack vector.\n\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%25201%2520copy%25202.png\" style=\"width:100px\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color: #3cb07c;color:white;;\"\u003eEffective Mitigation Strategies\u003c/h3\u003e\n\u003cp\u003e\nImplement targeted security measures, such as patching software, improving coding practices, and configuring systems securely based on vulnerability types that require distinct mitigation strategies.\n\u003c/p\u003e \n\u003cbr\u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Artboard%25201%2520copy.png\" style=\"width:100px\"\u003e\n\u003ch3 style=\"margin:0 0 10 0;padding:5 0 5 5; background-color: #3cb07c;color:white;;\"\u003ePrioritization of Resources\u003c/h3\u003e\n\u003cp\u003e\nAllocate resources efficiently and focus on addressing high-priority vulnerabilities that pose the greatest risk based on the vulnerability types and their varying levels of impact and exploitability.\n\u003c/p\u003e\n \u003c/div\u003e\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"weaponized\"\u003eWeaponized Vulnerability Profiles\u003c/h1\u003e\n\u003cp\u003e\nIn 2023, the number of actively targeted vulnerabilities with widespread\u003csup style=\"color:green;\"\u003e*\u003c/sup\u003e attack increased by 15%.\n\u003c/p\u003e\n\u003cp\u003e\nAttackers choose vulnerabilities based on ease\nof exploitation, potential impact, commonly used application, and financial incentives. Rightly so, Remote Code Execution (RCE) vulnerabilities were prevalent due to their wide impact on various systems, versatility\nfor attackers, and potential for wormable attacks.\n\u003c/p\u003e\n\u003cp\u003e\nFor instance, there were 325 weaponized and\nwidespread remote code execution vulnerabilities. Out of those, 20 vulnerabilities had been attempted on more than 50,000 devices in a single month.\n\u003c/p\u003e\n\u003cp style=\"font-size:12px; color:green;\"\u003e* Widespread is defined as exploitation attempts of at leasat one thousand unique network devices in a month.\u003c/p\u003e\n\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-105.png\" style=\"background-color:black;\"\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"5fc4463f-c8af-4c86-b0c3-b9316b450f5b","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":4.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"targeted\"\u003eWidely Targeted Vulnerabilities\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003ch3\u003eApache Log4j Remote\nCode Execution\u003c/h3\u003e\n\u003ch5 style=\"color:green;\"\u003e(CVE-2021-44228)\u003c/h5\u003e\n\u003cbr\u003e\n\u003cp\u003e\u003cb\u003eAPT Group(s):\u003c/b\u003e Andariel, Budworm, Cobalt Mirage,\nDev-0270, Lazarus, Muddywater, \nPhosphorus, Teal.Kurma\u003cbr\u003e\n\u003cb\u003eRansomeware Groups(s): \u003c/b\u003eLockbit, Avos\n\u003c/p\u003e\n\u003cp\u003e\nOn the top of chart is still the infamous remote code execution on Apache Log4j with an average of 90 thousand unique devices\nper month.\n\u003c/p\u003e\n\u003cp\u003e\nThis vulnerability was quite epidemic because it was used alongside the recent Lazarus Remote Access Trojan Attack.\n\u003c/p\u003e\n\u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/log4j2-vulnerability\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOutbreak\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003eDetection Signature: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/51006\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eIntrusion Prevention\u003c/a\u003e\n\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv class=\"col-8 match-height col-sm-12\" \u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-108.png\" style=\"background-color:black\"\u003e\n\u003cp\u003eNumber of network devices that blocked exploitation attempts of the Apache Log4J2 vulnerability.\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eCisco IOS XE Web UI\u003c/h3\u003e\n \u003ch5 style=\"color:green;\"\u003e(CVE-2023-20198)\u003c/h5\u003e\n \u003cbr\u003e\n \u003cp\u003e\u003cstrong\u003eExploit publicly available?:\u003c/strong\u003e Yes\n \u003cbr\u003e\n \u003cstrong\u003eDarknet activity\u003c/strong\u003e Yes\u003c/p\u003e\n \u003cp\u003eA recent vulnerability on Cisco IOS XE Web UI was a popular target.\n \u003c/p\u003e\n \u003cp\u003e The detection signature was released mid-October and had already \nrecord exploit attempts on 60,000 unique devices in October 2023. The \nvulnerability exploits a backdoor access on a Cisco Web interface via a \ncrafted HTTP request. \u003c/p\u003e\n \u003cp\u003eFor more info: \u003ca href=\"https://www.fortiguard.com/outbreak-alert/cisco-ios-xe-web-ui-vulnerability\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eOutbreak\u003c/a\u003e\u003c/p\u003e\n \u003cp\u003eDetection Signature: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/54224\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eIntrusion Prevention\u003c/a\u003e\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-8 match-height col-sm-12\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-107.png\" style=\"background-color:black\"\u003e\n \u003cp\u003eNumber of network devices that blocked exploitation attempts of the Cisco IOS XE vulnerability.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\"\u003e\n \u003ch3\u003eNetLink and Zyxel Router Attacks\u003c/h3\u003e\n \u003ch5 style=\"color:green;\"\u003e(CVE-2017-18368)\u003c/h5\u003e\n\n \u003cp\u003e The vulnerabilities on NetLink and Zyxel network\ndevices came in second and third on the top\nweaponized vulnerabilities with each an average of\n80 thousand unique devices per month.\n\u003c/p\u003e\n\u003cp\u003e \nSeveral malware attacks such as MooBot, Lucifer, BotenaGo, Zerobot and Enemybot had been targeting these vulnerabilities for the entire year which likely prove successful exploitation. \u003c/p\u003e\n\n \u003cp\u003eDetection Signature for Netlink Vulnerability: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/52588\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eIntrusion Prevention\u003c/a\u003e\u003c/p\u003e\n \n \u003cp\u003eDetection Signature for Zyxel Vulnerability: \u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/53200\" target=\"_blank\" style=\"margin:0 0 5 0; color: blue;\"\u003eIntrusion Prevention\u003c/a\u003e\u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-8 match-height col-sm-12\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-115-2.png\" style=\"background-color:black\"\u003e\n \u003cp\u003eNumber of network devices that blocked exploitation attempts of the NetLink vulnerabilities\u003c/p\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-Annual_Report_2023_GM-08012024-A-119.png\" style=\"background-color:black\"\u003e\n \u003cp\u003eNumber of network devices that blocked exploitation attempts of the Zyxel vulnerabilities\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e2e02329-b3e3-4f98-9136-06c399cc4334","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{"background-color":"#FFFFFF"},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":0.5},"content":"\u003c!-- Exec Summ Section --\u003e\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"execsum\"\u003eExecutive Summary\u003c/h1\u003e\n\n\u003cstyle\u003e\n.exec-callout {\n display:flex;\n padding: 10px 50px 10px 10px;\n background-color:#3cb07c;\n}\n .exec-callout h2 {\n\t font-weight:600; \n\t color:#3cb07c; \n\t font-size:40px;\n\t line-height: 1;\n\t text-align:center;\n }\n .exec-callout h6 {\n\t font-weight:600; \n\t color:white; \n\t font-size:18px;\n\t line-height:1.2;\n }\n .exec-callout p {\n\t font-weight:600; \n\t color:white; \n\t font-size:40px;\n\t line-height:1.2;\n }\n \n .three-column-text p {\n\t margin:0px 0 0px 0;\n\t break-before:always;\n\t break-inside: avoid;\n }\n .three-column-text h3 {\n\t margin:0px 0 10px 0;\n\t break-after:avoid;\n\t break-inside: avoid;\n }\n .three-column-text ul {\n\t margin:10px 0px 10px 15px;\n\t orphans: 2;\n\t widows: 2;\n }\n .three-column-text {\n\t column-count: 3;\n\t column-gap: 40px;\n\t padding: 20px;\n\t width: 100%;\n\t margin: 0 auto;\n }\n \n /* Optional: style for headings that span across columns */\n .column-span-all {\n\t column-span: all;\n\t margin-bottom: 20px;\n }\n \n /* Responsive design */\n @media (max-width: 768px) {\n\t .three-column-text {\n\t\t column-count: 1;\n\t }\n }\n\u003c/style\u003e\n\n\u003cdiv class=\"three-column-text\" id=\"executive-summary\" style=\"margin: 0 0 40px 0;\"\u003e\n\n \u003cp\u003e During 2023, FortiGuard Labs blocked \u003cstrong\u003e2.4 trillion vulnerability\u003c/strong\u003e attempts and \u003cstrong\u003e3 billion malware\u003c/strong\u003e deliveries to protect Fortinet customers from cyber threats. FortiGuard Labs escalated the significant threats through the Outbreak Alert system to raise awareness.\n \u003c/p\u003e\n\n \u003ch5\u003eThis annual report covers:\n \u003c/h5\u003e\n\n\t\u003cul\u003e\n\t \u003cli\u003e Categories and timeframes of more than three-dozen Outbreak Alerts on vulnerabilities, targeted attacks, ransomware, and OT/IoT related threats.\n\t \u003cli\u003eHighlights of significant outbreaks and several prevalent vulnerabilities and malware.\n\t \u003cli\u003eReal-world telemetries compiled by FortiGuard Labs showing exploitation attempts and malware deliveries.\n\t \u003cli\u003eContext around the entire attack surface to understand the components that can aid in protection, detection, and response to threats.\n \u003c/ul\u003e\n\u003ch5\u003eBlocked in 2023:\n\t\u003c/h5\u003e\n\t\u003cul\u003e\n\t\t\u003cli\u003eOutbreak alerts: 38\n\t\t\u003cli\u003eMalware blocked: 3 billion\n\t\t\u003cli\u003eZero-days blocked: 90 million\n \u003c/ul\u003e\n\u003cdiv class=\"exec-callout\" style=\"background-color: #000\"\u003e\n\u003cdiv style=\"width:60%;\"\u003e\n\u003cp style=\"font-size: 18px; color:#fff\"\u003eVulnerability attempts blocked by FortiGuard Labs\n\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv style=\"width:40%;\"\u003e\u003ch2\u003e 2.4 trillion\u003c/h2\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\u003cdiv class=\"exec-callout\"\u003e\n \u003cdiv\u003e\n\t \u003ch6\u003eFortiGuard Cyber Threat R\u0026D Centers:\n\t \u003c/h6\u003e\n\t\u003c/div\u003e\n \u003cdiv\u003e\n\t \u003cp\u003e6\n\t \u003c/p\u003e\n\t\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"exec-callout\" style=\"border-top: 1px black solid;\"\u003e\n \u003cdiv\u003e\n\t \u003ch6\u003eFortiGuard Operations Centers:\n\t \u003c/h6\u003e\n\t\u003c/div\u003e\n \u003cdiv\u003e\n\t \u003cp\u003e3\n\t \u003c/p\u003e\n\t\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"exec-callout\" style=\"border-top: 1px black solid;\"\u003e\n \u003cdiv\u003e\n\t \u003ch6\u003eFortiGuard Cyber Consultations:\n\t \u003c/h6\u003e\n\t\u003c/div\u003e\n \u003cdiv\u003e\n\t \u003cp\u003e11\n\t \u003c/p\u003e\n\t\u003c/div\u003e\n \u003c/div\u003e\n\t \u003c!-- \n\t \u003cdiv style=\"background-color: da291c; padding:10px 0px 0 40; margin: 20px 30px 0 30px; height: 60px; border-radius:10px;\"\u003e\n\t\t \u003cp\u003eSubscribe to Outbreak Alerts!\n\t\t \u003c/p\u003e\n\t \u003c/div\u003e --\u003e\n\u003c/div\u003e\n\n\n\n\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"outbreak-summary\"\u003eOutbreak Summary\u003c/h1\u003e\n","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"99c00392-90c4-439b-93c1-cbe79e813932","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":12.0},"content":"\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\" id=\"about\"\u003eAbout FortiGuard Labs\u003c/h1\u003e\n\u003cdiv class=\"C11-Text-Columns\"\u003e\n\u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0; padding:0 0 0 0;}\n \u003c/style\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-6 match-height col-sm-12\"\u003e\n \u003ch3\u003eAbout Outbreak Alerts\u003c/h3\u003e\n \u003cp\u003e\n Outbreak Alerts provides us with a unique insight\non collective knowledge and informed mitigation\nguidance across the security ecosystem driving\nresilience against the attackers.\n\u003c/p\u003e\n\u003cp\u003e\nGiven the volume of active threats, evolving methods\nfor exploiting systems and increasing damage to\ncritical business operations, today’s SOC teams require\nautomation and dynamic services to succeed.\n\u003c/p\u003e\n\u003cp\u003e\n FortiGuard Labs Outbreak Alerts provide a unique\nanalysis of the threat landscape throughout the tech\necosystem. FortiGuard Services provide solutions to\ncover the complete attack surfaces, identify outbreaks\nand aid SOC teams to mitigate impacts and investigate\nsuspected compromises.\n \u003c/p\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-6 match-height col-sm-12\"\u003e \n \u003cdiv style=\"height:300px;font-weight:600; color:white; font-size:24px;line-height:1.5;background-color:#3cb07c;padding:50 5 20 20;\"\u003eLearn more about:\n \u003cbr\u003e\n \u003ca href=\"https://fortiguard.fortinet.com/outbreak-alert\" target=\"_blank\" style=\"color:#fff\"\u003eFortiGuard Outbreak Alerts\u003c/a\u003e\n \u003cbr\u003e\n \u003ca href=\"https://fortiguard.fortinet.com/threat-signal-report\" target=\"_blank\" style=\"color:#fff\"\u003eFortiGuard Threat Signals\u003c/a\u003e\n \u003cbr\u003e\n \u003ca href=\"https://www.fortinet.com/blog/threat-research\" target=\"_blank\" style=\"color:#fff\"\u003eFortiGuard Threat Blog\u003c/a\u003e\n\n \u003cdiv style=\"background-color: da291c; padding:10px 0px 0 40; margin: 20px 30px 0 30px; height: 60px; border-radius:10px;\"\u003e\n \u003ca href=\"https://www.fortinet.com/fortiguard/outbreak-alert-subscription?utm_source=email\u0026utm_medium=Other\u0026utm_campaign=Brand-NAMER-US\u0026utm_content=FortiGuardOA-G\u0026utm_term=ABM\" target=\"_blank\" style=\"color:#fff\"\u003e \u003cp\u003eSubscribe to Outbreak Alerts!\n\u003c/p\u003e\u003c/a\u003e\n\u003c/div\u003e \n \n \u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\u003cdiv class=\"row \"\u003e\n \u003cdiv class=\"col-6 match-height col-sm-12\" style=\"margin-bottom:50px;\"\u003e\n \u003ch3 style=\"font-size:16px;\"\u003eSources\u003c/h3\u003e\n \u003cp style=\"font-size:12px;\"\u003e\n The data collected in this report are based on the FortiGuard Outbreak Alerts\nand Telemetries. The telemetries are based on the detection logs of the FortiGuard\nIntrusion Prevention (IPS), Antivirus (AV) and Sandbox services used by Fortinet\nproducts. The IPS telemetry is mainly based on widespread activity on unique network\ndevices instead of actual block hits to exclude multiple attempts. While, the AV and\nSandbox telemetries are based on actual blocking of the known and 0-day Malware,\nrespectively. The report is supplemented by the FortiRecon Threat Intelligence service\nfor the threat actors, availability of PoC and Darknet activities.\n\u003c/p\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a642362c-afbe-4d78-be51-48250bce6dff","custom_javascript":null,"personalization_type":"addition"},{"selector":"section.section","data":{"html_attributes":{"class":"section hero product-hero border-bottom ","style":"padding: 50px 0; background: url(\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Outbreak_Alerts-header2.png\") 0% 0% / cover;"},"styles":{"background-image":"url(https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Updated%2520Ford%2520Logo.png)"},"position":{"parent_selector":"div[class*=\"Product\"]","manual_insert_before_selector":null,"index":2,"deconflictor":null},"content":"\u003cstyle\u003e\n .C941-Product-Hero-Banner .section.product-hero h1 {\n text-align:left;\n font-size: 36px;\n margin-bottom: 0px;\n line-height: 1.3;\n letter-spacing: 0.1px;\n color: #fff;\n \n}\n.C941-Product-Hero-Banner .section.product-hero span {\n font-weight:400;\n}\n\u003c/style\u003e\n\n \u003cdiv class=\"wrap\"\u003e\n \u003cdiv class=\"row banner\" style=\"\"\u003e\n \u003cdiv class=\"col-lg-8 col-8 col-md-12 col-sm-12\"\u003e\n \u003cdiv class=\"section-content\"\u003e\n \u003ch1 style=\"\"\u003eOutbreak Alerts Annual Report \u003cspan style= \"color:lightgreen;\"\"\u003e2023\u003cp\u003eAutomotive Sector\u003c/p\u003e\u003c/span\u003e\u003c/h1\u003e\n \u003cp\u003e\n \u003cspan style=\"font-weight:600; font-size:18px;\"\u003edeveloped for\u003c/span\u003e\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Ford-Logo%2520copy-H%2520-%2520555.png\" style=\"height:60px; padding:0 10 0 15; vertical-align:middle;\"\u003e \u003cspan style=\"font-weight:600; font-size:28px:\"\u003eby\u003c/span\u003e\u003cspan style=\"font-weight:800; font-size:26px;padding:0 0 0 10;letter-spacing:-.8px;\"\u003eFortiGuard Labs\u003c/span\u003e\n \u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n ","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"74ee3c53-b862-4282-b851-6bcbd851a4f2","custom_javascript":null,"personalization_type":"addition"},{"selector":"div.resources-container","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Resources\"] \u003e div:nth-of-type(1) \u003e div.wrap","manual_insert_before_selector":null,"index":0,"deconflictor":null},"content":"\u003cdiv class=\"C11-Text-Columns\"\u003e\n \u003cstyle\u003e\n h1 {\n text-align:center;\n padding: 40px 0 20px 0;\n }\n \u003c/style\u003e \n \u003cheader\u003e\n \u003ch1\u003eAutomotive Sector Summary\u003c/h1\u003e\n \u003c/header\u003e\n\u003cdiv class=\"row \" style=\"margin-top:20px;\"\u003e\n \u003cstyle\u003e\n h5 { margin: 10px 0 0 0;\n color: green;}\n p {margin:0px 0 15px 0;}\n a {margin:0 0 5 0;\n color: blue;}\n \u003c/style\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003cp\u003eAuto companies are a tempting target for cybercriminals. Transportation has been identified by the US Department of HS as infrastructure is critical to modern life: When attacks shut down pipelines or computer systems the effects are felt across society and the broader economy.\u003c/p\u003e\n\u003cp\u003eFortinet’s annual survey of operational\ntechnology (OT) and cybersecurity found 75%\nof organizations had at least one intrusion in\nthe past 12 months. One in three resulted in\nransomware being deployed. \u003ca href=\"https://www.fortinet.com/content/dam/fortinet/assets/reports/report-state-ot-cybersecurity.pdf\" target=\"_blank\"\u003e1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\nWith operations under threat, understanding\nrecent exploits and the tactics, techniques,\nand procedures (TTPs) used by bad actors is\nessential. The annual FortiGuard Labs\nOutbreak Alerts report highlights findings by\nFortinet threat researchers on the frontlines of\noutbreak investigations. It identifies malware\nand vulnerabilities and includes links to further\ndetailed analysis and IOCs.\u003c/p\u003e\n\u003ch3 style=\"margin-top:10;\"\u003eLooking ahead\u003c/h3\u003e\n\u003cp\u003eLong-term cybersecurity is as much a cultural problem as a technical one. In an increasingly digital era of remote work and smart devices, organizations must instill a culture of vigilance.\u003c/p\u003e\n\u003cp\u003e\nAll employees – not just those in IT – must act\nas a firm’s eyes and ears, flagging unusual emails or system activity. Partners and venders, too, can play a vital role in raising the alarm about cyber risks in the increasingly integrated supply chains that fuel the industry.\u003c/p\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12\" \u003e\n \n \u003cp\u003eFindings for the Automotive sector:\u003c/p\u003e\n \u003ch5\u003eThreats to IT/OT infrastructure\u003c/h5\u003e\n\u003cp\u003eThe convergence of IT and OT networks is\ncreating new opportunities for bad actors to\ntarget automotive manufacturing.