A critical authentication bypass flaw affecting Fortinet’s FortiOS, FortiProxy, and FortiSwitchManager appliances now has proof-of-concept exploit code available. Attackers can get around the authentication process on the administrative interface of FortiGate firewalls, FortiProxy web proxies, and FortiSwitch Manager (FSWM) on-premise management instances thanks to this security flaw (CVE-2022-40684). Last Thursday, Fortinet released security updates to… Continue reading Critical Fortinet auth bypass bug has an exploit available; apply the patch now
Tag: fortinet
Cloud Web Application and API Protection Magic Quadrant
The market for protecting cloud web applications and APIs is expanding quickly. You can use this Magic Quadrant to find cloud WAAP providers that provide simple controls and specialised defences against sophisticated bots and changing API attacks.Planning assumptions for the futureCloud web application and API protection platform (WAAP) services over WAAP appliances and IaaS-native WAAP… Continue reading Cloud Web Application and API Protection Magic Quadrant
Voice of the Customer: Web Application and API Protection, Gartner Peer Insights
What is API and Web Application Protection?Web application and API protection (WAAP), according to Gartner, is the evolution of the web application firewall (WAF) market, which now includes four core features in addition to WAF: distributed denial of service (DDoS) defence, bot management, and API defence. Beginning with cloud-delivered WAF services that were simpler to… Continue reading Voice of the Customer: Web Application and API Protection, Gartner Peer Insights