Follow on Twitter using the following hashtags or usernames: #XFD15
Watch on YouTube
Watch on Vimeo
Chris Hinsz, Senior Director of Product and Solutions at Fortinet, emphasized the company’s evolution beyond its traditional reputation as a firewall vendor, highlighting a broad portfolio that encompasses secure networking, SASE solutions, and AI-driven security operations. Central to this strategy is a platform-centric philosophy built upon a single, unified operating system, FortiOS. This common foundation enables native information sharing across the security stack, preventing the fragmented understanding that often occurs when organizations manage disparate security products.
By leveraging FortiOS as the underlying engine for its entire product line, Fortinet aims to simplify technology adoption for its customers. Hinsz explained that this approach allows users to seamlessly migrate to new architectural shifts–such as transitioning from traditional firewalls to SD-WAN or incorporating SASE–without needing to overhaul their existing hardware or struggle with entirely new management interfaces. Because these features are built directly into the familiar FortiOS environment, customers can often activate new capabilities through updates rather than undergoing costly, complex product replacements.
Beyond its internal portfolio, Fortinet also facilitates integration through an ecosystem of partners and the Fortinet Developers Network, which provides full API access to help ensure that new or niche technologies can interface with the core platform. By prioritizing simplicity and consistency, Fortinet seeks to harmonize policies and security operations across both on-premises and remote environments. Ultimately, the company aims to provide a unified security fabric that allows organizations to adapt to rapidly evolving technologies while maintaining a cohesive and manageable security posture.
Personnel: Chris Hinsz
Watch on YouTube
Watch on Vimeo
Wei Ling Neo, a product manager at Fortinet, presented an overview of the company’s evolving strategy to address the challenges posed by quantum computing and the rapid rise of “Shadow AI” within enterprise environments. As the anticipated timeline for Q Day–the point at which quantum computers will be capable of breaking existing encryption standards–continues to shift earlier, moving toward 2029 or 2030, Fortinet has been aggressively updating its FortiOS platform. The company has moved from early implementations of Quantum Key Distribution (QKD) in version 7.2 to robust support for standardized Post-Quantum Cryptography (PQC) algorithms, such as ML-KEM and ML-DSA, in its latest 8.0 release.
The technical implementation of these security measures focuses on securing the “plumbing” of the network, particularly IPsec VPN tunnels, which are critical for enterprise connectivity. Neo explained that Fortinet leverages software-based implementations for the key exchange mechanisms to allow for flexibility and stacking of algorithms, which is essential for protecting against potential vulnerabilities in newer, less-tested standards. While the initial key exchange phase sees some performance impact during tunnel setup, bulk encryption and decryption tasks remain offloaded to Fortinet’s proprietary ASICs, ensuring that overall network performance remains high even as organizations transition to quantum-safe protocols.
Beyond quantum security, the presentation addressed the burgeoning crisis of Shadow AI, where unauthorized AI agents and Large Language Models (LLMs) operate within corporate networks, creating significant data leakage and compliance risks, especially under frameworks like the EU AI Act. Fortinet has expanded its visibility capabilities to monitor agent-to-agent (A2A) communications and Model Context Protocol (MCP) servers, allowing security teams to identify, audit, and sanction or block specific AI tools used by employees. By correlating user information with these AI functions, Fortinet aims to provide organizations with the granular reporting and control necessary to manage AI adoption without sacrificing security or productivity.
Personnel: Wei Ling Neo
Watch on YouTube
Watch on Vimeo
Wei Ling Neo discusses the evolving landscape of “Shadow AI” and the critical regulatory pressures facing modern enterprises. A central theme of the presentation is the upcoming enforcement of the EU AI Act, which carries massive financial penalties of up to €35 million or 7% of global revenue for non-compliance. While Fortinet previously focused on basic visibility and Data Loss Prevention (DLP) for generative AI applications, such as catching AWS access tokens pasted into prompts, the strategy has now shifted toward deeper inspection of the entire AI ecosystem. This includes monitoring Large Language Models (LLMs), AI agents, and Model Context Protocol (MCP) servers to provide a granular view of how data moves between users and autonomous agentic systems.
The presentation highlights new capabilities within FortiOS 8.0 that allow the FortiGate firewall to act as a primary inspection point for AI-driven traffic. By decoding protocols like WebSockets and MCP, Fortinet can now identify specific AI functions, such as when an agent like VS Code or Cursor attempts to list files, summarize code repositories, or check in new code to GitHub. This “Agent-to-Agent” (A2A) visibility ensures that even if developers use sophisticated desktop clients rather than web browsers, the security team can still see which models are being used and what data is being manipulated. The system also supports distinguishing between corporate and personal AI accounts by mapping user identity to session activity, allowing organizations to sanction authorized enterprise tools while blocking or monitoring risky, unsanctioned alternatives.