\u003c/p\u003e\n\u003ca href=\"#ot-ics\"\u003eTop 10 OT/IT vulnerabilities\u003c/a\u003e\n\u003ch5\u003eApache Log4J: The never ending exploit\u003c/h5\u003e\n\u003cp\u003eThe infamous Apache Log4j software flaw\n(CVE-2021-44228), also known as Log4Shell,\nfirst came to light in December 2021, but it is\nstill one of the world’s most exploited\nvulnerabilities. The U.S. Department of\nHomeland Security estimates finding and\npatching every instance of Log4Shell could\ntake up to a decade.\u003c/p\u003e\n\u003ca href=\"#targeted\"\u003eRead about Log4J\u003c/a\u003e\n\u003ch5\u003eCisco IOS XE Web UI exploit\u003c/h5\u003e\n\u003cp\u003eIn October of last year, a previously unknown vulnerability (CVE-2023-20198) in the Cisco IOS XE Web UI affected thousands of devices,\nallowing a remote, unauthenticated attacker to\ncreate an account and gain control.\u003c/p\u003e\n\u003ca href=\"#targeted\"\u003eMore on this emerging security vulnerability\u003c/a\u003e\n\u003ch5\u003eThe ongoing danger of ransomware\u003c/h5\u003e\n\u003cp\u003eRansomware operators have stepped up their attacks against large organizations,\ngovernment agencies, and businesses.\n\u003c/p\u003e\u003ca href=\"#observations\"\u003eRansomware attacks, including CrySIS/ Dharma\u003c/a\u003e\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 match-height col-sm-12 added-using-mutiny-1\" style=\"background-color: #3cb07c; height: 700px; display:block; padding: 20 10 30 15;\"\u003e\n\u003cstyle\u003e\n .added-using-mutiny-1 ul {\n color: white;\n margin: 0;\n }\n .added-using-mutiny-1 a {\n text-underline-offset: 3px;\n }\n.added-using-mutiny-1 a:link {\n color: white;\n text-decoration: underline;\n font-weight: 400;\n }\n .added-using-mutiny-1 a:hover {\n color: white;\n text-decoration: none;\n font-weight: 800;\n }\n .added-using-mutiny-1 a:visited {\n color: white;\n text-decoration: none;\n }\n\u003c/style\u003e\n \u003ch2 style=\"color:white; margin: 0 0 20px 0;\"\u003eAutomotive at a Glance\u003c/h2\u003e\n \u003ch4 style=\"margin:35px 0 15px 0; color:white;\"\u003eTop 5 IPS Signatures\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/48934\" target=_blank\" alt=\"HTTP.Suspicious.Headers.With.Special.Characters\"\u003eHTTP.Suspicious.Headers.With.Special.Characters\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/45660\" target=_blank\" alt=\"Qualys.Vulnerability.Scanner\"\u003eQualys.Vulnerability.Scanner\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/51391\" target=_blank\" alt=\"DNS.PTR.Records.Scan\"\u003eDNS.PTR.Records.Scan\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/43963\" target=_blank\" alt=\"Backdoor.DoublePulsar\"\u003eBackdoor.DoublePulsar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/ips/43799\" target=_blank\" alt=\"MS.SMB.Server.Trans.Peeking.Data.Information.Disclosure\"\u003eMS.SMB.Server.Trans.Peeking.Data.Information.Disclosure\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4 style=\"margin:40px 0 15px 0; color:white;\"\u003eTop 5 Viruses \u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/virus/7875495\" target=_blank\" alt=\"MSOffice/CVE_2017_11882.C!exploit\"\u003eMSOffice/CVE_2017_11882.C!exploit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/virus/10119700\" target=_blank\" alt=\"MSOffice/CVE_2018_0798.BOR!exploit\"\u003eMSOffice/CVE_2018_0798.BOR!exploit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/virus/10137689\" target=_blank\" alt=\"MSIL/Stealer.36680!tr\"\u003eMSIL/Stealer.36680!tr\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/virus/10131263\" target=_blank\" alt=\"MSIL/GenericKDS.61009645!tr\"\u003eMSIL/GenericKDS.61009645!tr\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.fortiguard.com/encyclopedia/virus/10111846\" target=_blank\" alt=\"MSExcel/CVE_2017_11882.D313!exploit\"\u003eMSExcel/CVE_2017_11882.D313!exploit\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4 style=\"margin:40px 0 15px 0; color:white;\"\u003eTop 5 Targeted OT Products/Protocols\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdvantech\n\u003cli\u003eLAquis\n\u003cli\u003eSchneider\n\u003cli\u003eCirCarLife\n\u003cli\u003eQNX\n\u003c/ul\u003e\n\n \u003c/div\u003e\n\u003c/div\u003e\n\n\n\n\n\u003c/div\u003e\n\n\u003c!-- TOC Section --\u003e\n\n\u003ch1 style=\"text-align:center; margin: 40px 0px 40px 0px;color:white;padding:40 0 40 0; font-weight:600;background-color:#3cb07c;\"\u003eReport Contents\u003c/h1\u003e\n\n\u003cstyle\u003e\n\t.TOC h5 { \n\tmargin: 10px 0 0 0;\n\tcolor: green;\n\t}\n\t.TOC p {\n\tmargin:0px 0 15px 0; padding:0 0 0 0;\n\t}\n .TOC a {\n text-underline-offset: 5px;\n }\n.TOC a:link {\n color: #000;\n text-decoration: underline;\n text-decoration-thickness: 1px;\n }\n.TOC a:hover {\n color: #000;\n text-decoration: none;\n }\n.TOC a:visited {\n color: #000;\n text-decoration: none;\n }\n\t.three-column-text h4 {\n\t\tmargin:0px 0 20px 0;\n\t\tbreak-after:avoid;\n\t\tbreak-inside: avoid;\n\t}\n\t .three-column-text ul {\n\t\t margin:10px 0px 10px 15px;\n\t\t orphans: 2;\n\t\t widows: 2;\n\t }\n\t.three-column-text {\n\t\tcolumn-count: 3;\n\t\tcolumn-gap: 40px;\n\t\tpadding: 20px;\n\t\twidth: 100%;\n\t\tmargin: 0 auto;\n\t}\n\n\t/* Optional: style for headings that span across columns */\n\t.column-span-all {\n\t\tcolumn-span: all;\n\t\tmargin-bottom: 20px;\n\t}\n\n\t/* Responsive design */\n\t@media (max-width: 768px) {\n\t\t.three-column-text {\n\t\t\tcolumn-count: 1;\n\t\t}\n\t}\n\u003c/style\u003e\n\u003cdiv class=\"TOC three-column-text\" id=\"TOC\" style=\"margin: 0px 0px 40px 0px;\"\u003e\n\n\u003ca href=\"#execsum\"\u003e\u003ch4\u003eExecutive Summary\n\u003c/h4\u003e\u003c/a\u003e\n\u003ca href=\"#outbreak-summary\"\u003e\u003ch4\u003eOutbreak Summary\n\u003c/h4\u003e\u003c/a\u003e\n\n\u003ch5\u003eOutbreak Release Timeline\n\u003c/h5\u003e\n\u003ch5\u003eSignificant Outbreaks in 2023\n\u003c/h5\u003e\n\u003cul\u003e\n \u003cli\u003e3CX Supply Chain Attack\n \u003cli\u003eAgent Tesla Malware Attack\n \u003cli\u003eFortra GoAnywhere MFT RCE\n \u003cli\u003eHTTP/2 Rapid Reset\n \u003cli\u003eJetBrains TeamCity Authentication Bypass Attack\n \u003cli\u003eLazarus RAT Attack\n \u003cli\u003eProgress MOVEit Transfer SQL Injection\n\u003c/ul\u003e\n\u003ca href=\"#vulnerability\"\u003e\u003ch4\u003eVulnerability\n\u003c/h4\u003e\u003c/a\u003e\n\u003ch5\u003eWeaponized Vulnerability Profiles\n\u003c/h5\u003e\n\u003ch5\u003eWidely Targeted Vulnerabilities\n\u003c/h5\u003e\n\u003cul\u003e\n \u003cli\u003eApache\n \u003cli\u003eCisco IOS XE\n \u003cli\u003eNetLink/Zyxel\n\u003c/ul\u003e\n\u003ca href=\"#malware\"\u003e\u003ch4\u003eMalware Profiles \n\u003c/h4\u003e\u003c/a\u003e\n\u003ch5\u003eOverall Malware and 0-day Detections\n\u003c/h5\u003e\n\u003ch5\u003eSignificant Active Malware\n\u003c/h5\u003e\n\u003cul\u003e\n \u003cli\u003eAsh\n \u003cli\u003eStealer 36680\n \u003cli\u003eWanaaMine Trojan\n\u003c/ul\u003e\n\u003ch5\u003eRansomware Observations and Highlights\n\u003c/h5\u003e\n\u003cul\u003e\n \u003cli\u003eCrysis\n \u003cli\u003eGoga Locker\n \u003cli\u003e REvil Ransomware\n\u003c/ul\u003e\n\u003ca href=\"#ot-ics\"\u003e\u003ch4\u003eOT/ICS Profiles\n\u003c/h4\u003e\u003c/a\u003e\n\u003ch5\u003eOT Related Threat Insights\n\u003c/h5\u003e\n\u003ch5\u003eVendors Threat Map\n\u003c/h5\u003e\n\u003cul\u003e\n \u003cli\u003eCosmicEnergy Malware\n \u003cli\u003eIgnition Authentication Bypass\n \u003cli\u003eMilesiht Routers Information Disclosure\n\u003c/ul\u003e\n\u003ca href=\"#notable-ttps\"\u003e\u003ch4\u003eMITRE TTPs Profile\n\u003c/h4\u003e\u003c/a\u003e\n\u003ch5\u003ePredominant Tactics and TTPs\n\u003c/h5\u003e\n\u003cbr\u003e\n\u003ca href=\"#challenges\"\u003e\u003ch4\u003eChallenges to the Cyber Landscape in 2024\n\u003c/h4\u003e\u003c/a\u003e\n\u003ca href=\"#about\"\u003e\u003ch4\u003eAbout FortiGuard Labs Outbreak Alerts\n\u003c/h4\u003e\u003c/a\u003e\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"1cf00e98-e7cd-42d0-b8c2-da250e98e61c","custom_javascript":null,"personalization_type":"addition"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","query.utm_content"],"custom_javascript":"document.title = \"Outbreak Alerts Report for GM\";","custom_css":null,"condition":null}]},{"id":"106","name":"Securing Aerospace","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"query.utm_content","value":"securing_aerospace","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"5371114a-8a23-4b0b-b7eb-02f4e67f71f8","state":"promoted","name":"NAMER ABM 2025 Securing Aerospace Manufacturing","description":"NAMER ABM 2025 Securing Aerospace Manufacturing","global":false,"priority":22,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for_you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"3453ad83-e8ab-40a4-921d-571df06fba52","dom_update_group_state":"active","variation_key":"c9a7e6ce-44ab-47af-848e-658e6399c393","variation_name":"Variation 1","dom_updates":[{"selector":"section:nth-of-type(4)","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"068dd154-6189-4920-b8d3-0fa430161d17","custom_javascript":null,"personalization_type":"modification"},{"selector":"section:nth-of-type(5)","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ca5d31a5-94ad-4042-8ce5-db1d7c62244e","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.partners","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c5e25c07-76ba-4c07-b095-15befd28acf4","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.product-video","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e4512be4-c1e5-41d0-833d-cbc82064eff1","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.featured-videos","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c97df5df-61ba-4cbd-a454-211fd6704a61","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.account-team","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"662eff04-550a-4701-8f23-b45ed698a623","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.be-related-link-container","data":{"html_attributes":{},"styles":{"background-color":"#E6E6E6"},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a28fd013-ab6c-4592-b31e-d02c587d3b6a","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.be-ix-link-block","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e974a43d-03d7-42ed-a9be-d060b337604b","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.hero-banner","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e95a70ef-ef3f-4fe4-a30f-b1cd80cc2214","custom_javascript":null,"personalization_type":"modification"},{"selector":"nav#top-nav","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"nav","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4415654e-1d36-4a7c-949a-7ace736cbe7b","custom_javascript":null,"personalization_type":"modification"},{"selector":"footer#footer","data":{"html_attributes":{},"styles":{},"content":"\n \n \u003cdiv class=\"footer-row copyrights\"\u003e\n \u003cdiv class=\"container\"\u003e\n \n\n\n\n\n \n \n \u003cdiv class=\"C804-Footer-Logo\"\u003e\n\n\n\u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"logo-section__official\"\u003e\n \u003cdiv class=\"footer-logo\"\u003e\n \u003ca href=\"https://www.fortinet.com/\" aria-label=\"Fortinet\"\u003e\n \u003cimg class=\"lozad\" src=\"https://www.fortinet.com/content/dam/fortinet/images/general/fortinet-footer-logo.svg\" data-src=\"https://www.fortinet.com/content/dam/fortinet/images/general/fortinet-footer-logo.svg\" alt=\"Fortinet\" width=\"194\" height=\"23\" data-loaded=\"true\"\u003e\n \u003c/a\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"logo-section__partner\"\u003e\n \u003cdiv class=\"partner-logo\"\u003e\n \u003ca href=\"https://www.fortinet.com/romain-attanasio\" target=\"_self\" aria-label=\"Romain Attanasio\"\u003e\n \u003cimg class=\"lozad\" data-src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/roman-attanasio-partnership-logo.jpg\" alt=\"Romain Attanasio\" src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/roman-attanasio-partnership-logo.jpg\" data-loaded=\"true\"\u003e\n \u003c/a\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"partner-logo\"\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2024/juventus-football-club-annouces-fortinet-as-its-official-cybersecurity-partner\" target=\"_self\" aria-label=\"Fortinet Juventus Partnership\"\u003e\n \u003cimg class=\"lozad\" data-src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/logo-ftnt-juventus.png\" alt=\"Fortinet Juventus Partnership\" src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/logo-ftnt-juventus.png\" data-loaded=\"true\"\u003e\n \u003c/a\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"partner-logo\"\u003e\n \u003ca href=\"https://www.fortinet.com/fortinet-cup-americas\" target=\"_self\" aria-label=\"Fortinet Cup - PGA Americas\"\u003e\n \u003cimg class=\"lozad\" data-src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/logo-ftnt-pga-americas.png\" alt=\"Fortinet Cup - PGA Americas\" src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/logo-ftnt-pga-americas.png\" data-loaded=\"true\"\u003e\n \u003c/a\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"partner-logo\"\u003e\n \u003ca href=\"https://www.fortinet.com/dp-world-tour\" target=\"_self\" aria-label=\"Fortinet European Tour Partnership\"\u003e\n \u003cimg class=\"lozad\" data-src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/logo-ftnt-european-tour.png\" alt=\"Fortinet European Tour Partnership\" src=\"https://www.fortinet.comhttps://marvel-b1-cdn.bc0a.com/f00000000310757/peek-achoo.com/content/dam/fortinet/images/footer/logo-ftnt-european-tour.png\" data-loaded=\"true\"\u003e\n \u003c/a\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\n\n \n \n \u003cdiv class=\"C805-Footer-Text\"\u003e\n\u003cdiv class=\"row\"\u003e\n \n \u003cdiv class=\"copyright\"\u003e\n \u003cdiv class=\"col-md-12\"\u003e\n \n \u003cp\u003eCopyright © 2025 Fortinet, Inc. All Rights Reserved.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \n\u003c/div\u003e\n\n\n\u003c/div\u003e\n\n\n \n \n \u003cdiv class=\"footer-links-list\"\u003e\n\n\n\n \n \n \u003cdiv class=\"row\"\u003e\n \u003cdiv class=\"container\"\u003e\n \u003cnav class=\"nav bottom-nav\"\u003e\n \u003cul\u003e\n \u003cli\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/legal\" target=\"_self\"\u003e\n Terms of Service\n \u003c/a\u003e\n \u003c/li\u003e\n \n \n \u003cli\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/privacy\" target=\"_self\"\u003e\n Privacy Policy\n \u003c/a\u003e\n \u003c/li\u003e\n \n \n \u003cli\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/privacy#npr-ca\" target=\"_self\"\u003e\n Notice for California Residents\n \u003c/a\u003e\n \u003c/li\u003e\n \n \n \u003cli\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/privacy/individual-rights\" target=\"_self\"\u003e\n Do Not Sell Or Share My Personal Information\n \u003c/a\u003e\n \u003c/li\u003e\n \n \n \u003cli\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/gdpr\" target=\"_self\"\u003e\n GDPR\n \u003c/a\u003e\n \u003c/li\u003e\n \n \n \u003cli\u003e\n \u003ca href=\"https://www.fortinet.com/corporate/about-us/canadian-accessibility\" target=\"_self\"\u003e\n Canadian Accessibility\n \u003c/a\u003e\n \u003c/li\u003e\n \n \n \n \u003cli\u003e\n \u003ca href=\"#\" onclick=\"Optanon.ToggleInfoDisplay()\"\u003e\n Cookie Settings\n \u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/nav\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n\n\n\u003c/div\u003e\n\n\n\n \u003c/div\u003e\n \u003c/div\u003e\n","custom":false,"tag":"footer","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c971c05a-8228-4b5c-9401-e9da01f7f6f3","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.featured-assets \u003e div.new-container \u003e h2.section-title","data":{"html_attributes":{},"styles":{},"content":"Related Content","custom":false,"tag":"h2","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ed45d616-1e93-4f0a-841e-594dd57104e1","custom_javascript":null,"personalization_type":"modification"},{"selector":"a:nth-of-type(2) \u003e img.card-image","data":{"html_attributes":{"src":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/2025%2520Threat%2520Landscape%2520Report2.jpg","srcset":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/2025%2520Threat%2520Landscape%2520Report2.jpg"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"b5948518-1132-42ee-8f08-cc818b31263f","custom_javascript":null,"personalization_type":"modification"},{"selector":"a:nth-of-type(3) \u003e img.card-image","data":{"html_attributes":{"src":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Unified%2520SASE%2520Success%2520Stories.png","srcset":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Unified%2520SASE%2520Success%2520Stories.png"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"1c8bb95b-0262-40aa-b206-1e4bbbc7fded","custom_javascript":null,"personalization_type":"modification"},{"selector":"div[class*=\"grid\"] \u003e a:nth-of-type(3)","data":{"html_attributes":{"href":"https://www.fortinet.com/content/dam/fortinet/assets/ebook/eb-sase-customer-stories.pdf"},"styles":{},"custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"76a927a1-9187-4520-84f3-2390cd809aed","custom_javascript":null,"personalization_type":"modification"},{"selector":"a.btn-CTA","data":{"html_attributes":{"href":"https://global.fortinet.com/lp-en-cp-security-expert-ws?lsci=701Hr000001lgrwIAA"},"styles":{},"content":"Meet with Fortinet","custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"569ca9d2-1506-4c83-99d8-519bc77e3b50","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div:nth-of-type(1) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c41df84e-229a-4b83-9f74-8a230243f612","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div:nth-of-type(3) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9c3b55af-14dd-4e60-89dc-2b151b13c871","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div:nth-of-type(3) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"3e586755-297e-4ecc-ae49-2391f0d90702","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div:nth-of-type(2) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d3649fcd-84f5-44a7-b932-dfd230477d65","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div:nth-of-type(1) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"04b08d33-2404-43cf-9134-47050f35b922","custom_javascript":null,"personalization_type":"modification"},{"selector":"a:nth-of-type(2) \u003e div.card-body \u003e h3.card-title","data":{"html_attributes":{"style":"margin-top:0px;"},"styles":{},"content":"Global Threat Landscape Report, 2025","custom":false,"tag":"h3","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"5efec4f1-cb0e-42d3-92f0-d55638f3e2a3","custom_javascript":null,"personalization_type":"modification"},{"selector":"a:nth-of-type(3) \u003e div.card-body \u003e p.card-text","data":{"html_attributes":{},"styles":{},"content":"FortiGuard Labs is Fortinet's elite threat intelligence organization, staffed by over 1,000 threat researchers, data analysts, and AI/ML engineers.\n\u003cbr\u003e\u003cbr\u003e\nBrowse the Labs encyclopedia of threat signatures. Click any title to view details. If you don't see what you are looking for, try using the search bar to find specific entries.