Fortinet data breach September 2024

mountainbiker · 2024-09-12T21:02:27.575Z

I haven’t jumped on their bandwagon so far (PA since 2013 when 3020’s came on the scene) and the latest breach gives me additional pause.

DarkBrewer · 2024-09-12T21:19:12.316Z

I wouldn’t jump on their bandwagon either for a few reasons (cost primarily) however it’s JuSt customer data. Who doesn’t lose that anymore? They claim it didn’t impact the product in any way so as long as that’s true, it more like the same old… Here’s your year of free monitoring, bla bla bla.

merlinyoda · 2024-09-16T21:22:06.088Z

At this point, data breaches occurring aren’t automatically a negative reflection on a company. Repeated and regular breaches could be, but not any given breach by itself. As any company grows and gets an exceedingly larger target on their back, they have to get everything right all the time to successfully defend against a breach ever occurring whereas the malicious actors only have to exploit one small (and potentially unknown) vulnerability once to be successful.

What is a key reflection of a company regarding data breaches is how readily they become aware of a given breach and how communicative they are of what information was potentially exposed. The more communicative they are, the more prepared their customers can be.

adrian_ych · 2024-09-17T06:25:35.899Z

mountainbiker:

I haven’t jumped on their bandwagon so far (PA since 2013 when 3020’s came on the scene) and the latest breach gives me additional pause.

But then the data is stored in Sharepoint, hosted by Azure ?? So who to blame ?

waltereaton · 2024-09-18T02:16:32.941Z

Fortigate: for IT depts that still don’t get endpoint security.

I just retired a 100D for a company. Dont get me started on what Fortigate wanted for just firmware patches.

The OPNsense box they have running in the meantime is like light years superior.

merlinyoda · 2024-09-18T23:10:05.218Z

You can’t get “just firmware patches” as a support option with a FortiGate. Firmware patches are included alongside whatever service/support subscription package you get. Pretty much all proprietary next-generation firewalls utilize continually updating definitions as part of their advanced threat prevention capabilities and include firmware updates as a part of that subscription alongside all the other updates.

Comparing an open source solution with one-time hardware costs with a more subscription-based proprietary solution with regards to firewalls is an apples-to-oranges comparison.

waltereaton:

Fortigate: for IT depts that still don’t get endpoint security.

Sorry, but this comes off as being a bit technologically elitist. Also, FortiGates constitute a notable share of the NGFW market so they must be doing something right if companies large and small are using them. As far as endpoint security is concerned, FortiNet offers separate solutions for that like FortiClient and FortiEDR.

dwhipps · 2024-09-19T15:16:06.203Z

The failure was on Fortinet’s part, as the only known tenant compromised was Fortinet’s. If it had been a hack of Microsoft’s platform, it wouldn’t be just one specific organization’s tenant.

spoonman · 2024-09-28T10:34:34.357Z

waltereaton:

I just retired a 100D for a company. Dont get me started on what Fortigate wanted for just firmware patches.

FYI if you have an active account on their support portal (FortiCloud), you can download firmware for any of their devices. Of course you don’t get all the fruit that comes with an active subscription, but I have been running an old unit for years in my home lab without a subscription and regularly update it despite that model not being linked on my company portal. I just updated it to 7.4.5 last week after seeing news of this breach.