\n\n","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9bcd9127-f73e-42c6-8a1c-4a3205d9ae1c","custom_javascript":null,"personalization_type":"modification"},{"selector":"a:nth-of-type(3) \u003e div.card-body \u003e h3.card-title","data":{"html_attributes":{},"styles":{},"content":"FortiGuard Labs Encyclopedia Of OT Threat Signatures","custom":false,"tag":"h3","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"2ff3a993-3cd5-4527-898d-b3091bbbf9a6","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.paragraph-and-header","data":{"html_attributes":{},"styles":{},"content":"\u003cstyle\u003e\n /* ---- NOTE ----*/\n /* These variables contain the colors used in this themse. If you want to adjust the colors, change here not in the CSS. */\n\nsection {\n --highlight-color: #ffb900;\n --link-hover-color: #acccf3;\n --link-visited-color: #2666b5;\n --link-active-color: #5999e8 ;\n --dark-background-color: #2d2d2d;\n --second-dark-background-color: #0e2643;\n --FTNT-red: #da201c;\n --text-on-light: #333;\n --text-on-dark: #fff;\n --cta-text: #fff;\n --cta-alt-text: #da291c;\n}\n * {\n margin: 0;\n padding: 0;\n box-sizing: border-box;\n }\n body {\n font-family: 'Inter', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;\n background: #f0f0f0;\n margin: 0;\n padding: 0;\n }\n\n .head-band {\n background: var(--highlight-color);\n height: 100px;\n width: 100%;\n display: flex;\n align-items: center;\n position: relative;\n }\n\n .head-band-content {\n max-width: 1000px;\n margin: 0 auto;\n width: 100%;\n padding: 0 20px;\n display: flex;\n justify-content: flex-start;\n }\n\n .black-rectangle {\n background: var(--dark-background-color);\n color: var(--text-on-dark);\n padding: 15px 25px;\n border-radius: 2px;\n font-size: 1.2rem;\n font-weight: bold;\n display: inline-block;\n margin-left: -25px;\n }\n\n .hero-section {\n background: white;\n padding: 40px 0;\n }\n\n .hero-container {\n max-width: 1000px;\n margin: 0 auto;\n padding: 0 20px;\n display: flex;\n align-items: top;\n gap: 10px;\n }\n\n .hero-text {\n flex: 1;\n }\n\n .hero-text h1 {\n font-size: 2.5rem;\n color: var(--text-on-light);\n margin-bottom: 20px;\n line-height: 1.2;\n }\n\n .hero-text p {\n font-size: 1.1rem;\n color: var(--text-on-light);\n line-height: 1.6;\n margin-bottom: 15px;\n }\n\n .hero-image {\n width: 50%;\n display: flex;\n align-items: center;\n justify-content: center;\n flex-shrink: 0;\n }\n\n .hero-image img {\n max-width: 100%;\n height: auto;\n }\n\n .main-content {\n background: var(--dark-background-color);\n padding: 40px 20px;\n }\n\n .container-new {\n max-width: 1000px;\n margin: 0 auto;\n background: var(--dark-background-color);\n border-radius: 5px;\n padding: 30px 20px;\n box-shadow: 0 20px 40px rgba(0, 0, 0, 0.1);\n }\n\n /* CSS-only tabs using radio buttons */\n .tab-input {\n display: none;\n }\n\n .intro-text {\n font-size: 1.8rem;\n line-height:2.6rem;\n font-weight: bold;\n color: var(--text-on-dark);\n margin-bottom: 52px;\n }\n\n .icon-row {\n display: grid;\n grid-template-columns: repeat(4, 1fr);\n gap: 20px;\n margin-bottom: 30px;\n margin-left: -22px;\n }\n\n .icon-item {\n text-align: center;\n cursor: pointer;\n padding: 20px;\n transition: all 0.3s ease;\n display: flex;\n flex-direction: column;\n align-items: center;\n justify-content: center;\n }\n\n .icon-item:hover {\n transform: translateY(-20px);\n }\n\n .icon {\n margin-bottom: 20px;\n transition: color 0.3s ease;\n width: 50%;\n display: flex;\n align-items: center;\n justify-content: center;\n }\n\n .icon-item:hover .icon {\n color: var(--highlight-color);\n }\n\n .icon-desc {\n font-size: 1.2rem;\n font-weight: 600;\n color: var(--text-on-dark);\n transition: color 0.3s ease;\n text-align: center;\n width: 100%;\n }\n\n .icon-item:hover .icon-desc {\n color: var(--highlight-color);\n }\n\n /* ACTIVE STATE - High specificity with !important */\n #tab-analytics:checked ~ .icon-row label[for=\"tab-analytics\"],\n #tab-users:checked ~ .icon-row label[for=\"tab-users\"], \n #tab-revenue:checked ~ .icon-row label[for=\"tab-revenue\"],\n #tab-settings:checked ~ .icon-row label[for=\"tab-settings\"] {\n background: var(--dark-background-color) !important;\n color: var(--text-on-dark) !important;\n transform: translateY(-3px) !important;\n border-color: #fff !important;\n }\n\n #tab-analytics:checked ~ .icon-row label[for=\"tab-analytics\"] .icon-desc,\n #tab-users:checked ~ .icon-row label[for=\"tab-users\"] .icon-desc,\n #tab-revenue:checked ~ .icon-row label[for=\"tab-revenue\"] .icon-desc, \n #tab-settings:checked ~ .icon-row label[for=\"tab-settings\"] .icon-desc {\n color: var(--highlight-color) !important;\n }\n\n .content-panel {\n background: var(--dark-background-color);\n border-radius: 0px;\n padding: 30px;\n min-height: 250px;\n position: relative;\n overflow: hidden;\n }\n\n .panel-content {\n display: none;\n animation: fadeIn 0.5s ease-in-out;\n }\n\n /* Show panel when corresponding radio button is checked */\n #tab-analytics:checked ~ .content-panel #analytics,\n #tab-users:checked ~ .content-panel #users,\n #tab-revenue:checked ~ .content-panel #revenue,\n #tab-settings:checked ~ .content-panel #settings {\n display: block;\n }\n\n @keyframes fadeIn {\n from { opacity: 0; transform: translateY(20px); }\n to { opacity: 1; transform: translateY(0); }\n }\n\n .panel-title {\n font-size: 1.8rem;\n font-weight: bold;\n color: var(--text-on-dark);\n margin-bottom: 15px;\n border-bottom: 1px solid #fff;\n padding-bottom: 10px;\n }\n\n .panel-text p {\n font-size: 1rem;\n line-height: 1.4rem;\n color: var(--text-on-dark);\n margin-bottom: 20px;\n }\n\n .panel-text h2 {\n color: var(--highlight-color);\n margin: 20px 0 10px 0;\n font-size: 1.4rem;\n }\n\n .panel-text h3 {\n color: var(--highlight-color);\n margin: 15px 0 10px 0;\n font-size: 1.1rem;\n }\n\n .panel-text ul {\n margin: 10px 0;\n padding-left: 30px;\n color:var(--text-on-dark);\n }\n\n .panel-text li {\n margin-bottom: 8px;\n }\n/* Base link style */\n.panel-text a {\n color: var(--link-active-color) !important; \n text-decoration: underline !important;\n text-decoration-color: var(--link-active-color) !important; \n transition: color 0.2s, text-decoration-color 0.2s; \n}\n\n/* Hover state */\n.panel-text a:hover {\n color: var(--link-hover-color) !important; \n text-decoration-color: var(--link-hover-color) !important;\n}\n\n/* Visited links */\n.panel-text a:visited {\n color: var(--link-visited-color) !important;\n text-decoration-color: var(--link-visited-color) !important; \n}\n\n/* Active (clicked) state */\n.panel-text a:active {\n color: var(--link-active-color) !important;\n text-decoration-color: var(--link-active-color) !important; \n}\n\n .conclusion-section {\n background: white;\n padding: 40px 0;\n }\n\n .conclusion-container {\n max-width: 1000px;\n margin: 0 auto;\n padding: 0 20px;\n }\n\n .conclusion-container h1 {\n font-size: 2.5rem;\n color: var(--text-on-light);\n margin-bottom: 20px;\n line-height: 1.2;\n }\n\n .conclusion-container p {\n font-size: 1.1rem;\n color: var(--text-on-light);\n line-height: 1.6;\n margin-bottom: 15px;\n }\n\n .cta {\n cursor: pointer;\n font-size: 1.2rem;\n border-radius: 5px; \n color: var(--cta-text);\n text-align:center; \n margin:20px auto 0px auto; \n padding: 10px;\n width:60%;\n background-color: var(--FTNT-red);\n transition: all 0.3s ease;\n }\n .cta:hover {\n transform: translateY(-5px);\n box-shadow: 0 5px 25px rgba(0, 0, 0, 0.15);\n border-color: #fff;\n color: var(--cta-alt-text);\n background-color: var(--highlight-color);\n }\n\n\n /* Mobile Responsive Design */\n @media (max-width: 768px) {\n .orange-band-content {\n padding: 0 15px;\n }\n \n .black-rectangle {\n font-size: 1rem;\n padding: 12px 20px;\n }\n \n .hero-container {\n flex-direction: column;\n gap: 20px;\n text-align: center;\n }\n \n .hero-text h1 {\n font-size: 2rem;\n }\n \n .hero-image {\n width: 100%;\n }\n \n .main-content {\n padding: 20px 15px;\n }\n \n .container-new {\n padding: 20px;\n }\n \n .icon-row {\n grid-template-columns: 1fr;\n gap: 15px;\n margin-bottom: 20px;\n }\n \n .icon-item {\n display: flex;\n align-items: center;\n text-align: left;\n padding: 15px;\n }\n \n .icon {\n margin-right: 15px;\n margin-bottom: 0;\n min-width: 50px;\n }\n \n .icon-desc {\n font-size: 1rem;\n }\n \n .content-panel {\n padding: 20px;\n min-height: 200px;\n }\n \n .panel-title {\n font-size: 1.5rem;\n }\n }\n \n @media (max-width: 480px) {\n .black-rectangle {\n font-size: 0.9rem;\n padding: 10px 15px;\n }\n \n .hero-text h1 {\n font-size: 1.8rem;\n }\n \n .hero-text p {\n font-size: 1rem;\n }\n \n .container-new {\n padding: 15px;\n margin: 10px;\n }\n \n .icon-row {\n grid-template-columns: 1fr 1fr;\n gap: 10px;\n margin-left: 0;\n }\n \n .icon-item {\n display: flex;\n flex-direction: column;\n align-items: center;\n text-align: center;\n padding: 10px 5px;\n }\n \n .icon {\n margin-right: 0;\n margin-bottom: 8px;\n min-width: auto;\n width: 40px;\n height: 40px;\n }\n \n .icon-desc {\n font-size: 0.85rem;\n line-height: 1.2;\n }\n \n .panel-title {\n font-size: 1.3rem;\n }\n \n .panel-text {\n font-size: 0.9rem;\n }\n }\n \u003c/style\u003e\n\n \u003cdiv class=\"head-band\"\u003e\n \u003cdiv class=\"head-band-content\"\u003e\n \u003cdiv class=\"black-rectangle\"\u003e\n WHITE PAPER: Protecting IT and OT Resources Against Advanced Cyber Threats\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"hero-section\"\u003e\n \u003cdiv class=\"hero-container\"\u003e\n \u003cdiv class=\"hero-text\"\u003e\n \u003ch1\u003eSecuring Aerospace Manufacturing\u003c/h1\u003e\n \u003cp\u003eAerospace industrial control sytems and operational technology (ICS/OT) that once operated in isolation is increasingly integrated with enterprise IT networks. The connectivity is helping improve operational efficiency but it's also increasing exposure to cyber threats.\u003c/p\u003e\n \u003cp\u003eFortinet is a leader in OT cybersecurity and has protected OT environments since 2005. We help manufacturers safeguard operations, from the back office to the shop floor.\u003c/p\u003e\n \n \u003ca href=\"https://cdn.pathfactory.com/assets/11071/contents/991716/a5145bdb-14f5-479e-917f-919e635e032d.pdf\" target=\"_blank\"\u003e \u003cdiv class=\"cta\"\u003e\n Download the white paper\n \u003c/div\u003e \u003c/a\u003e\n \u003c/div\u003e\n \u003cdiv class=\"hero-image\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/GettyImages-1222636238-sq-1000x1000.jpg\"\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \u003cdiv class=\"main-content\"\u003e\n \u003cdiv class=\"container-new\"\u003e\n \u003c!-- Hidden radio buttons for CSS-only tabs --\u003e\n \u003cinput type=\"radio\" id=\"tab-analytics\" name=\"tabs\" class=\"tab-input\" checked\u003e\n \u003cinput type=\"radio\" id=\"tab-users\" name=\"tabs\" class=\"tab-input\"\u003e\n \u003cinput type=\"radio\" id=\"tab-revenue\" name=\"tabs\" class=\"tab-input\"\u003e\n \u003cinput type=\"radio\" id=\"tab-settings\" name=\"tabs\" class=\"tab-input\"\u003e\n\n \u003cdiv class=\"intro-text\"\u003e\n \u003ca href=\"https://www.fortinet.com/blog/business-and-technology/westlands-advisory-names-fortinet-ot-security-leader-for-third-straight-year\" target=\"_blank\" style=\"color:white;\"\u003eFortinet is recognized as the Leader in OT security in the latest Westlands Advisory Network Protection Platforms Navigator\u0026trade;\u003c/a\u003e\n \u003c/div\u003e\n\n \u003cdiv class=\"icon-row\"\u003e\n \u003clabel for=\"tab-analytics\" class=\"icon-item\"\u003e\n \u003cdiv class=\"icon\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/attack-surface.png\"\u003e\n \u003c/div\u003e\n \u003cdiv class=\"icon-desc\"\u003eAn Expanding Attack Surface\u003c/div\u003e\n \u003c/label\u003e\n \u003clabel for=\"tab-users\" class=\"icon-item\"\u003e\n \u003cdiv class=\"icon\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/aerospace-bugs.png\"\u003e\n \u003c/div\u003e\n \u003cdiv class=\"icon-desc\"\u003eAerospace Cybersecurity\u003c/div\u003e\n \u003c/label\u003e\n \u003clabel for=\"tab-revenue\" class=\"icon-item\"\u003e\n \u003cdiv class=\"icon\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/segmentation.png\"\u003e\n \u003c/div\u003e\n \u003cdiv class=\"icon-desc\"\u003eCybersecurity and the Purdue Model\u003c/div\u003e\n \u003c/label\u003e\n \u003clabel for=\"tab-settings\" class=\"icon-item\"\u003e\n \u003cdiv class=\"icon\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/fortinet-logomark.png\"\u003e\n \u003c/div\u003e\n \u003cdiv class=\"icon-desc\"\u003eThe Fortinet Approach\u003c/div\u003e\n \u003c/label\u003e\n \u003c/div\u003e\n\n \u003cdiv class=\"content-panel\"\u003e\n \u003cdiv class=\"panel-content\" id=\"analytics\"\u003e\n \u003cdiv class=\"panel-title\"\u003eThe Evolving Aerospace Manufacturing Security Landscape\u003c/div\u003e\n \u003cdiv class=\"panel-text\"\u003e\n \u003cp\u003eAerospace manufacturing has entered the Industry 4.0 era, characterized by connectivity, advanced analytics, automation, and smart manufacturing technology. Factory equipment previously operated in isolation is now connected to enterprise networks, cloud services, and the industrial Internet of Things (IIoT). The benefits of transformation include improved operational efficiency, data-driven decision-making, supply chain visibility, predictive maintenance, and better quality control.\n\u003c/p\u003e\n\u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/2024%2520State%2520of%2520OT%2520images-01-white.png\"\u003e\n \u003cp\u003eHowever, this integration has eliminated the traditional air gap that once protected OT systems. Fortinet’s \u003ca href=\"https://www.fortinet.com/content/dam/fortinet/assets/reports/report-state-ot-cybersecurity.pdf\" target=\"_blank\"\u003e2024 State of Operational Technology and Cybersecurity Report \u003c/a\u003efound 49% of organizations reported both IT and OT systems were impacted by cyber attacks, an increase from 32% in 2023. The growing convergence of IT and OT creates new vulnerabilities and attack vectors that must be secured.\u003c/p\u003e\n \u003ch2\u003eGrowing Threat Sophistication\u003c/h2\u003e\n \u003cp\u003eAerospace manufacturers face sophisticated threats from multiple vectors. Nation-state actors are targeting intellectual property and sensitive defense technology, while ransomware groups seek financial gain by disrupting operations. Industrial espionage from competitors seeking manufacturing secrets poses an ongoing risk, and supply chain compromises that use third-party access as attack vectors are increasingly common. Insider threats from accidental or malicious actions by employees or contractors remain a persistent concern.\u003c/p\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/2024%2520State%2520of%2520OT%2520images-02-white.png\"\u003e\n \u003cp\u003e\nThe 2024 State of Operational Technology and Cybersecurity Report found that 55% of respondents experienced operational outages affecting productivity, up from 46% in 2023. More concerning: nearly half of survey recipients reported that outages put physical safety at risk. These statistics underscore the growing impact of cybersecurity incidents on aerospace manufacturing operations.\n\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \u003cdiv class=\"panel-content\" id=\"users\"\u003e\n \u003cdiv class=\"panel-title\"\u003eAerospace Cybersecurity Challenges\u003c/div\u003e\n \u003cdiv class=\"panel-text\"\u003e\n \u003ch3\u003eSafety and National Security Implications\u003c/h3\u003e\n\u003cp\u003eSafety is a key concern in aerospace manufacturing facilities, where machinery can cause physical injury or death if compromised. A cyber-physical attack can create safety risks within the plant and potentially affect the safety of aircraft components and systems after they leave production facilities. Many aerospace manufacturers also produce defense equipment, making them targets for nation-state actors seeking to compromise national security.\n\u003c/p\u003e\n\u003cp\u003eResponsibility for IT, OT, and physical security has traditionally fallen to different departments within an organization. This has led to security siloes that fail to address the interconnected risks. When adversaries can coordinate cyber and physical attacks, it is essential to bring all security elements together to enable centralized visibility across the environment. An integrated approach can provide the comprehensive protection needed to address sophisticated, multifaceted threats.\n\u003c/p\u003e\n\u003ch3\u003eProduction Continuity and Supply Chain Resilience\u003c/h3\u003e\n\u003cp\u003eAircraft engines and components require precisely controlled manufacturing processes. Cyber attacks can disrupt these processes, halting production lines, weakening quality control systems, impacting delivery schedules, and compromising supply chains, with the potential for cascading effects throughout the aerospace industry.\n\u003c/p\u003e\n\u003cp\u003eThe unique characteristics of aerospace manufacturing complicate security efforts. Large components like aircraft engines can move through multiple facilities during production. Testing equipment may also move between locations. As components and equipment connect to different network segments, maintaining consistent security becomes challenging. This dynamic environment requires security solutions that can adapt to changing conditions while maintaining robust protection.\u003c/p\u003e\n \u003ch3\u003eIntellectual Property Protection\u003c/h3\u003e\n\u003cp\u003eThe aerospace industry invests billions of dollars in research and development, providing individual manufacturers with proprietary technologies, materials, and manufacturing processes. This valuable intellectual property is a prime target for cyber espionage. Once stolen, manufacturing processes and designs can be replicated, undermining competitive advantage and potentially compromising regulated technologies.\u003c/p\u003e\n\u003cp\u003eProtecting intellectual property requires a multi-layered approach that includes network segmentation, access controls, encryption, and continuous monitoring for unauthorized data access or exfiltration. It is essential that manufacturers provide cyber protection for their valuable IP while maintaining operational efficiency and enabling legitimate information sharing with partners and suppliers.\u003c/p\u003e\n\u003ch3\u003eRegulatory Compliance\u003c/h3\u003e\n\u003cp\u003eAerospace manufacturers must comply with numerous regulations regarding both product safety and cybersecurity. These include the Cybersecurity Maturity Model Certification (CMMC) for defense contractors, NIST 800-171 for controlled unclassified information, and the Network and Information Security Directive 2 (NIS2) in the European Union. Various export control regulations for sensitive technologies and industry-specific quality and safety standards add further complexity.\nRegulators often require detailed documentation and reporting, which becomes increasingly complex in environments with fragmented security. An integrated security architecture can simplify compliance by providing comprehensive visibility and centralized reporting capabilities.\n\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \u003cdiv class=\"panel-content\" id=\"revenue\"\u003e\n \u003cdiv class=\"panel-title\"\u003eMapping Fortinet Cybersecurity to the Purdue Model\u003c/div\u003e\n \u003cdiv class=\"panel-text\"\u003e\n \u003cimg src=\"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/full-purdue-model-architecture-06092025-compressed.jpg\"\u003e\n \u003cp\u003eFor more information visit the Fortinet.com \u003ca href=\"hhttps://www.fortinet.com/solutions/enterprise-midsize-business/safeguarding-ot\" target=\"_blank\"\u003eOT solutions\u003c/a\u003e.\n \u003c/div\u003e\n \u003c/div\u003e\n\n \u003cdiv class=\"panel-content\" id=\"settings\"\u003e\n \u003cdiv class=\"panel-title\"\u003eThe Fortinet Approach to Aerospace Manufacturing Security\u003c/div\u003e\n \u003cdiv class=\"panel-text\"\u003e\n \u003ch3\u003eUnified IT/OT Security Architecture\u003c/h3\u003e\n\u003cp\u003eThe Fortinet Security Fabric provides a comprehensive security architecture that integrates protection across IT, OT, and physical security environments. This approach eliminates security gaps between traditionally siloed domains and provides single-pane-of-glass management across the security infrastructure. The Security Fabric ensures consistent policy enforcement between diverse environments, provides end-to-end visibility into the entire attack surface, and coordinates threat detection and response between IT and OT.\u003c/p\u003e\n\u003cp\u003eThe Fortinet Security Fabric is built on FortiOS, Fortinet’s purpose-built operating system that powers Next-Generation Firewalls (NGFW), Software-Defined Wide-Area-Networks (SD-WAN), Secure Access Service Edge (SASE), and more. FortiOS provides an integrated approach that simplifies security management and provides comprehensive network visibility and control. By unifying security functions on a common platform, aerospace manufacturers can reduce complexity while improving security effectiveness.\u003c/p\u003e\n\u003ch3\u003eSecuring Air-Gapped Systems\u003c/h3\u003e\n\u003cp\u003eDespite the trend toward connectivity, some aerospace manufacturing systems remain air-gapped due to their critical nature or security requirements. However, even air-gapped systems require protection from threats that can circumvent the physical separation, such as infected software updates, removable media, contractor laptops and equipment, and supply chain compromises.\u003c/p\u003e\n\u003cp\u003eThe Fortinet Security Fabric provides robust protection for air-gapped systems through industrial-grade firewalls with comprehensive threat protection. FortiManager, a centralized security management solution, enables consistent security policies between devices, while FortiAnalyzer provides advanced analytics and reporting visibility into security events. Fortinet’s security information and event management solution, FortiSIEM offers integrated event monitoring, identifying potential threats before they impact critical systems.\n\u003c/p\u003e\n\u003ch3\u003eProtecting Connected Manufacturing Systems\u003c/h3\u003e\n\u003cp\u003eAs IT and OT environments converge, protecting these connected environments requires comprehensive security controls and specialist knowledge of OT systems. The Fortinet Security Fabric enables intelligent network segmentation to isolate critical manufacturing zones and zero-trust access controls for users and devices. \u003c/p\u003e\n\u003cp\u003eFortinet partners with OT system vendors to provide deep Security Fabric integration and advanced, AI-powered threat protection. Analysts at FortiGuard Labs, Fortinet’s world-class threat intelligence organization, process telemetry from billions of security events daily, automatically delivering threat protection to subscribed devices. Support for OT-specific protocols enables continuous protection for industrial control systems ensures manufacturers are always secured.\u003c/p\u003e\n\u003cp\u003eThis integrated approach ensures that connected manufacturing systems remain protected against evolving threats while enabling the operational benefits of IT/OT convergence. The Security Fabric adapts to the unique requirements of aerospace manufacturing environments while providing enterprise-grade security protection.\u003c/p\u003e\n\u003ch3\u003eRugged Hardware for Harsh Environments\u003c/h3\u003e\n\u003cp\u003eThe shop floor presents a challenging environment for digital equipment, with dust, vibration, heat, and other environmental factors causing havoc for conventional IT devices. Fortinet provides industrially hardened solutions designed specifically for these conditions. Ruggedized Next-Generation Firewalls can withstand extreme temperatures, while industrial-grade switches resist vibration and dust. Hardened wireless access points for factory environments and ruggedized 5G/LTE gateways for mobile connectivity complete the portfolio.\u003c/p\u003e\n\u003cp\u003eThese devices operate in temperatures from -40°C to 75°C, withstand humidity from 5% to 95%, and function at intermediate altitudes. They provide reliable protection even in the harshest manufacturing conditions. By deploying purpose-built hardware, aerospace manufacturers can ensure consistent security protection throughout their facilities without compromising operational reliability.\u003c/p\u003e\n\u003ch3\u003eSupply Chain Security\u003c/h3\u003e\n\u003cp\u003eThe aerospace industry relies on extensive networks of suppliers and partners, each representing a potential security risk. The Fortinet Security Fabric helps secure these complex relationships through secure remote access management for third-party vendors and comprehensive authentication and access control. \u003c/p\u003e\n\u003cp\u003eContinuously monitoring third-party network activities can help identify supply chain security issues, while deception technology can detect and flag lateral movement within the network. Behavioral analytics can also be used to identify suspicious activities that might indicate a compromised partner account.\u003c/p\u003e\n\u003cp\u003eSecuring the supply chain ensures aerospace manufacturers maintain productive relationships with suppliers and partners while minimizing security risks. The Security Fabric provides the visibility and control needed to manage third-party access effectively without creating unnecessary obstacles to collaboration.\u003c/p\u003e\n\u003ch3\u003eAI-Powered Threat Intelligence\u003c/h3\u003e\n\u003cp\u003eFortiGuard Labs OT-specific threat intelligence is powered by advanced AI to protect manufacturing environments. This includes real-time threat detection for known and unknown threats and automated response capabilities to contain threats quickly. OT-specific vulnerability research for industrial systems helps identify potential security gaps before they can be exploited. Sector-specific threat intelligence for aerospace manufacturing ensures that protection is aligned with industry-specific threats, while continuous security updates are delivered without disrupting operations.\u003c/p\u003e\n\u003cp\u003eIntegrated threat intelligence enables manufacturers to stay ahead of evolving threats while maintaining operational continuity. By leveraging AI and machine learning, FortiGuard Labs can identify emerging threats more quickly and accurately than traditional approaches, providing better protection for critical manufacturing systems.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \u003cdiv class=\"conclusion-section\"\u003e\n \u003cdiv class=\"conclusion-container\"\u003e\n \u003ch1\u003eConclusion\u003c/h1\u003e\n \u003cp\u003eDigital transformation and the convergence of IT and OT environments creates new security challenges for aerospace manufacturers. The elimination of traditional air gaps, increasing connectivity, and growing sophistication of threats require a comprehensive approach to cybersecurity.\u003c/p\u003e\n \u003cp\u003eThe Fortinet OT Security Platform provides an integrated security architecture that protects the entire attack surface. By unifying protection across IT and OT, Fortinet helps manufacturers maintain operational continuity, protect intellectual property, ensure regulatory compliance, and—most importantly—safeguard human lives.\u003c/p\u003e\n \u003cp\u003eFortinet's industrial-grade hardware, OT-specific threat intelligence, and unified management platform enable aerospace manufacturers to embrace digital innovation while maintaining robust security. The result is a resilient security posture that protects critical manufacturing operations from increasingly sophisticated threats while supporting business continuity and growth.\u003c/p\u003e\n \u003ca href=\"https://cdn.pathfactory.com/assets/11071/contents/991716/a5145bdb-14f5-479e-917f-919e635e032d.pdf\" target=\"_blank\"\u003e\u003cdiv class=\"cta\" style=\"width:300px;\"\u003e\n Download the report\n \u003c/div\u003e \u003c/a\u003e\n \u003c/div\u003e\n \u003c/div\u003e","custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"123d51dd-de37-427f-9ab6-09eb4c74d625","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","query.utm_content"],"custom_javascript":"\n","custom_css":null,"condition":null}]},{"id":"93","name":"NAMER ABM EWF-IG ExitSurvey","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"query.utm_content","value":"EWF-IG","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"bc31ca82-4b0f-4070-8a7a-ec1ab8571069","state":"promoted","name":"NAMER ABM EWF-IG ExitSurvey","description":"NAMER ABM EWF-IG ExitSurvey","global":false,"priority":3,"experience_type":"questionnaire","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for_you","url_query_params":{"utm_content":"EWF-IG"},"url_condition":null,"hold_out":1.0,"async":true,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"52899232-cd3e-4d2c-9944-fb9f8f6a21db","dom_update_group_state":"active","variation_key":"792161d1-f36a-4590-b557-f95b4de12d5f","variation_name":"Variation 1","dom_updates":[],"questionnaire":{"id":"509b4eec-6147-44dc-bcb7-38f68b4c5077","config":{"primaryColor":"#2196f3"},"component_config":{"colors":{"primary":"#DA291C"},"disable_mutiny_branding":true,"inherit_fonts":false,"success_button_theme":null,"layout":{"image_type":"none"},"trigger":"mouseout"},"key":"6688366d-c95f-48ba-913a-2025ca555cb3","questionnaire_type":"exit_intent_modal","hold_out":1.0,"url_host":"www.fortinet.com","url_path":"/for_you","url_condition":null,"condition":null,"questions":[{"title":"Want more insights and resources like this?","snippet":"Add your name and email below","key":"hey_mike_want_to_grow_your_blog_traffic_by_200","question_type":"form","question_options":[{"token":"9b363645-8650-48de-b1ec-e8f01cef8c29","title":"Your full name","value":"your_name","option_type":"input","input_type":"text","link":null,"success_headline":null,"success_snippet":null,"success_cta":null,"success_cta_link":null},{"token":"3b02461d-1e46-4a76-b3e3-a43a8050ff43","title":"Your email","value":"your_email","option_type":"input","input_type":"email","link":null,"success_headline":null,"success_snippet":null,"success_cta":null,"success_cta_link":null}],"cta":"Sign me up!","cta_link":null,"fallback_success_headline":"You're subscribed!","fallback_success_snippet":"Welcome to the community! We'll email you when new guides and content are available!","fallback_success_cta":"Thank you, you can close this window now","fallback_success_cta_link":"https://fortinet.com/for_you?utm_content=EWF-IG"}],"resource_type":"Questionnaire","resource_id":"509b4eec-6147-44dc-bcb7-38f68b4c5077","priority":3,"version":2},"component_stylesheet_id":"6eb14cac-db8c-465e-8a7a-32248a9e1ebc","data_dependencies":["user.random","query.utm_content"],"custom_javascript":"const style = document.createElement('style');\nstyle.textContent = `\n .imageContainer-0-0-9 {\n width: 80% !important;\n margin: 20px auto 0px;\n }\n \n`;\ndocument.head.appendChild(style);","custom_css":null,"condition":null}]},{"id":"96","name":"NAMER ABM EWF The Connection Code Exit Survey 1","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"query.utm_content","value":"TheConnectionCode","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"0c687060-091d-454f-9723-bc8fb1e2be7b","state":"promoted","name":"NAMER ABM EWF The Connection Code Exit Survey 1","description":"NAMER ABM EWF The Connection Code Exit Survey 1","global":false,"priority":4,"experience_type":"questionnaire","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for_you","url_query_params":{"utm_content":"TheConnectionCode"},"url_condition":null,"hold_out":1.0,"async":true,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"99e512df-1d2d-4366-b47d-55a9d558c7dc","dom_update_group_state":"active","variation_key":"cda8e023-00ee-4aa4-a588-2e0d11f67d4f","variation_name":"Variation 1","dom_updates":[],"questionnaire":{"id":"582b2cce-b562-481d-8910-1f8fb6e7283f","config":{"primaryColor":"#2196f3"},"component_config":{"colors":{"primary":"#DA271C"},"disable_mutiny_branding":true,"inherit_fonts":false,"success_button_theme":null,"layout":{"image_type":"none"},"trigger":"mouseout"},"key":"196d4378-2ec3-4b8d-91d5-cc602475a7da","questionnaire_type":"exit_intent_modal","hold_out":1.0,"url_host":"www.fortinet.com","url_path":"/for_you","url_condition":null,"condition":null,"questions":[{"title":"Hey! Want to stay informed?","snippet":"Add your name and email\u003cBR\u003eand stay connected to other women leaders.","key":"hey_mike_want_to_grow_your_blog_traffic_by_200","question_type":"form","question_options":[{"token":"8c71182b-e14d-4513-af60-c1429cd3d4f9","title":"Your full name","value":"your_name","option_type":"input","input_type":"text","link":null,"success_headline":null,"success_snippet":null,"success_cta":null,"success_cta_link":null},{"token":"57af0c8d-1036-4ae8-ab5e-b764c069b85a","title":"Your email","value":"your_email","option_type":"input","input_type":"email","link":null,"success_headline":null,"success_snippet":null,"success_cta":null,"success_cta_link":null}],"cta":"Keep me informed!","cta_link":null,"fallback_success_headline":"You're subscribed!","fallback_success_snippet":"Welcome to the club. From now on you'll have direct access to case studies, surveys, and announcements.","fallback_success_cta":"Thanks, you can close this window now","fallback_success_cta_link":"https://fortinet.com/for_you?utm_content=TheConnectionCode"}],"resource_type":"Questionnaire","resource_id":"582b2cce-b562-481d-8910-1f8fb6e7283f","priority":4,"version":2},"component_stylesheet_id":"6eb14cac-db8c-465e-8a7a-32248a9e1ebc","data_dependencies":["user.random","query.utm_content"],"custom_javascript":null,"custom_css":null,"condition":null}]},{"id":"94","name":"NAMER ABM EWF The Connection Code 1","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"query.utm_content","value":"TheConnectionCode","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"0b9f66ad-22fc-4e9b-85e4-b4debf15faa8","state":"promoted","name":"NAMER ABM EWF The Connection Code 1","description":"NAMER ABM EWF The Connection Code 1","global":false,"priority":6,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for_you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"9cf3edc3-71ab-46ee-b39b-9676b4d00da5","dom_update_group_state":"active","variation_key":"cc6f6afb-f78b-4e87-af76-25a4b44246a1","variation_name":"Variation 1","dom_updates":[{"selector":"section.partners","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4555d5b8-26c8-4dd1-9dbd-bf4c3eb3ebfd","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.featured-assets","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"cf51628f-e86a-4bf9-9340-c9bba1a9b293","custom_javascript":null,"personalization_type":"modification"},{"selector":"section:nth-of-type(5)","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ed580af5-a3d2-4abd-8293-425f2e695799","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.featured-videos","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ac45b796-bf93-4048-9035-922f37f05c3e","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.account-team","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4b654c1e-3e92-4013-aa31-915734b226c2","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.paragraph-and-header","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div[class*=\"Snippet\"] \u003e div:nth-of-type(1)","index":11,"deconflictor":null},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"0e3e45e2-cda6-49b9-816f-4bcd354da62d","custom_javascript":null,"personalization_type":"modification"},{"selector":"section:nth-of-type(4) \u003e div.new-container \u003e h2.section-title","data":{"html_attributes":{},"styles":{},"content":"Exclusive Webinar Content","custom":false,"tag":"h2","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"0815b109-fea9-425d-869c-7af3d6b2c5b7","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div.image-block \u003e img","data":{"html_attributes":{"src":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/social-round-table-intentional-networking-1200x1200-022625-0113pm.jpg","style":"max-height: 500px; ","srcset":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/social-round-table-intentional-networking-1200x1200-022625-0113pm.jpg"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4e08a350-7f8c-4133-bbde-ec9917a2275b","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.paragraph-and-header \u003e div.new-container \u003e h2.section-title","data":{"html_attributes":{},"styles":{},"content":"Additional Resources Coming Soon","custom":false,"tag":"h2","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"54e9caa6-6432-466b-83e9-2229acbc0f7c","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.overview-content-block \u003e p","data":{"html_attributes":{},"styles":{"font-size":"18px","text-align":"center"},"content":"Unlock exclusive content, networking resources, and invitations to networking events designed specifically for women breaking barriers in technology. Sign up as you exit the page to receive the additional resources!","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"3725956e-ca0d-4c17-8817-89e161e1b511","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div.content-block \u003e a","data":{"html_attributes":{"href":"https://fortinet.wistia.com/medias/s1m2slfwqh"},"styles":{},"content":"Watch the replay!","custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"63dd3c35-9f6f-459f-b625-e45f5ed398fd","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.product-video","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d6d349ad-873d-4913-8731-3f358d97aec9","custom_javascript":null,"personalization_type":"modification"},{"selector":"h1.hero-title","data":{"html_attributes":{},"styles":{"font-size":"38px"},"content":"Building an inclusive cyber community","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4ad809b8-cd1c-4dfc-8080-b5bfc812fe9b","custom_javascript":null,"personalization_type":"modification"},{"selector":"p.hero-text","data":{"html_attributes":{},"styles":{"font-size":"14px"},"content":"In cybersecurity, diverse perspectives aren't just valuable—they're vital for our digital future. We're creating pathways for women to lead, innovate, and reshape the security landscape while building a stronger, more resilient industry. \u003cbr\u003e \u003cbr\u003eView the infographic 'The Connection Code: Key Insights' for webinar survey results, quotes, and key takeaways.","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"b6b0222e-4a00-454d-ba6e-8e3677270f53","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.platform-features","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"49c2d550-c7f4-4a72-ac1a-7e8598cfff44","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div.content-block \u003e p","data":{"html_attributes":{},"styles":{"font-size":"18px"},"content":"Our distinguished panel will unpack why women's networking approaches differ fundamentally from men's, and why an \"inner\r\ncircle\" of strong female connections may matter more than network size. Discover how diverse networks become catalysts\r\nfor solving business challenges, with over 70% of women leaders using their connections to save money, find\r\nefficiencies, and win new business. This session offers actionable insights for both individual advancement and creating\r\nsystems that help women succeed through purposeful relationship-building.\r\n\r\n\u003cbr\u003e\u003c/br\u003eBONUS: Gain insights from our initial poll and post-event survey results below!","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"51e887e4-f9fd-4bbd-805e-601427cb6881","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.standalone-CTA \u003e div.new-container","data":{"html_attributes":{},"styles":{},"content":"\r\n\u003c!-- Section 7: Standalone CTA --\u003e\r\n\t\t\u003ca href=\"https://www.fortinet.com/for_you?utm_content=EWF-IG\" target=\"_blank\" class=\"btn-CTA\"\u003e\u003e\u003e Read The Connection Code Poll and Survey Insights here! \u003c\u003c\u003c/a\u003e\r\n\t","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"5eee158f-7657-4186-b2be-03151983dfc3","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.hero-content","data":{"html_attributes":{"style":""},"styles":{},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"08ee3780-a119-4098-9e66-f77954f6dcc9","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.hero-banner","data":{"html_attributes":{"style":""},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"8bd4727d-859f-48c8-9a12-ffe5a6c562a7","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div.content-block \u003e h3","data":{"html_attributes":{},"styles":{"font-size":"24px"},"content":"The Connection Code: How Women Leaders Build Networks That Actually Work","custom":false,"tag":"h3","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"8cdcf262-67ac-46a9-a0f8-a0b8be1bc774","custom_javascript":null,"personalization_type":"modification"},{"selector":"footer#footer","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"footer","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"766e1239-65b0-450c-8f9b-092018fcaa2b","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div.image-block \u003e img","data":{"html_attributes":{"src":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Screenshot%25202025-04-08%2520090531.png","style":"max-height: 500px; ","srcset":"https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/Screenshot%25202025-04-08%2520090531.png"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"dcee2bcb-b8bc-4b53-9540-e5aeaeb2c654","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.standalone-CTA","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"421a9480-9d1c-41db-8e70-c6ad3b92c90e","custom_javascript":null,"personalization_type":"modification"},{"selector":"ul.be-list","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"ul","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"93dc6b47-34fb-4efc-a51b-b389449d846a","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.be-label","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ce2492d2-8d41-47eb-9415-2342fe1beb60","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div.image-block","data":{"html_attributes":{"style":"border: 0.25px solid lightgray;"},"styles":{},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"a2021876-cb49-4493-ab37-20fcddb444db","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div.content-block \u003e h3","data":{"html_attributes":{},"styles":{"text-align":"center"},"content":"Take a Look at Key Insights from The Connection Code","custom":false,"tag":"h3","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"eec879cc-a972-4643-a240-8c9631b920df","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div.content-block \u003e p","data":{"html_attributes":{},"styles":{},"content":"The infographic includes survey results and statistics from The Connection Code webinar, testimonials from attendees, and insightful quotes from our panelists, like this:","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"05749566-d76b-4985-a409-2866310d96e8","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div.content-block \u003e p","data":{"html_attributes":{"style":"padding: 5px 10px;"},"styles":{"color":"#2C1D7C","font-weight":"bold","margin-left":"25px","margin-right":"25px","margin-bottom":"25px","background-color":"#FCEFEF"},"position":{"parent_selector":"div:nth-of-type(2) \u003e div.content-block","manual_insert_before_selector":null,"index":2,"deconflictor":null},"content":"\"Make connections before you need connections. It's hard to feel authentic when you're only reaching out when you need\nsomething.\"\n\u003cbr\u003e\u003cbr\u003e\n— Alexias Anderson, Cybersecurity Leader","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"2b76b84e-9cb3-4667-b3d2-c94829685cf9","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(2) \u003e div.content-block \u003e a","data":{"html_attributes":{"href":"https://www.fortinet.com/for_you?utm_content=EWF-IG"},"styles":{},"content":"Download the Infographic","custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"3f4741b3-e8ca-4216-8eb1-e3151d525a96","custom_javascript":null,"personalization_type":"modification"},{"selector":"a.btn","data":{"html_attributes":{"href":"https://www.fortinet.com/for_you?utm_content=EWF-IG"},"styles":{},"content":"SEE INSIGHTS NOW","custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"f0b5e5d2-a698-472c-be8d-5426bfc795ca","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","query.utm_content"],"custom_javascript":"document.title = \"Building an Inclusive Cyber Community\";","custom_css":null,"condition":null}]},{"id":"7","name":"All Traffic","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"or","clauses":[{"attribute":"query.utm_campaign","value":"GE Aerospace","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"60877dbc-c1f9-4118-8751-ba1402860e60","state":"promoted","name":"NAMER ABM EWF The Connection Code Infographic","description":"NAMER ABM EWF The Connection Code Infographic","global":false,"priority":20,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for_you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"d06d39dc-50b6-4b3b-8380-443be5121c91","dom_update_group_state":"active","variation_key":"5834a460-bea5-4240-a884-97e223a1575f","variation_name":"Variation 1","dom_updates":[{"selector":"section.featured-assets \u003e div.new-container","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9404e914-cfc1-4d35-bbbf-9b7676581ed4","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.paragraph-and-header \u003e div.new-container","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c11b64b1-69f7-4682-a22e-90c932a648cb","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.copyrights","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"efb3c691-a312-4144-a743-6937ac1e1e82","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.be-ix-link-block","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"5c1a1c22-be94-4a0b-8619-1cf1f1f16bbc","custom_javascript":null,"personalization_type":"modification"},{"selector":"footer#footer","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"footer","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"937e246a-c7c8-46ad-b6dd-df751d90da6e","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.platform-features \u003e div.new-container","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"38c23183-2f3e-47fe-841e-a691193e0a4e","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.account-team \u003e div.new-container","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"dc952e78-ed8e-4567-94ba-1521c4aeca01","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.featured-videos \u003e div.new-container","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d2151ce2-f50d-4893-942a-1d4595ebe6ea","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.product-video \u003e div.new-container","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e6b45f27-cbb3-4cdd-ad56-acfe0e29ee8b","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.partners \u003e div.new-container","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"1453ca2c-e165-43ea-b57d-dfa0fd73d0a6","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.standalone-CTA","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"57cba409-c0c0-4b77-a56e-0b6f599e590d","custom_javascript":null,"personalization_type":"modification"},{"selector":"section:nth-of-type(5)","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e77739b3-1a7a-4f4c-a7fb-074aca70932b","custom_javascript":null,"personalization_type":"modification"},{"selector":"section:nth-of-type(4)","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e6cf941c-a9da-4268-85d3-cf09f000d2a0","custom_javascript":null,"personalization_type":"modification"},{"selector":"nav#main-nav","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"nav","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"cd3921b4-ebb5-493b-990c-3e95d724f205","custom_javascript":null,"personalization_type":"modification"},{"selector":"nav#top-nav","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"nav","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"33a0f17e-a670-4ae4-a82f-21ab0854eb05","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.hero-banner","data":{"html_attributes":{},"styles":{"background-image":"none"},"content":"\n \u003cstyle\u003e\n /* Reset and base styles */\n * {\n box-sizing: border-box;\n margin: 0;\n padding: 0;\n }\n \n body {\n font-family: -apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, Arial, sans-serif;\n background-color: #;\n padding: 1.5rem;\n color: #333\n }\n \n /* Container styles */\n .container {\n display: flex;\n flex-direction: column;\n align-items: center;\n padding: 1.5rem;\n background-color: #f9fafb;\n max-width: 1200px;\n margin: 0 auto;\n }\n \n .infographic {\n width: 100%;\n max-width: 64rem;\n background-color: white;\n border-radius: 0.5rem;\n box-shadow: 0 10px 15px -3px rgba(0, 0, 0, 0.1), 0 4px 6px -2px rgba(0, 0, 0, 0.05);\n overflow: hidden;\n }\n \n /* Header styles */\n .header {\n background-color: #dc2626;\n color: white;\n padding: 1.5rem 2rem;\n }\n \n .title {\n font-size: 1.875rem;\n font-weight: bold;\n text-align: center;\n }\n \n .subtitle {\n text-align: center;\n opacity: 0.9;\n margin-top: 0.5rem;\n font-weight:700;\n }\n \n .introduction {\n padding: 1.5rem 8rem;\n background-color: #fee2e2;\n }\n \n .intro-text {\n text-align: left;\n color: #991b1b;\n font-weight: 500;\n }\n \n /* Section styles */\n .section {\n padding: 2rem;\n border-bottom: 1px solid #e5e7eb;\n }\n \n .section-title {\n font-size: 1.5rem;\n font-weight: bold;\n margin-bottom: 1rem;\n padding-top: 2rem;\n }\n \n .section-title.red {\n color: #b91c1c;\n }\n \n .section-title.green {\n color: #047857;\n }\n \n .section-title.teal {\n color: #0f766e;\n }\n \n .section-title.blue {\n color: #1d4ed8;\n }\n \n .grid {\n display: grid;\n gap: 1.5rem;\n }\n \n @media (min-width: 768px) {\n .grid-2col {\n grid-template-columns: 1fr 1fr;\n }\n }\n \n /* Poll results panel */\n .panel {\n padding: 1.5rem;\n border-radius: 0.5rem;\n }\n \n .panel.red {\n background-color: #fee2e2;\n }\n \n .panel.green {\n background-color: #ecfdf5;\n }\n \n .panel.teal {\n background-color: #f0fdfa;\n }\n \n .panel.blue {\n background-color: #eff6ff;\n }\n \n .panel-title {\n font-size: 1.125rem;\n font-weight: 600;\n margin-bottom: 1.5rem;\n }\n \n .panel-title.red {\n color: #b91c1c;\n }\n \n .panel-title.green {\n color: #047857;\n }\n \n .panel-title.teal {\n color: #0f766e;\n }\n \n .panel-title.blue {\n color: #1d4ed8;\n text-align: center;\n }\n \n /* Progress bars */\n .stat-row {\n display: flex;\n align-items: center;\n margin-bottom: 1rem;\n }\n \n .stat-label {\n width: 5rem;\n font-size: 0.875rem;\n font-weight: 500;\n color: #000;\n opacity: 0.6;\n }\n \n .stat-label.wide {\n width: 6rem;\n }\n \n .stat-label.wider {\n width: 9rem;\n }\n \n .progress-bar {\n flex: 1;\n height: 1.5rem;\n background-color: #fff;\n border-radius: 9999px;\n border: 0.25px solid lightgray;\n overflow: hidden;\n }\n \n .progress-fill {\n height: 100%;\n border-radius: 9999px;\n }\n \n .progress-fill.red {\n background-color: #ef4444;\n }\n \n .progress-fill.green {\n background-color: #10b981;\n }\n \n .progress-fill.teal {\n background-color: #14b8a6;\n }\n \n .progress-fill.blue {\n background-color: #2563eb;\n }\n \n .stat-value {\n width: 4rem;\n text-align: right;\n font-size: 0.875rem;\n font-weight: 600;\n color: #000;\n opacity: 0.6;\n }\n \n /* Key insight cards */\n .insight-card {\n padding: 1rem;\n background-color: white;\n border-radius: 0.5rem;\n box-shadow: 0 1px 2px 0 rgba(0, 0, 0, 0.05);\n }\n \n .insight-card.red {\n border: 1px solid #fee2e2;\n }\n \n .insight-card.green {\n border: 1px solid #d1fae5;\n }\n \n .insight-card.teal {\n border: 1px solid #ccfbf1;\n }\n \n .insight-card.blue {\n border: 1px solid #dbeafe;\n }\n \n .insight-title {\n font-weight: 500;\n margin-bottom: 0.5rem;\n font-size: 1.125rem;\n }\n \n .insight-title.red {\n color: #b91c1c;\n }\n \n .insight-title.green {\n color: #047857;\n }\n \n .insight-title.teal {\n color: #0f766e;\n }\n \n .insight-title.blue {\n color: #1d4ed8;\n }\n \n .insight-text {\n color: #4b5563;\n }\n \n /* Quote styles */\n .quote {\n margin-top: 1rem;\n padding: 0.75rem;\n background-color: #fffbeb;\n border: 1px solid #fef3c7;\n border-radius: 0.25rem;\n }\n \n .quote-text {\n color: #92400e;\n font-style: italic;\n }\n \n .quote-author {\n color: #92400e;\n font-size: 0.875rem;\n margin-top: 0.25rem;\n }\n \n /* Stage cards */\n .stage-card {\n padding: 0.5rem;\n background-color: #f0fdfa;\n border: 1px solid #ccfbf1;\n border-radius: 0.25rem;\n margin-top: 0.5rem;\n }\n \n .stage-text {\n color: #115e59;\n font-weight: 500;\n }\n \n /* Percentage circles */\n .percent-card {\n padding: 1rem;\n background-color: white;\n border-radius: 0.5rem;\n box-shadow: 0 1px 2px 0 rgba(0, 0, 0, 0.05);\n border: 1px solid #dbeafe;\n text-align: center;\n }\n \n .percent-label {\n font-weight: 500;\n color: #1d4ed8;\n }\n \n .percent-circle {\n width: 4rem;\n height: 4rem;\n border-radius: 50%;\n background-color: #2563eb;\n display: flex;\n align-items: center;\n justify-content: center;\n color: white;\n font-size: 1.25rem;\n font-weight: bold;\n margin: 0.5rem auto 0;\n }\n \n .stat-highlight {\n text-align: center;\n margin-top: 1rem;\n }\n \n .stat-highlight-number {\n color: #1e40af;\n font-weight: 500;\n font-size: 1.25rem;\n }\n \n .stat-highlight-text {\n color: #1d4ed8;\n font-size: 0.875rem;\n }\n \n /* Implementation by career stage */\n .career-card {\n padding: 1rem;\n background-color: white;\n border-radius: 0.5rem;\n border: 1px solid #dbeafe;\n margin-bottom: 1rem;\n }\n \n .career-stage {\n font-weight: 500;\n color: #1d4ed8;\n }\n \n .career-quote {\n color: #4b5563;\n font-style: italic;\n font-size: 0.875rem;\n margin-top: 0.5rem;\n }\n \n /* Testimonials section */\n .testimonials {\n padding: 2rem;\n background-color: #9333ea;\n color: white;\n }\n \n .testimonials-title {\n font-size: 1.5rem;\n font-weight: bold;\n text-align: center;\n margin-bottom: 1.5rem;\n color: #fff;\n }\n \n .testimonial-card {\n padding: 1rem;\n background-color: #7e22ce;\n border-radius: 0.5rem;\n margin-bottom: 1.5rem;\n }\n \n .testimonial-text {\n font-style: italic;\n font-weight:500;\n }\n \n .testimonial-author {\n color: #e9d5ff;\n margin-top: 0.5rem;\n }\n \n /* Footer */\n .footer {\n padding: 1.5rem 2rem;\n text-align: center;\n background-color: #f3f4f6;\n }\n \n .footer-text {\n color: #6b7280;\n margin-bottom: 0.5rem;\n }\n \n .footer-title {\n font-size: 1.25rem;\n font-weight: bold;\n color: #1f2937;\n }\n \n .footer-hashtag {\n color: #6b7280;\n font-size: 0.875rem;\n margin-top: 1rem;\n }\n \u003c/style\u003e\n\n \u003cdiv class=\"container\"\u003e\n \u003cdiv class=\"infographic\"\u003e\n \u003c!-- Header --\u003e\n \u003cdiv class=\"header\"\u003e\n \u003ch1 class=\"title\"\u003eThe Connection Code: Key Insights\u003c/h1\u003e\n \u003cp class=\"subtitle\"\u003eCombining Live Polling and Post-Webinar Survey Results\u003c/p\u003e\n \u003c/div\u003e\n \n \u003c!-- Introduction --\u003e\n \u003cdiv class=\"introduction\"\u003e\n \u003cp class=\"intro-text\"\u003e\n Our webinar \"The Connection Code: How Women Leaders Build Networks That Actually Work\" revealed compelling patterns \n about networking challenges, strategies, and implementation plans across different career stages.\n \u003c/p\u003e\n \u003c/div\u003e\n \n \u003c!-- Networking Frequency Section --\u003e\n \u003cdiv class=\"section\"\u003e\n \u003ch2 class=\"section-title red\"\u003eHow Often Women Leaders Connect With Their Networks\u003c/h2\u003e\n \n \u003cdiv class=\"grid grid-2col\"\u003e\n \u003cdiv class=\"panel red\"\u003e\n \u003ch3 class=\"panel-title red\"\u003eLive Poll Results\u003c/h3\u003e\n \n \u003cdiv class=\"stats\"\u003e\n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label\"\u003eDaily\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill red\" style=\"width: 11%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e11%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label\"\u003eWeekly\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill red\" style=\"width: 11%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e11%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label\"\u003eMonthly\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill red\" style=\"width: 30%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e30%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label\"\u003eQuarterly\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill red\" style=\"width: 15%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e15%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label\"\u003eOnly when needed\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill red\" style=\"width: 33%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e33%\u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"panel red\"\u003e\n \u003ch3 class=\"panel-title red\"\u003eKey Insight\u003c/h3\u003e\n \n \u003cdiv class=\"insight-card red\"\u003e\n \u003cp class=\"insight-title red\"\u003eThe Reactive Networking Gap\u003c/p\u003e\n \u003cp class=\"insight-text\"\u003eOne-third of attendees only engage with their networks when they need something specific, while just 22% maintain weekly or daily networking habits.\u003c/p\u003e\n \u003cdiv class=\"quote\"\u003e\n \u003cp class=\"quote-text\"\u003e\n \"Make connections before you need connections. It's hard to feel authentic when you're only reaching out when you need something.\"\n \u003c/p\u003e\n \u003cp class=\"quote-author\"\u003e— Alexias Anderson, Cybersecurity Leader\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n \u003c!-- Most Valuable Network Sources --\u003e\n \u003cdiv class=\"section\"\u003e\n \u003ch2 class=\"section-title green\"\u003eMost Valuable Networking Sources\u003c/h2\u003e\n \n \u003cdiv class=\"grid grid-2col\"\u003e\n \u003cdiv class=\"panel green\"\u003e\n \u003ch3 class=\"panel-title green\"\u003eLive Poll Results\u003c/h3\u003e\n \n \u003cdiv class=\"stats\"\u003e\n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label wide\"\u003eProfessional associations\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill green\" style=\"width: 14%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e14%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label wide\"\u003eWork conferences\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill green\" style=\"width: 27%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e27%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label wide\"\u003eSocial media\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill green\" style=\"width: 4%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e4%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label wide\"\u003eCurrent/former colleagues\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill green\" style=\"width: 43%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e43%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label wide\"\u003eAlumni networks\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill green\" style=\"width: 2%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e2%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label wide\"\u003eCommunity involvement\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill green\" style=\"width: 10%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e10%\u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"panel green\"\u003e\n \u003ch3 class=\"panel-title green\"\u003eKey Insight\u003c/h3\u003e\n \n \u003cdiv class=\"insight-card green\"\u003e\n \u003cp class=\"insight-title green\"\u003eThe Weak Ties Opportunity\u003c/p\u003e\n \u003cp class=\"insight-text\"\u003eWhile 43% of attendees find most value in current/former colleagues, research indicates 70% of job opportunities actually come through \"weak ties\" - people you don't know as well.\u003c/p\u003e\n \u003cdiv class=\"quote\"\u003e\n \u003cp class=\"quote-text\"\u003e\n \"A lot of opportunities come from the people that you don't know as well because your networks don't overlap. You have very different networks.\"\n \u003c/p\u003e\n \u003cp class=\"quote-author\"\u003e— Shelly Lombard, Founder, Schmoozebiz\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n \u003c!-- Biggest Networking Challenges --\u003e\n \u003cdiv class=\"section\"\u003e\n \u003ch2 class=\"section-title teal\"\u003eBiggest Networking Challenges\u003c/h2\u003e\n \n \u003cdiv class=\"grid grid-2col\"\u003e\n \u003cdiv class=\"panel teal\"\u003e\n \u003ch3 class=\"panel-title teal\"\u003eLive Poll Results\u003c/h3\u003e\n \n \u003cdiv class=\"stats\"\u003e\n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label wider\"\u003eFinding time\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill teal\" style=\"width: 30%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e30%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label wider\"\u003eUncomfortable asking for help\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill teal\" style=\"width: 17%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e17%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label wider\"\u003eIdentifying right people\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill teal\" style=\"width: 17%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e17%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label wider\"\u003eSeeing tangible benefits\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill teal\" style=\"width: 17%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e17%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label wider\"\u003eAccessing decision-makers\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill teal\" style=\"width: 9%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e9%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-row\"\u003e\n \u003cdiv class=\"stat-label wider\"\u003eBuilding genuine relationships\u003c/div\u003e\n \u003cdiv class=\"progress-bar\"\u003e\n \u003cdiv class=\"progress-fill teal\" style=\"width: 9%\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"stat-value\"\u003e9%\u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"panel teal\"\u003e\n \u003ch3 class=\"panel-title teal\"\u003eKey Insight\u003c/h3\u003e\n \n \u003cdiv class=\"insight-card teal\"\u003e\n \u003cp class=\"insight-title teal\"\u003eThe Networking Maturity Curve\u003c/p\u003e\n \u003cp class=\"insight-text\"\u003eTime constraints lead as the top challenge (30%), while only 9% cite accessing decision-makers as their biggest barrier. This suggests women move through distinct networking development stages.\u003c/p\u003e\n \n \u003cdiv class=\"stages\"\u003e\n \u003cdiv class=\"stage-card\"\u003e\n \u003cp class=\"stage-text\"\u003eEarly-stage: Time management and asking for help (47%)\u003c/p\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stage-card\"\u003e\n \u003cp class=\"stage-text\"\u003eMid-stage: Identifying connections and seeing results (34%)\u003c/p\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stage-card\"\u003e\n \u003cp class=\"stage-text\"\u003eAdvanced: Accessing senior leaders and building authentic relationships (18%)\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n \u003c!-- Implementation Plans --\u003e\n \u003cdiv class=\"section\"\u003e\n \u003ch2 class=\"section-title blue\"\u003eSurvey Insights: What Women Plan to Implement\u003c/h2\u003e\n \n \u003cdiv class=\"grid grid-2col\"\u003e\n \u003cdiv class=\"panel blue\"\u003e\n \u003ch3 class=\"panel-title blue\"\u003eTop 3 Implementation Strategies\u003c/h3\u003e\n \n \u003cdiv class=\"implementations\"\u003e\n \u003cdiv class=\"percent-card\"\u003e\n \u003cp class=\"percent-label\"\u003eBuilding Meaningful Relationships\u003c/p\u003e\n \u003cdiv class=\"percent-circle\"\u003e29%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"percent-card\"\u003e\n \u003cp class=\"percent-label\"\u003ePracticing Curiosity\u003c/p\u003e\n \u003cdiv class=\"percent-circle\"\u003e23%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"percent-card\"\u003e\n \u003cp class=\"percent-label\"\u003eBeing More Intentional\u003c/p\u003e\n \u003cdiv class=\"percent-circle\"\u003e19%\u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"stat-highlight\"\u003e\n \u003cp class=\"stat-highlight-number\"\u003e92%\u003c/p\u003e\n \u003cp class=\"stat-highlight-text\"\u003eof attendees plan to implement a specific networking strategy\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"panel blue\"\u003e\n \u003ch3 class=\"panel-title blue\"\u003eImplementation by Career Stage\u003c/h3\u003e\n \n \u003cdiv class=\"career-stages\"\u003e\n \u003cdiv class=\"career-card\"\u003e\n \u003cp class=\"career-stage\"\u003eEarly Career (0-5 years)\u003c/p\u003e\n \u003cp class=\"career-quote\"\u003e\"Be more curious with my colleagues (and reach out to other teams I don't work with much)\"\u003c/p\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"career-card\"\u003e\n \u003cp class=\"career-stage\"\u003eMid-Career (6-15 years)\u003c/p\u003e\n \u003cp class=\"career-quote\"\u003e\"Taking the hard assignments, volunteering, being vulnerable and asking for help, being curious and acting on it\"\u003c/p\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"career-card\"\u003e\n \u003cp class=\"career-stage\"\u003eSenior Leadership (16+ years)\u003c/p\u003e\n \u003cp class=\"career-quote\"\u003e\"Be intentional about the follow-up with network contacts. Stay connected.\"\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n \u003c!-- Standout Attendee Quotes --\u003e\n \u003cdiv class=\"testimonials\"\u003e\n \u003ch2 class=\"testimonials-title\"\u003eStandout Attendee Testimonials\u003c/h2\u003e\n \n \u003cdiv class=\"grid grid-2col\"\u003e\n \u003cdiv class=\"testimonial-card\"\u003e\n \u003cp class=\"testimonial-text\"\u003e\"The tips were extremely valuable because of how insightful and actionable they are. I feel more equipped to build my network and can approach it more strategically.\"\u003c/p\u003e\n \u003cp class=\"testimonial-author\"\u003e— Mid-level Manager, Technology\u003c/p\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"testimonial-card\"\u003e\n \u003cp class=\"testimonial-text\"\u003e\"As an introvert, it was refreshing to hear how the ladies presenting worked through their challenges. Also, hearing real stories about their experiences and what they could have done differently.\"\u003c/p\u003e\n \u003cp class=\"testimonial-author\"\u003e— Mid-level Manager, Media/Entertainment\u003c/p\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"testimonial-card\"\u003e\n \u003cp class=\"testimonial-text\"\u003e\"I particularly loved Relationship Currency and Performance Currency. Very insightful and helpful.\"\u003c/p\u003e\n \u003cp class=\"testimonial-author\"\u003e— C-Suite Executive, Technology\u003c/p\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"testimonial-card\"\u003e\n \u003cp class=\"testimonial-text\"\u003e\"Building connections before needing them!\"\u003c/p\u003e\n \u003cp class=\"testimonial-author\"\u003e— Mid-level Manager\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \n \u003c!-- Footer --\u003e\n \u003cdiv class=\"footer\"\u003e\n \u003cp class=\"footer-text\"\u003eBased on data from the Fortinet | EWF webinar\u003c/p\u003e\n \u003ch3 class=\"footer-title\"\u003e\"The Connection Code: How Women Leaders Build Networks That Actually Work\"\u003c/h3\u003e\n\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e","custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"46fe32ac-4488-4dfa-9c68-6fb783eda83b","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","query.utm_campaign"],"custom_javascript":"document.title = \"The Connection Code: Key Insights\"","custom_css":null,"condition":null},{"id":"ab20ad4a-ede2-4b16-bb62-65212934aeb9","state":"promoted","name":"FortiGuard Lab Registration","description":"FortiGuard Lab Registration","global":false,"priority":2,"experience_type":"questionnaire","redirect_url":null,"url_host":"fortinet.com","url_path":"/library/energy","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":true,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"72ec653a-bb3c-4987-b0e8-6fdf9153c31d","dom_update_group_state":"active","variation_key":"cfcd5582-76b5-4aab-82ab-5569b5910233","variation_name":"Variation 1","dom_updates":[],"questionnaire":{"id":"eeb0283d-7537-496d-959d-e9a8ad1042f1","config":{"primaryColor":"#2196f3"},"component_config":{"colors":{"primary":"#3CB17E"},"styles":{"title":"text-transform: capitalize; color: #000000 !important;"},"disable_mutiny_branding":false,"inherit_fonts":true,"success_button_theme":null,"layout":{"image_type":"compact","image_url":"https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRe5UMfvLJMFOTM9pQ0XrRIQHJ2UAfQ1TK1hBps_nc7mg\u0026s"},"show_at_scroll_percent":20,"open_mode":"same_tab","disable_success_message":false},"key":"bcd91769-db8b-4ee4-b5db-bb139a77fdbc","questionnaire_type":"fab","hold_out":1.0,"url_host":"fortinet.com","url_path":"/library/energy","url_condition":null,"condition":null,"questions":[{"title":"FortiGuard Lab Outbreak Alerts","snippet":"Subscribe today to have threat alerts delivered to your inbox","key":"hey_adobe","question_type":"multiple_choice","question_options":[{"token":"0eb5bc3d-58ac-4beb-88b7-a3d93fa5452a","title":"link","value":"621d21cd-98c9-49be-8001-dd4f409e6edd","option_type":"link","input_type":null,"link":null,"success_headline":null,"success_snippet":null,"success_cta":"Register for Outbreak Alerts","success_cta_link":"https://www.fortinet.com/fortiguard/labs"}],"cta":null,"cta_link":null,"fallback_success_headline":"That's awesome!","fallback_success_snippet":"See how IBM increased their efficiency by up to 30%!","fallback_success_cta":"Close","fallback_success_cta_link":"https://fortinet.com/library/energy"}],"resource_type":"Questionnaire","resource_id":"eeb0283d-7537-496d-959d-e9a8ad1042f1","priority":2,"version":2},"component_stylesheet_id":"313d129c-f5ab-4b60-90ca-6f8aac09eee5","data_dependencies":["user.random","query.utm_campaign"],"custom_javascript":null,"custom_css":null,"condition":null},{"id":"a8b225e5-ef68-4931-8647-afbb015e3e06","state":"promoted","name":"NAMER ABM Default Hero Image Fortinet.com/for-you","description":"NAMER ABM Default Hero Image Fortinet.com/for-you","global":false,"priority":18,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for-you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"26514979-30f8-4ef3-8fd2-280235a311d9","dom_update_group_state":"active","variation_key":"35cae78b-a687-46d9-9b67-d8f5dfccc488","variation_name":"Variation 1","dom_updates":[{"selector":"h1","data":{"html_attributes":{},"styles":{},"content":"Juventus Football Club Announces Fortinet as Its Official Cybersecurity Partner","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"1f2e18d2-ead1-4c43-9a92-8ab3c83b1478","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section","data":{"html_attributes":{},"styles":{"background-image":"url(https://www.fortinet.com/content/dam/fortinet/images/hero-banners/hp-banner-juventus-1600x574-v3.jpg)"},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"7bc0c0b9-e1f5-4765-8717-e6d9b208f84a","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div[class*=\"Features\"] \u003e div.products-features-benefits \u003e div.products-features-benefits-icon","data":{"html_attributes":{},"styles":{},"content":"\n \u003cimg src=\"https://cdn.pathfactory.com/assets/11071/icons/713388/ec98959d-f01e-426b-90cf-5284ec253341.svg\" style=\"height:100;\"\u003e\n ","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"f779436e-2253-461a-836b-ecec18e034e6","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div[class*=\"Features\"] \u003e div.products-features-benefits \u003e div.products-features-benefits-desc \u003e p \u003e b \u003e a","data":{"html_attributes":{"href":""},"styles":{},"content":"Simplify Secure Connectivity","custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"1a54bb59-d229-4692-b216-323a70ff7cdc","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section--resource \u003e div.wrap \u003e div[class*=\"Layout\"] \u003e div:nth-of-type(1) \u003e div.row \u003e div:nth-of-type(1) \u003e div[class*=\"Text\"] \u003e p","data":{"html_attributes":{},"styles":{},"content":"Manage your growing attack surface with converged networking and cybersecurity.","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c4dd7349-c77e-4477-9dbb-e3c74deebfc9","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div[class*=\"Features\"] \u003e div.products-features-benefits \u003e div.products-features-benefits-icon","data":{"html_attributes":{},"styles":{},"content":"\n \u003cimg src=\"https://cdn.pathfactory.com/assets/11071/icons/713394/d9c743c2-d1cc-44ed-9c35-5e5a95bd13ab.png\" \u003e\n ","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e14b063a-5e0f-4933-8929-341e4377e7e7","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div[class*=\"Features\"] \u003e div.products-features-benefits \u003e div.products-features-benefits-desc \u003e p \u003e b \u003e a","data":{"html_attributes":{"href":""},"styles":{},"content":"Integrated Interoperability","custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"25b0faf8-b2ff-497e-84da-1899d08ca884","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section--resource \u003e div.wrap \u003e div[class*=\"Layout\"] \u003e div:nth-of-type(1) \u003e div.row \u003e div:nth-of-type(2) \u003e div[class*=\"Text\"] \u003e p","data":{"html_attributes":{},"styles":{},"content":"The Fortinet Security Fabric is a Cybersecurity Mesh Architecture (CSMA) and open ecosystem that reduces operational complexity and integrates with over 500 technologies and vendors.","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"2ccf3e50-55a5-4085-80e3-3023c7f7174d","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(3) \u003e div[class*=\"Features\"] \u003e div.products-features-benefits \u003e div.products-features-benefits-icon","data":{"html_attributes":{},"styles":{},"content":"\n \u003cimg src=\"https://cdn.pathfactory.com/assets/11071/icons/713399/f889f394-dd2e-4cad-aee8-24af04ed2f39.png\"\u003e\n ","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"87d253f6-960d-40d5-a818-5637e667a3dd","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(3) \u003e div[class*=\"Features\"] \u003e div.products-features-benefits \u003e div.products-features-benefits-desc \u003e p \u003e b \u003e a","data":{"html_attributes":{"href":""},"styles":{},"content":"Flexible, Usage-Based Pricing","custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"5ec78278-0712-406f-8988-d22e11896aec","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section--resource \u003e div.wrap \u003e div[class*=\"Layout\"] \u003e div:nth-of-type(1) \u003e div.row \u003e div:nth-of-type(3) \u003e div[class*=\"Text\"] \u003e p","data":{"html_attributes":{},"styles":{},"content":"Simple and flexible on-demaand licensing and provisioning for security solutions and services for all environments.","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"2e9d5ebc-af33-41b5-90b4-81902efbc56d","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(15) \u003e section.section--resource \u003e div.wrap","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(15) \u003e section.section--resource","manual_insert_before_selector":null,"index":1,"deconflictor":null},"content":"\u003cdiv class=\"row stretch \"\u003e\n \n \u003cdiv class=\"col-4 col-md-4 col-sm-12 cta--item\"\u003e\n \n\n\n\n\n \n \n \u003cdiv class=\"C915-Features-Benefits\"\u003e\n\u003cdiv class=\"products-features-benefits\"\u003e\n \u003cdiv class=\"products-features-benefits-icon\"\u003e\n \u003cimg src=\"https://cdn.pathfactory.com/assets/11071/icons/713400/7371ea3d-c2e1-42cd-ada1-9d73a14b7dcb.png\"\u003e\n \u003c/div\u003e\n \u003cdiv class=\"products-features-benefits-desc\"\u003e\n \u003cp style=\"font-size: 16.0px;margin-bottom: 10.0px;\"\u003e\u003cb\u003eOne OS, One Console\u003c/b\u003e\u003c/p\u003e\n\n \u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n \n \n \u003cdiv class=\"C32-Text text parbase\"\u003e\n \u003cp style=\"text-align: center;\"\u003eAccelerate single, hybrid, and multi-cloud application journeys through natively integrated cybersecurity for reduced operational complexity, increased visibility, and more robust cybersecurity.\u003c/p\u003e\n\n\n\u003c/div\u003e\n\n\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 col-md-4 col-sm-12 cta--item\"\u003e\n \n\n\n\n\n \n \n \u003cdiv class=\"C915-Features-Benefits\"\u003e\n\u003cdiv class=\"products-features-benefits\"\u003e\n \u003cdiv class=\"products-features-benefits-icon\"\u003e\n \u003cimg src=\"https://cdn.pathfactory.com/assets/11071/icons/713406/7abe570c-3b68-48c1-a02a-20fa3df120a5.png\"\u003e\n \u003c/div\u003e\n \u003cdiv class=\"products-features-benefits-desc\"\u003e\n \u003cp style=\"font-size: 16.0px;margin-bottom: 10.0px;\"\u003e\u003cb\u003eReal-Time Threat Intelligence\u003c/b\u003e\u003c/p\u003e\n\n \u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n \n \n \u003cdiv class=\"C32-Text text parbase\"\u003e\n \u003cp style=\"text-align: center;\"\u003eFortinet's elite threat intelligence and research organization delivers real-time intel and prevention tactics to all Fortinet solutions.\u003c/p\u003e\n\n\n\u003c/div\u003e\n\n\n\n \u003c/div\u003e\n \u003cdiv class=\"col-4 col-md-4 col-sm-12 cta--item\"\u003e\n \n\n\n\n\n \n \n \u003cdiv class=\"C915-Features-Benefits\"\u003e\n\u003cdiv class=\"products-features-benefits\"\u003e\n \u003cdiv class=\"products-features-benefits-icon\"\u003e\n \u003cimg src=\"https://cdn.pathfactory.com/assets/11071/icons/713405/7ec4ff13-f1e2-4fae-b163-a3b3f0af34f1.png\"\u003e\n \u003c/div\u003e\n \u003cdiv class=\"products-features-benefits-desc\"\u003e\n \u003cp style=\"font-size: 16.0px;margin-bottom: 10.0px;\"\u003e\u003cb\u003eThe Silicon Advantage\u003c/b\u003e\u003c/p\u003e\n\n \u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n \n \n \u003cdiv class=\"C32-Text text parbase\"\u003e\n \u003cp style=\"text-align: center;\"\u003eCustom-designed, ASIC-based security processing units (SPUs) drammatically increase speed, scale, efficiency, and value.\u003c/p\u003e\n\n\n\u003c/div\u003e\n\n\n\n \u003c/div\u003e\n \n\n \n \u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"83096804-150c-4a60-b311-beb222b23140","custom_javascript":null,"personalization_type":"addition"},{"selector":"main#CONTENT \u003e div:nth-of-type(7)","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"main#CONTENT","index":4,"deconflictor":null},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d5947313-3fe1-4310-bdd8-5c9bd3e76a6a","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.section--features \u003e div.wrap","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"bae8144d-5fc0-4f55-be3e-f0e1327e1aba","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(13) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"91b47973-c4dc-4091-8a29-d8888178976c","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(11) \u003e section.cs--padding","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"5521f763-4682-47fd-951a-9e5456b8da29","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(9) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c861e837-90c9-48a5-aaf9-798f228b7809","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.analyst-validation-label \u003e div.wrap","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9bf246ee-3ba9-4a06-8914-1242d59d0ef1","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(6) \u003e section.section--resource","data":{"html_attributes":{"style":"display:none;"},"styles":{},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"8a05d4a4-919c-46f4-99fe-311c807455e4","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(5) \u003e section.section--resource","data":{"html_attributes":{},"styles":{},"content":"\u003cdiv class=\"wrap wrap--default\"\u003e\n \u003cstyle\u003e\n .c15-img-style{\n float: left;\n padding-right: 20px;\n width: 60px;\n position: relative;\n top: -5px;\n }\n .c15-img-title-style{\n display: flex;\n align-items: center;\n margin-bottom: 20px;\n }\n .news-block-content p {\n text-align:justify;\n }\n .news-block-content a:link, a:visited, a:hover {\n text-decoration: none;\n }\n .bg--light-gray {\n background-color:white;\n }\n \u003c/style\u003e\n \u003cdiv class=\"C15-Title\"\u003e\n \u003ch2 class=\"text-align--center new--design\" style=\"\"\u003eCurated Content from Fortinet\u003c/h2\u003e\n \u003c/div\u003e\n \u003cdiv class=\"row homepage-featured--news-blocks\"\u003e\n \u003cdiv class=\"news--block col-4 col-md-4 col-sm-12 \" \u003e\n \u003ca href=\"https://fortinet.com/for-you?utm_content=FortiNDR-WP\" target=\"_blank\"\u003e\n \u003cimg src=\"https://cdn.pathfactory.com/assets/11071/thumbnails/928351/9efc77b3-0b38-47c8-b131-be757c00fc78.jpg\" class=\"lozad\" alt=\"Harnessing the Power of AI and ML\" data-loaded=\"true\"\u003e\n \u003cdiv class=\"news-block-content match-height\" \u003e\n \u003ch4 class=\"certTitle\"\u003eHarnessing the Power of AI\nand ML with FortiNDR\u003c/h4\u003e\n \u003cp\u003eAdversaries and cybersecurity practitioners are harnessing the power of Al and ML to achieve their objectives. Discover use cases of Fortinet Al and ML highlighting how the technologies solve common cybersecurity challenges.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/a\u003e\n \u003c/div\u003e\n \n \u003cdiv class=\"news--block col-4 col-md-4 col-sm-12\"\u003e\n \u003ca href=\"https://trust.fortinet.com/\" target=\"_blank\"\u003e\u003cimg src=\"https://www.fortinet.com/content/dam/fortinet/images/certifications/tile-infosec.jpg\" class=\"lozad\" data-src=\"https://www.fortinet.com/content/dam/fortinet/images/certifications/tile-infosec.jpg\" alt=\"Fortinet Trust site\" data-loaded=\"true\"\u003e\u003c/a\u003e\n \u003cdiv class=\"news-block-content match-height\" \u003e\n \u003ch4 class=\"certTitle\"\u003eLorem ipsum dolor sit amet, consectetur adipiscing elit\u003c/h4\u003e\n \u003cp\u003e2 Lorem ipsum dolor sit amet, consectetur adipiscing elit\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"news--block col-4 col-md-4 col-sm-12 \"\u003e\n \u003cimg src=\"https://www.fortinet.com/content/dam/fortinet/images/certifications/tile-governance.jpg\" class=\"lozad\" data-src=\"https://www.fortinet.com/content/dam/fortinet/images/certifications/tile-governance.jpg\" alt=\"Government Regulations filter button\" data-loaded=\"true\"\u003e\n \u003cdiv class=\"news-block-content match-height\" \u003e\n \u003ch4 class=\"certTitle\"\u003eLorem ipsum dolor sit amet, consectetur adipiscing elit\u003c/h4\u003e\n \u003cp\u003e3 Lorem ipsum dolor sit amet, consectetur adipiscing elit\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n","custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ec113467-63ba-487f-a365-9bd11a8b37e8","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(15) \u003e section.section--resource","data":{"html_attributes":{},"styles":{},"position":{"parent_selector":"div:nth-of-type(15)","manual_insert_before_selector":null,"index":0,"deconflictor":null},"content":"\u003cdiv\u003e\n \u003cdiv class=\"global-scale inview\"\u003e\n \u003cstyle\u003e\n .global-scale {\n background: url(/content/dam/fortinet/images/general/globe-bg.jpg);\n background-repeat: no-repeat;\n background-size: cover;\n color: #fff;\n padding: 50px 0px;\n position: relative;\nmargin-bottom: 80px;\n }\n\n .global-scale .section-label {\n color: #3cb17e;\n }\n\n .global-scale .row {\n margin-top: 70px;\n margin-bottom: 50px;\n }\n\n .global-scale .stat-info {\n text-align: center;\n font-size: 23px;\n font-weight: 400;\n padding: 0px 80px 50px;\n }\n\n .global-scale .stat-num {\n font-weight: 700;\n font-size: 50px;\n }\n\n .global-scale .moreinfo {\n text-align: center;\n font-weight: 400;\n font-size: 18px;\n margin-top: -50px;\n margin-bottom: -100px;\n\t\tposition: relative;\n\t\tz-index: 99;\n }\n\n .global-scale a.green-btn {\n display: inline-block;\n font-weight: 500;\n color: #fff;\n text-decoration: none;\n background: #246a4c;\n padding: 10px 50px;\n text-transform: uppercase;\n border-radius: 20px;\n margin-bottom: 50px;\n border: 2px solid #246a4c;\n transition: .5s;\n }\n\n .global-scale a.green-btn:hover {\n background: transparent;\n color: #3cb17e;\n }\n\t.green-dots-bg\n\t{\n\t\tposition: absolute;\n\t\tz-index: 999;\n\t\tbottom: -100px;\n\t\tmargin-left: -180px;\n\t}\n\t.inview .green-dots-bg\n\t{\n\t\tanimation: greenDotsDown 1s linear;\n\t}\n\t@keyframes greenDotsDown {\n 0% {\n\t\tbottom: 100px;\n\t\topacity: 0;\n }\n }\n @property --num2 {\n syntax: \"\u003cinteger\u003e\";\n initial-value: 1;\n inherits: false;\n }\n\n .inview [class*=col-]:nth-child(2) .stat-info span {\n transition: --num2 2s;\n counter-set: num2 var(--num2);\n }\n\n .inview [class*=col-]:nth-child(2) .stat-info span:after {\n content: counter(num2);\n }\n\n .inview [class*=col-]:nth-child(2) .stat-info span {\n --num2: 15;\n }\n @property --num3 {\n syntax: \"\u003cinteger\u003e\";\n initial-value: 100;\n inherits: false;\n }\n .inview [class*=col-]:nth-child(3) .stat-info span {\n transition: --num3 2s;\n counter-set: num3 var(--num3);\n }\n .inview [class*=col-]:nth-child(3) .stat-info span:after {\n content: counter(num3);\n }\n .inview [class*=col-]:nth-child(3) .stat-info span\n {\n --num3: 360;\n }\n @property --num4 {\n syntax: \"\u003cinteger\u003e\";\n initial-value: 1;\n inherits: false;\n }\n\n .inview [class*=col-]:nth-child(4) .stat-info span {\n transition: --num4 2s;\n counter-set: num4 var(--num4);\n }\n\n .inview [class*=col-]:nth-child(4) .stat-info span:after {\n content: counter(num4);\n }\n\n .inview [class*=col-]:nth-child(4) .stat-info span {\n --num4: 2;\n }\n @property --num5 {\n syntax: \"\u003cinteger\u003e\";\n initial-value: 1;\n inherits: false;\n }\n\n .inview [class*=col-]:nth-child(5) .stat-info span {\n transition: --num5 2s;\n counter-set: num5 var(--num5);\n }\n\n .inview [class*=col-]:nth-child(5) .stat-info span:after {\n content: counter(num5);\n }\n\n .inview [class*=col-]:nth-child(5) .stat-info span {\n --num5: 10;\n }\n @property --num6 {\n syntax: \"\u003cinteger\u003e\";\n initial-value: 1;\n inherits: false;\n }\n\n .inview [class*=col-]:nth-child(6) .stat-info span {\n transition: --num6 2s;\n counter-set: num6 var(--num6);\n }\n\n .inview [class*=col-]:nth-child(6) .stat-info span:after {\n content: counter(num6);\n }\n\n .inview [class*=col-]:nth-child(6) .stat-info span {\n --num6: 20;\n }\n .col-1, .col-2, .col-3, .col-4, .col-5, .col-6, .col-7, .col-8, .col-9, .col-10, .col-11, .col-12, .col, .col-auto, .col-sm-1, .col-sm-2, .col-sm-3, .col-sm-4, .col-sm-5, .col-sm-6, .col-sm-7, .col-sm-8, .col-sm-9, .col-sm-10, .col-sm-11, .col-sm-12, .col-sm, .col-sm-auto, .col-md-1, .col-md-2, .col-md-3, .col-md-4, .col-md-5, .col-md-6, .col-md-7, .col-md-8, .col-md-9, .col-md-10, .col-md-11, .col-md-12, .col-md, .col-md-auto, .col-lg-1, .col-lg-2, .col-lg-3, .col-lg-4, .col-lg-5, .col-lg-6, .col-lg-7, .col-lg-8, .col-lg-9, .col-lg-10, .col-lg-11, .col-lg-12, .col-lg, .col-lg-auto, .col-xl-1, .col-xl-2, .col-xl-3, .col-xl-4, .col-xl-5, .col-xl-6, .col-xl-7, .col-xl-8, .col-xl-9, .col-xl-10, .col-xl-11, .col-xl-12, .col-xl, .col-xl-auto {\n position: relative;\n width: 100%;\n padding-right: 15px;\n padding-left: 15px;\n}\n .global-scale .stat-num {\n font-size: 30px;\n font-weight: 700;\n padding-bottom:20px;\n }\n\n .global-scale .stat-info {\n padding: 0px 40px 50px;\n font-size: 18px;\n font-weight:400;\n line-height:18px;\n }\n\n@media (min-width:992px) {\n .col-lg-4 {\n flex: 0 0 33.333333%;\n max-width: 33.333333%;\n }\n}\n\t@media (max-width: 1200px)\n\t{\n\t\t.global-scale .stat-info\n\t\t{\n\t\t\tpadding: 0px 40px 50px;\n\t\t\tfont-size: 18px;\n\t\t}\n\t\t.global-scale .stat-num\n\t\t{\n\t\t\tfont-size: 30px;\n\t\t}\n\t}\n\t@media (max-width: 767px)\n\t{\n\t\t.global-scale .stat-info\n\t\t{\n\t\t\tpadding: 0px 20px 50px;\n\t\t\tfont-size: 16px;\n\t\t}\n\t\t.global-scale a.green-btn\n\t\t{\n\t\t\tfont-size: 14px;\n\t\t}\n\t\t.col-sm-6\n\t\t{\n\t\t\tmax-width: 50%;\n\t\t}\n\t\t.green-dots-bg\n\t\t{\n\t\t\tbottom: -150px;\n \t\t\ttransform: rotate(90deg);\n\t\t}\n\t\t\n\t}\n \u003c/style\u003e\n\n \u003cdiv class=\"container\"\u003e\n \u003cdiv class=\"section__head\" style=\"text-align:center; padding:0px 50px;\"\u003e\n \u003cdiv class=\"section-label\" style=\"font-size:18px; font-weight:600; padding-bottom:20px;padding-top:20px; text-transform:uppercase;color:#3cb17e;\"\u003eFortiGuard Labs\u003c/div\u003e\n \u003ch2 class=\"text-align--center\" style=\"animation:h2FadeIn 1s; font-size: 30px; font-weight: 700; margin: 0; padding: 0; color: #fff;\"\u003e\n Global Threat Protection Delivered Daily\n \u003c/h2\u003e\n \u003c/div\u003e\n \u003cdiv class=\"row\" style=\"margin-top: 70px; margin-bottom: 50px; display:flexx; flex-wrap: wrap; margin-right:-15px; margin-left:-15px;\"\u003e\n \u003cdiv class=\"col-lg-4 col-sm-6\"\u003e\n \u003cdiv class=\"stat-info\"\u003e\n \u003cdiv class=\"stat-num\"\u003e\u003cspan\u003e1\u003c/span\u003eT\u003c/div\u003e\n Cloud events processed\n \u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-lg-4 col-sm-6\"\u003e\n \u003cdiv class=\"stat-info\"\u003e\n \u003cdiv class=\"stat-num\"\u003e\u003cspan\u003e\u003c/span\u003eK\u003c/div\u003e\n Exploit attempts detected\n \u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-lg-4 col-sm-6\"\u003e\n \u003cdiv class=\"stat-info\"\u003e\n \u003cdiv class=\"stat-num\"\u003e\u003cspan\u003e\u003c/span\u003eK\u003c/div\u003e\n Malware executions blocked\n \u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-lg-4 col-sm-6\"\u003e\n \u003cdiv class=\"stat-info\"\u003e\n \u003cdiv class=\"stat-num\"\u003e\u003cspan\u003e\u003c/span\u003eB\u003c/div\u003e\n New unique objects analyzed\n \u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-lg-4 col-sm-6\"\u003e\n \u003cdiv class=\"stat-info\"\u003e\n \u003cdiv class=\"stat-num\"\u003e\u003cspan\u003e\u003c/span\u003eM\u003c/div\u003e\n New unique attack objects identified\n \u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"col-lg-4 col-sm-6\"\u003e\n \u003cdiv class=\"stat-info\"\u003e\n \u003cdiv class=\"stat-num\"\u003e\u003cspan\u003e\u003c/span\u003eB\u003c/div\u003e\n Attacks prevented inline\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003cdiv class=\"moreinfo\"\u003e\n \u003ca href=\"/fortiguard/labs\" class=\"green-btn\"\u003eExplore Threat Research\u003c/a\u003e\n\n \u003c/div\u003e\n\u003cimg class=\"green-dots-bg\" src=\"/content/dam/fortinet/images/icons/green-dots.png\" alt=\"green-dots-bg\"\u003e\n \u003c/div\u003e\n\n\u003cdiv class=\"ftnt-custom-background white\" style=\"\"\u003e\u003cdiv class=\"half-circle-svg type-4\"\u003e\u003csvg fill=\"none\" x=\"0px\" y=\"0px\" viewBox=\"0 0 1920 180\" width=\"1920\"\u003e\u003cpath d=\"M0,0v180h1920V0C1920,0,1055.7,394.4,0,0z\"\u003e\u003c/path\u003e\u003c/svg\u003e\u003c/div\u003e\u003c/div\u003e\n\u003c/div\u003e\n\u003c/div\u003e","custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"dcdacfd0-b5d7-4bef-858b-18e20dad8b5f","custom_javascript":null,"personalization_type":"addition"},{"selector":"div:nth-of-type(7) \u003e section.section--resource","data":{"html_attributes":{},"styles":{},"content":"\n \u003cdiv class=\"wrap wrap--default\"\u003e\n \u003cstyle\u003e\n\t.three-column-text h4 {\n\t\tmargin:0 0 0 0;\n\t\tbreak-after:avoid;\n\t\tbreak-inside: avoid;\n\t}\n\t .three-column-text p {\n\t\t margin-top:5px;\n\t\t orphans: 2;\n\t\t widows: 2;\n\t }\n\t.three-column-text {\n\t\tcolumn-count: 3;\n\t\tcolumn-gap: 40px;\n\t\tpadding: 20px;\n\t\twidth: 100%;\n\t\tmargin: 0 auto;\n\t}\n\n\t/* Optional: style for headings that span across columns */\n\t.column-span-all {\n\t\tcolumn-span: all;\n\t\tmargin-bottom: 20px;\n\t}\n\n\t/* Responsive design */\n\t@media (max-width: 768px) {\n\t\t.three-column-text {\n\t\t\tcolumn-count: 1;\n\t\t}\n\t}\n \u003c/style\u003e\n \u003cdiv class=\"C15-Title\"\u003e\n \u003ch2 class=\"text-align--center new--design\"\u003eHarnessing the Power of Artificial Intelligence and Machine Learning with FortiNDR Solutions\u003c/h2\u003e\n \u003c/div\u003e\n \u003cdiv class=\"C11-Text-Columns\"\u003e\n \u003cdiv class=\"three-column-text\"\u003e\n \u003ch4\u003eExecutive Summary\u003c/h4\u003e\n \u003cp\u003eWith the explosion of data and computing, adversaries and cybersecurity practitioners are harnessing the power of AI and ML to achieve their respective objectives. Fortinet applies AI and ML to its SecOps suite of solutions, including FortiNDR network detection and response and FortiNDR Cloud.\u003c/p\u003e\n \u003ch4\u003eAI and ML in Fortinet Cybersecurity Solutions\u003c/h4\u003e\n \u003cp\u003eFortinet also uses these capabilities to enhance detections in its own products in many ways, such as training different engines and neural networks for malware detections, profiling traffic on networks (FortiNDR, FortiNDR Cloud, and FortiWeb), analyzing network operations data (FortiAIOps), using GenAI with FortiAdvisor to interact with customers using natural language processing, and harnessing ML for face recognition in FortiCamera, to name a few.\u003c/p\u003e\n \u003ch4\u003eWhat Makes Network Detection and Response Unique?\u003c/h4\u003e\n \u003cp\u003eNDR is one cybersecurity solution that harnesses big data and uses ML to effectively model network traffic. NDR relies on processing raw network data and flows to capture the metadata of the network to surface attacks. As adversaries cannot escape the network, traces of activity are always left behind, whether malware lateral movement, deviation of traffic flow, abnormal application behavior, or the unusual upload of sensitive data. NDR solutions can conduct behavior-based analysis on the network, using AI and ML to determine if an action is potentially suspicious. This insight helps a human analyst better assess the situation and prioritize remediation.\u003c/p\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e","custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d84b1640-2169-4314-ba79-3345f6a0e3b7","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","query.utm_campaign"],"custom_javascript":null,"custom_css":null,"condition":null}]},{"id":"103","name":"Accelerate","campaign_slug":null,"condition":{"attribute":"user.random","value":1,"and":[],"or":[],"comparator":"greater_than","filter":null,"aggregation":null},"condition_tree":{"root_node":{"boolean_join":"and","clauses":[{"attribute":"query.utm_content","value":"Accelerate","comparator":"equal","filter":null,"aggregation":null}]},"version":3},"hold_out":"0.5","objective":"cro","web_experiences":[{"id":"715ccb1a-9b82-4ca6-9b76-c8c08b32470d","state":"promoted","name":"NAMER ABM Ken Xie Video Ad Landing Page","description":"NAMER ABM Ken Xie Video Ad Landing Page","global":false,"priority":21,"experience_type":"render","redirect_url":null,"url_host":"www.fortinet.com","url_path":"/for_you","url_query_params":null,"url_condition":null,"hold_out":1.0,"async":false,"experiment_assignment_grouping_strategy":"global","dom_update_group_id":"27052c48-7d84-429f-af2e-c70745c47cb7","dom_update_group_state":"active","variation_key":"46bf7ac5-3392-4869-a7cf-5eeeed2cfa35","variation_name":"Variation 1","dom_updates":[{"selector":"footer#footer","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"footer","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"af070b17-c35c-40b4-a3c3-b7bf12bc7d6d","custom_javascript":null,"personalization_type":"modification"},{"selector":"section:nth-of-type(4) \u003e div.new-container \u003e h2.section-title","data":{"html_attributes":{},"styles":{},"content":"The Most Trusted Company in Cybersecurity","custom":false,"tag":"h2","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"26c899b1-b429-4bb4-8ac0-63227fcef462","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.account-team","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"8b409de9-a079-4af0-b78d-b3c391dceb0f","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.product-video","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"f49c7ad7-5365-4961-aaa2-6e66e6f78911","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.partners","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"56bfe706-dde0-4b88-9016-726da3888bfc","custom_javascript":null,"personalization_type":"modification"},{"selector":"section:nth-of-type(5)","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"d6acdffe-1090-4344-89ef-0a260b868d16","custom_javascript":null,"personalization_type":"modification"},{"selector":"section:nth-of-type(4) \u003e div.new-container \u003e div:nth-of-type(2)","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"fd7d32eb-0c37-4b3c-a513-298cd57c6938","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.featured-assets","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"41ce5729-0903-49fe-96fb-7cdd7f33c36b","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.featured-videos","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c324e4ec-6715-4c43-871e-2236bbaebec1","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.standalone-CTA","data":{"html_attributes":{},"styles":{"background-color":"#2CCCD3"},"position":{"parent_selector":"div[class*=\"Snippet\"] \u003e div:nth-of-type(1)","manual_insert_before_selector":null,"index":6,"deconflictor":null},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ce228fd6-d0d4-4993-b474-12365040ccd9","custom_javascript":null,"personalization_type":"modification"},{"selector":"nav#top-nav","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"nav","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"e111feec-7032-42c2-b7ba-bcd1e0515330","custom_javascript":null,"personalization_type":"modification"},{"selector":"a.btn","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"03239d2e-24ef-4d54-8bda-77620605f987","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div.content-block \u003e h3","data":{"html_attributes":{},"styles":{},"remove":true,"custom":false,"tag":"h3","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"6ef35329-3f08-4070-abe9-eb92f2bdc5d0","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div.content-block \u003e p","data":{"html_attributes":{},"styles":{},"content":"Trust is the foundation of every business relationship—especially in cybersecurity. No matter how bold a company's vision — what matters most is earning the confidence of employees, partners, and customers.\u003c/p\u003e\u003cp\u003e\nThat's why we're proud that Forbes named Fortinet one of America's 10 Most Trusted Companies, ranking #7 overall — and the highest-ranked cybersecurity company by a wide margin. \n\u003c/p\u003e\u003cp\u003e\nThis recognition is based on Forbes independent survey of investors, the media, and Fortinet employees, customers, and partners.\u003c/p\u003e","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"225e801c-1cf4-4c22-9439-ddcfb1a91d77","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div.content-block \u003e a","data":{"html_attributes":{"href":"https://www.forbes.com/lists/most-trusted-companies/"},"styles":{},"content":"Read Forbes' survey results","custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"5ed3af7b-d749-48ad-9c03-2cba9de4fc12","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div:nth-of-type(1) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"9651a45a-c788-4ca8-8e66-e8a6718cb7dd","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div:nth-of-type(2) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"657b8b82-da94-4d66-b4a3-da2d673ff03b","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div:nth-of-type(3) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"4d5ec7f8-7e44-4217-8636-ed995a3f56fd","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div:nth-of-type(1) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"c0227281-9aae-4508-a007-450c79f6b21f","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div:nth-of-type(2) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"b613a77d-750a-4816-95a0-6e0347cd7356","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div:nth-of-type(3) \u003e img.feature-icon","data":{"html_attributes":{"style":"width:30%;"},"styles":{"margin-bottom":"0px"},"custom":false,"tag":"img","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"43a9e7f8-d87f-4603-816f-fd62baf42de9","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div:nth-of-type(1) \u003e h3.feature-title","data":{"html_attributes":{},"styles":{"margin-top":"10px","margin-bottom":"10px"},"custom":false,"tag":"h3","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"57ba5004-3b95-4c26-bb78-44a9d2db7f5b","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div:nth-of-type(2) \u003e h3.feature-title","data":{"html_attributes":{},"styles":{"margin-top":"10px"},"custom":false,"tag":"h3","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"ab627878-ec5c-4bfa-8859-137f806bd57a","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(1) \u003e div:nth-of-type(3) \u003e h3.feature-title","data":{"html_attributes":{},"styles":{"margin-top":"10px"},"custom":false,"tag":"h3","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"56888a5f-4f76-4591-af89-3832a96accfd","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div:nth-of-type(1) \u003e h3.feature-title","data":{"html_attributes":{},"styles":{"margin-top":"10px"},"custom":false,"tag":"h3","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"82ea1525-6f54-4185-bb8a-2ebde30358a0","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div:nth-of-type(2) \u003e h3.feature-title","data":{"html_attributes":{},"styles":{"margin-top":"10px"},"custom":false,"tag":"h3","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"124d9f3f-095a-4371-ad87-3816ed135453","custom_javascript":null,"personalization_type":"modification"},{"selector":"div:nth-of-type(2) \u003e div:nth-of-type(3) \u003e h3.feature-title","data":{"html_attributes":{},"styles":{"margin-top":"10px"},"custom":false,"tag":"h3","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"387190b7-a2e5-412a-9d2b-f73bd24bdad2","custom_javascript":null,"personalization_type":"modification"},{"selector":"a.btn-CTA","data":{"html_attributes":{"href":"https://global.fortinet.com/lp-en-cp-security-expert-ws?lsci=701Hr000001lgrwIAA","style":"color:#000;border:2px solid #56d6dc; padding:20px;border-radius:20px;"},"styles":{"background-color":"#FFFFFF"},"content":"MEET WITH FORTINET","custom":false,"tag":"a","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"41eb91f9-1bb9-4f3e-8f6d-afaa6944d2db","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.hero-banner","data":{"html_attributes":{"style":"overflow:hidden;object-fit:cover;background-position:top right; height: 600px;"},"styles":{"background-image":"url(https://images.production.cdn.mutinyhq.io/ab1e5c14-aad9-415c-af54-37034a0bcd45/heroimage.jpg)"},"custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"96705f95-7ad5-4dce-b992-fd08067c20af","custom_javascript":null,"personalization_type":"modification"},{"selector":"div.hero-content","data":{"html_attributes":{"style":"background-color:#fff;padding:30px;border-radius:50px;width:65%; "},"styles":{},"custom":false,"tag":"div","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"39510f67-6b19-4a0f-8245-01abc1141486","custom_javascript":null,"personalization_type":"modification"},{"selector":"p.hero-text","data":{"html_attributes":{"style":"margin-right: 10px;"},"styles":{"font-size":"16px"},"content":"Founder-led companies consistently out innovate their peers. They maintain stronger alignment with their founding vision and have a long term horizon for R\u0026D investments.\u003cSuper\u003e*\u003c/super\u003e \u003cbr\u003e\u003cbr\u003e\nFounder and CEO Ken Xie has been the visionary innovator behind Fortinet's unique ASIC advantage, integrated approach to networking and security, and market leading vision for SASE. \n","custom":false,"tag":"p","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"18165d15-09cd-44a9-8bc6-64c7ed36e3d4","custom_javascript":null,"personalization_type":"modification"},{"selector":"h1.hero-title","data":{"html_attributes":{},"styles":{},"content":"Ken's Founding Vision","custom":false,"tag":"h1","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"335c6013-8d7e-4f4b-925a-8ed6ccd332e7","custom_javascript":null,"personalization_type":"modification"},{"selector":"section.paragraph-and-header","data":{"html_attributes":{"class":".video-play-button","style":""},"styles":{"background-image":"none"},"content":"\u003cdiv class=\"new-container\" style=\"padding-top:0px;padding-bottom:0px\"\u003e\u003csuper\u003e*\u003c/super\u003ePurdue Krannert School of Management, 2016 - \"Founder CEOs and Innovation: Evidence from S\u0026P 500 Firms,\"\n\u003c/div\u003e\n\n\u003c!-- New video section --\u003e\n\u003cdiv class=\"new-container\"\u003e\n \u003ch2 class=\"section-title\" style=\"\"\u003eThe Past, Present, and Future of Networking and Cybersecurity\u003c/h2\u003e\n \u003cdiv style=\"margin:auto; width:60%; padding: 0px 0px 40px 0px;\"\u003e\n \u003cp\u003e The videos here are short clips from Ken's keynote address at Fortinet's Accelerate user conference. Listen, as Ken offers clarity on Fortinet's view on the past, present, and future of networking and cybersecurity.\n \u003c/div\u003e\n\t\u003cdiv class=\"grid-3col\"\u003e\n\t\t \u003c!-- Video 1 --\u003e\n\t\t\u003cdiv class=\"card\"\u003e\n\t\t\t\u003cdiv class=\"video-container\"\u003e\n\t\t\t\t\u003cdiv class=\"wistia_responsive_padding\" style=\"padding:125% 0 0 0;position:relative;\"\u003e\n\t\t\t\t\t\u003cdiv class=\"wistia_responsive_wrapper\" style=\"height:100%;left:0;position:absolute;top:0;width:100%;\"\u003e\n\t\t\t\t\t\t\u003ciframe src=\"https://fast.wistia.net/embed/iframe/rq5kp8n3k8?web_component=true\u0026amp;seo=false\" title=\"Fortinet - Ken Xie - The ASIC Advantage\" allow=\"autoplay; fullscreen\" allowtransparency=\"true\" frameborder=\"0\" scrolling=\"no\" class=\"wistia_embed\" name=\"wistia_embed\" width=\"100%\" height=\"100%\"\u003e\n\t\t\t\t\t\t\u003c/iframe\u003e\n\t\t\t\t\t\u003c/div\u003e\n\t\t\t\t\u003c/div\u003e\n\t\t\t\t\u003cscript src=\"https://fast.wistia.net/player.js\" async=\"\"\u003e\n\t\t\t\t\u003c/script\u003e\n\t\t\t\u003c/div\u003e\n\t\t\t\u003cdiv class=\"card-body\" style=\"margin-top: 20px;\"\u003e\n\t\t\t\t\u003ch3 data-mutiny=\"true\"\u003eWhy Fortinet?\u003c/h3\u003e\n\t\t\t\t\u003cp class=\"card-text\"\u003eFortinet is a unique company with a unique name. Listen to Ken Xie, Fortinet Founder and CEO, talking about why he named the company \"Fortinet.\"\u003c/p\u003e\n\t\t\t\u003c/div\u003e\n\t\t\u003c/div\u003e \n\t\t \u003c!-- Video 2 --\u003e\n\t\t\u003cdiv class=\"card\"\u003e\n\t\t\t\u003cdiv class=\"video-container\"\u003e\n\t\t\t\t\u003cdiv class=\"wistia_responsive_padding\" style=\"padding:125% 0 0 0;position:relative;\"\u003e\n\t\t\t\t\t\u003cdiv class=\"wistia_responsive_wrapper\" style=\"height:100%; left:0; position:absolute; top:0; width:100%;\"\u003e\n\t\t\t\t\t\t\u003ciframe src=\"https://fast.wistia.net/embed/iframe/jvyilz4pyv?web_component=true\u0026amp;seo=false\" title=\"Fortinet - Ken Xie – A Zero Trust Strategy\" allow=\"autoplay; fullscreen\" allowtransparency=\"true\" frameborder=\"0\" scrolling=\"no\" class=\"wistia_embed\" name=\"wistia_embed\" width=\"100%\" height=\"100%\"\u003e\n\t\t\t\t\t\t\u003c/iframe\u003e\n\t\t\t\t\t\u003c/div\u003e\n\t\t\t\t\u003c/div\u003e\n\t\t\t\t\u003cscript src=\"https://fast.wistia.net/player.js\" async=\"\"\u003e\n\t\t\t\t\u003c/script\u003e\n\t\t\t\u003c/div\u003e\n\t\t\t \u003cdiv class=\"card-body\" style=\"margin-top: 20px;\"\u003e\n\t\t\t\t\u003ch3\u003eA Zero Trust Strategy\u003c/h3\u003e\n\t\t\t\t\u003cp class=\"card-text\"\u003eFortinet secure networking was designed with zero-trust as a founding principle. Listen to Ken explain why.\u003c/p\u003e\n\t\t\t\u003c/div\u003e\n\t\t\u003c/div\u003e\n\t\t \u003c!-- Video 3 --\u003e\n\t\t\u003cdiv class=\"card\"\u003e\n\t\t\t\u003cdiv class=\"video-container\"\u003e\n\t\t\t\t\u003cdiv class=\"wistia_responsive_padding\" style=\"padding:125% 0 0 0;position:relative;\"\u003e\n\t\t\t\t\t\u003cdiv class=\"wistia_responsive_wrapper\" style=\"height:100%; left:0; position:absolute; top:0; width:100%;\"\u003e\n\t\t\t\t\t\t\u003ciframe src=\"https://fast.wistia.net/embed/iframe/rzq41fdmxu?web_component=true\u0026amp;seo=false\" title=\"Fortinet - Ken Xie - The Best Architecture\" allow=\"autoplay; fullscreen\" allowtransparency=\"true\" frameborder=\"0\" scrolling=\"no\" class=\"wistia_embed\" name=\"wistia_embed\" width=\"100%\" height=\"100%\"\u003e\n\t\t\t\t\t\t\u003c/iframe\u003e\n\t\t\t\t\t\u003c/div\u003e\n\t\t\t\t\u003c/div\u003e\n\t\t\t\t\u003cscript src=\"https://fast.wistia.net/player.js\" async=\"\"\u003e\n\t\t\t\t\u003c/script\u003e\n\t\t\t\u003c/div\u003e\n\t\t\t\u003cdiv class=\"card-body\" style=\"margin-top: 20px;\"\u003e\n\t\t\t\t\u003ch3 data-mutiny=\"true\"\u003eThe Best Architecture\u003c/h3\u003e\n\t\t\t\t\u003cp class=\"card-text\"\u003eNetwork architectures vary, but when it comes to architecting for networking and cybersecurity, there's only one posture that stands out. In this video Ken explains the thinking behind Fortinet's architecture.\u003c/p\u003e\n\t\t\t\u003c/div\u003e\n\t\t\u003c/div\u003e\n\t\u003c/div\u003e\n\u003c/div\u003e\n\u003c!-- New video section --\u003e\n\u003cdiv class=\"new-container\"\u003e\n\t\u003cdiv class=\"grid-3col\"\u003e\n\t\t \u003c!-- Video 1 --\u003e\n\t\t\u003cdiv class=\"card\"\u003e\n\t\t\t\u003cdiv class=\"video-container\"\u003e\n\t\t\t\t\u003cdiv class=\"wistia_responsive_padding\" style=\"padding:125% 0 0 0;position:relative;\"\u003e\n\t\t\t\t\t\u003cdiv class=\"wistia_responsive_wrapper\" style=\"height:100%;left:0;position:absolute;top:0;width:100%;\"\u003e\n\t\t\t\t\t\t\u003ciframe src=\"https://fast.wistia.net/embed/iframe/08unt6903u?web_component=true\u0026amp;seo=false\" title=\"Fortinet - Ken Xie - The ASIC Advantage\" allow=\"autoplay; fullscreen\" allowtransparency=\"true\" frameborder=\"0\" scrolling=\"no\" class=\"wistia_embed\" name=\"wistia_embed\" width=\"100%\" height=\"100%\"\u003e\n\t\t\t\t\t\t\u003c/iframe\u003e\n\t\t\t\t\t\u003c/div\u003e\n\t\t\t\t\u003c/div\u003e\n\t\t\t\t\u003cscript src=\"https://fast.wistia.net/player.js\" async=\"\"\u003e\n\t\t\t\t\u003c/script\u003e\n\t\t\t\u003c/div\u003e\n\t\t\t\u003cdiv class=\"card-body\" style=\"margin-top: 20px;\"\u003e\n\t\t\t\t\u003ch3 data-mutiny=\"true\"\u003eThe ASIC Advantage\u003c/h3\u003e\n\t\t\t\t\u003cp class=\"card-text\"\u003eAchieving the performance, scale, and simplicity needed for a converged networking and security architecture required a new way of thinking about hardware. Fortinet's in-house designed ASICs now deliver an unbeatable market advantage.\u003c/p\u003e\n\t\t\t\u003c/div\u003e\n\t\t\u003c/div\u003e \n\t\t \u003c!-- Video 2 --\u003e\n\t\t\u003cdiv class=\"card\"\u003e\n\t\t\t\u003cdiv class=\"video-container\"\u003e\n\t\t\t\t\u003cdiv class=\"wistia_responsive_padding\" style=\"padding:125% 0 0 0;position:relative;\"\u003e\n\t\t\t\t\t\u003cdiv class=\"wistia_responsive_wrapper\" style=\"height:100%; left:0; position:absolute; top:0; width:100%;\"\u003e\n\t\t\t\t\t\t\u003ciframe src=\"https://fast.wistia.net/embed/iframe/88wfs1ttu0?web_component=true\u0026amp;seo=false\" title=\"Fortinet - Ken Xie - One OS for All Network Security\" allow=\"autoplay; fullscreen\" allowtransparency=\"true\" frameborder=\"0\" scrolling=\"no\" class=\"wistia_embed\" name=\"wistia_embed\" width=\"100%\" height=\"100%\"\u003e\n\t\t\t\t\t\t\u003c/iframe\u003e\n\t\t\t\t\t\u003c/div\u003e\n\t\t\t\t\u003c/div\u003e\n\t\t\t\t\u003cscript src=\"https://fast.wistia.net/player.js\" async=\"\"\u003e\n\t\t\t\t\u003c/script\u003e\n\t\t\t\u003c/div\u003e\n\t\t\t \u003cdiv class=\"card-body\" style=\"margin-top: 20px;\"\u003e\n\t\t\t\t\u003ch3\u003eOne Operating System\u003c/h3\u003e\n\t\t\t\t\u003cp class=\"card-text\"\u003eIn addition to designing a family of ASICs, Ken developed a new operating system capable of handling all of the security functionality the network needed: FortiOS.\u003c/p\u003e\n\t\t\t\u003c/div\u003e\n\t\t\u003c/div\u003e\n\t\t \u003c!-- Video 3 --\u003e\n\t\t\u003cdiv class=\"card\"\u003e\n\t\t\t\u003cdiv class=\"video-container\"\u003e\n\t\t\t\t\u003cdiv class=\"wistia_responsive_padding\" style=\"padding:125% 0 0 0;position:relative;\"\u003e\n\t\t\t\t\t\u003cdiv class=\"wistia_responsive_wrapper\" style=\"height:100%; left:0; position:absolute; top:0; width:100%;\"\u003e\n\t\t\t\t\t\t\u003ciframe src=\"https://fast.wistia.net/embed/iframe/sxda60khon?web_component=true\u0026amp;seo=false\" title=\"Fortinet - Ken Xie - The Long View on SASE\" allow=\"autoplay; fullscreen\" allowtransparency=\"true\" frameborder=\"0\" scrolling=\"no\" class=\"wistia_embed\" name=\"wistia_embed\" width=\"100%\" height=\"100%\"\u003e\n\t\t\t\t\t\t\u003c/iframe\u003e\n\t\t\t\t\t\u003c/div\u003e\n\t\t\t\t\u003c/div\u003e\n\t\t\t\t\u003cscript src=\"https://fast.wistia.net/player.js\" async=\"\"\u003e\n\t\t\t\t\u003c/script\u003e\n\t\t\t\u003c/div\u003e\n\t\t\t\u003cdiv class=\"card-body\" style=\"margin-top: 20px;\"\u003e\n\t\t\t\t\u003ch3 data-mutiny=\"true\"\u003eThe Long View on SASE\u003c/h3\u003e\n\t\t\t\t\u003cp class=\"card-text\"\u003eSASE is a combination of technologies for secure internet, SaaS, and private cloud access. Fortinet delivers all SASE capabilities from FortiOS, easing integration and management, and delivering ASIC-enabled performance.\u003c/p\u003e\n\t\t\t\u003c/div\u003e\n\t\t\u003c/div\u003e\n\t\u003c/div\u003e\n\u003c/div\u003e","custom":false,"tag":"section","replace_classes":false,"render_only_once":false},"content_hash":null,"condition":null,"resource_id":"694d4418-f1c0-45cd-be5c-cd07f58fe723","custom_javascript":null,"personalization_type":"modification"}],"questionnaire":null,"component_stylesheet_id":null,"data_dependencies":["user.random","query.utm_content"],"custom_javascript":null,"custom_css":null,"condition":null}]}],"dom_events":[{"selector":"form","event_type":"conversion","listener_type":"submit","conversion_configuration_id":"2d1597c7-be28-493c-93ec-f615b260999d","url_host":null,"url_path":null,"url_condition":{"attribute":"url_path","value":"/","and":[],"or":[],"comparator":"includes","filter":null,"aggregation":null}},{"selector":null,"event_type":"conversion","listener_type":"hubspot","conversion_configuration_id":"91397073-b6b2-488e-b231-ba627114afd0","url_host":null,"url_path":null,"url_condition":{"attribute":"url_path","value":"/","and":[],"or":[],"comparator":"includes","filter":null,"aggregation":null}},{"selector":null,"event_type":"conversion","listener_type":"calendly","conversion_configuration_id":"7c521f0d-ca9e-4df0-928b-5115e45bb7bd","url_host":null,"url_path":null,"url_condition":{"attribute":"url_path","value":"/","and":[],"or":[],"comparator":"includes","filter":null,"aggregation":null}},{"selector":null,"event_type":"conversion","listener_type":"drift","conversion_configuration_id":"bec31102-cd5d-4db3-a745-46c7f3b4090e","url_host":null,"url_path":null,"url_condition":{"attribute":"url_path","value":"/","and":[],"or":[],"comparator":"includes","filter":null,"aggregation":null}},{"selector":null,"event_type":"conversion","listener_type":"page_view","conversion_configuration_id":"07b45d5a-7d0f-459a-baec-c4597c8d4d6c","url_host":"global.fortinet.com","url_path":"/e/DefaultFormSubmitConfirmation.aspx","url_condition":null}],"component_stylesheets":[{"id":"6eb14cac-db8c-465e-8a7a-32248a9e1ebc","target":"modal","stylesheet":"/*\n Example styles are included here for common changes you may want to make.\n You can uncomment these lines to try them out by removing the surrounding /* tokens.\n This can be done quickly using Cmd+/ on MacOS or Ctrl+/ on Windows.\n*/\n\n/* Font styles */\n.mutiny-modal * {\n /* font-family: 'Courier New', Courier, monospace; */\n}\n\n/* Close button styles */\n.mutiny-modal .mutiny-close {\n /* display: none; */\n}\n\n/* Title styles */\n.mutiny-modal .mutiny-title {\n /* font-style: italic; */\n /* color: #AA00FF; */\n}\n\n/* Description styles */\n.mutiny-modal .mutiny-description {\n /* font-size: 20px; */\n /* color: darkgray; */\n}\n\n/* Button styles */\n.mutiny-modal .mutiny-button {\n /* font-size: 24px; */\n /* margin-bottom: 16px; */\n}\n\n/* Primary color button background color styles*/\n.mutiny-modal .mutiny-button:not(.mutiny-secondary):not(.mutiny-transparent) \u003e div:first-child::before {\n /* background-color: #AA00FF; */\n}\n\n/* Outlined button styles */\n.mutiny-modal .mutiny-button.mutiny-secondary {\n /* color: #AA00FF; */\n /* border: 1px solid #AA00FF; */\n}\n\n/* Input styles */\n.mutiny-modal .mutiny-input input {\n /* font-size: 24px; */\n /* color: #AA00FF; */\n /* border-bottom: 1px solid #EEEEEE; */\n}\n\n/* Input underline color styles (when selected) */\n.mutiny-modal .mutiny-input::after {\n /* background: #AA00FF; */\n}\n"},{"id":"313d129c-f5ab-4b60-90ca-6f8aac09eee5","target":"sidepop","stylesheet":"/*\n Example styles are included here for common changes you may want to make.\n You can uncomment these lines to try them out by removing the surrounding /* tokens.\n This can be done quickly using Cmd+/ on MacOS or Ctrl+/ on Windows.\n*/\n\n/* Font styles */\n.mutiny-sidepop * {\n /* font-family: 'Courier New', Courier, monospace; */\n}\n\n/* Title styles */\n.mutiny-sidepop .mutiny-title {\n /* font-size: 32px; */\n /* color: #AA00FF; */\n}\n\n/* Description styles */\n.mutiny-sidepop .mutiny-description {\n /* font-size: 20px; */\n /* color: #777777; */\n}\n\n/* Button styles */\n.mutiny-sidepop .mutiny-button {\n /* margin-bottom: 16px; */\n /* border-radius: 10px; */\n /* height: 40px; */\n}\n\n/* Primary color button background styles */\n.mutiny-sidepop .mutiny-button:not(.mutiny-secondary) \u003e div:first-child::before {\n /* background-color: #f0f0f0; */\n}\n\n/* Outlined button styles */\n.mutiny-sidepop .mutiny-button.mutiny-secondary {\n /* color: #AA00FF; */\n /* border: 1px solid #AA00FF; */\n}\n\n/* Anchor button styles */\n.mutiny-sidepop .mutiny-sidepop-button {\n /* background-color: #AA00FF; */\n}\n\n/* Anchor button carrot (when open) */\n.mutiny-sidepop .mutiny-sidepop-button::before {\n /* border-color: transparent transparent #AA00FF transparent; */\n}\n\n/* Anchor button carrot (when closed) */\n.mutiny-sidepop .mutiny-sidepop-button::after {\n /* border-color: #AA00FF transparent transparent transparent; */\n}"}],"blocks":{},"style_tokens":{},"metadata":{"iteration_id":"528749b4-a4a1-4bd8-96a6-5fef30554820"}}