Beyond simple blocking, the session emphasizes the importance of a coordinated security fabric that includes endpoints and centralized reporting. Neo explains that while a firewall might offer a “deny” response, an integrated endpoint client like FortiClient can provide “user coaching” to explain why a specific AI action was restricted. To manage this at scale, FortiAnalyzer now includes dedicated Shadow AI reports that aggregate logs into a high-level overview, helping security teams discover new agents and transition them through the sanctioning process without disrupting developer workflows. Although some challenges remain–such as inspecting activity that stays entirely within a third-party SaaS environment like Salesforce–the presentation underscores Fortinet’s commitment to providing deep, transparent visibility into the burgeoning world of AI agents and their underlying communication protocols.
Personnel: Wei Ling Neo
Watch on YouTube
Watch on Vimeo
Max Zeumer, Director of Products and Solutions for Fortinet’s Security Operations portfolio, outlined the company’s strategic shift toward a unified, platform-centric approach designed to simplify the increasingly complex cybersecurity landscape. As organizations struggle with a fragmented collection of independent tools–such as SIEM, EDR, and SOAR–and face a deluge of high-speed threats, they often encounter critical blind spots and inefficient, siloed workflows. Fortinet’s vision for its Security Operations Center (SOC) offering aims to address these challenges by providing a single, interconnected platform that integrates native threat intelligence, automation, and AI-driven capabilities to streamline incident response and threat detection across various organizational maturity levels.
To meet customers wherever they are in their cybersecurity journey, Fortinet has designed its portfolio to be flexible and purpose-built for different operational models, ranging from small, lean teams to large enterprises. By adopting a tiered framework, organizations can start with a turnkey, out-of-the-box solution and progressively expand into advanced orchestration, automation, and AI-powered playbooks as their needs evolve. Additionally, Fortinet offers managed SOC services, where human experts leverage the same underlying technology to provide 24/7 monitoring and investigation, offering a vital support layer for companies that may lack the internal resources or time to manage complex security configurations independently.
The core of this evolution is the introduction of FortiSOC, a cloud-delivered platform that consolidates formerly discrete products–such as FortiAnalyzer, FortiSIEM, FortiSOAR, and FortiXDR–into a single user experience powered by agentic AI. This platform is designed to be highly interoperable, supporting integration with over 700 third-party tools to ensure that organizations can maintain their existing stacks while benefiting from centralized visibility and federated search capabilities. Whether deployed on-premises, in the cloud, or as a hybrid model, Fortinet’s platform-first strategy emphasizes simplicity and scalability, enabling security teams to modernize their operations, lower total cost of ownership, and effectively manage both known and emerging threats through a unified interface.
Personnel: Max Zeumer
Watch on YouTube
Watch on Vimeo
Hari Krishnan, Director of Product and Solutions at Fortinet, highlighted the company’s strategic push to unify endpoint security by consolidating previously disparate tools into a single, comprehensive platform. As organizations increasingly struggle with agent fatigue, or managing multiple, disconnected agents for VPN, ZTNA, endpoint protection (EPP), and EDR. Fortinet addresses this complexity through the FortiClient-based platform. By providing a common agent, a single management console, and a simplified licensing structure, the solution allows customers to streamline their security infrastructure, reduce operational overhead, and improve their overall security posture through deeper integration with the broader Fortinet Security Fabric.
The platform is designed to support various stages of an organization’s security maturity, whether they are transitioning from legacy VPNs to Zero Trust Network Access (ZTNA) or modernizing their malware and ransomware prevention capabilities. Beyond basic connectivity and protection, the solution integrates critical features such as vulnerability management, device control, and upcoming data leakage protection (DLP) capabilities. This allows security teams to maintain visibility over endpoint health, enforce granular access policies based on real-time device posture, and ensure that security controls are consistently applied across both on-premises and remote environments, ultimately eliminating the “department of no” by providing users with clear, actionable notifications when security requirements are not met.
Integration remains a cornerstone of the Fortinet approach, ensuring that endpoint telemetry is not trapped in a silo but is instead shared across the Security Fabric. By tying endpoint data directly into Fortinet’s SOC platform and SIEM solutions, the platform enables correlated, AI-driven threat detection and incident response that spans the entire network. This unified visibility extends from the individual device level where administrators can drill down into process chains and MITRE ATT&CK mappings during an investigation to the enterprise level, where third-party data ingestion and network-wide telemetry allow for a cohesive and proactive security defense regardless of the specific vendor landscape.
Personnel: Hari Krishnan
Watch on YouTube
Watch on Vimeo
Ramnath Shenai, Director of Products and Solutions at Fortinet, presented an overview of the FortiSASE architecture, highlighting its role in providing consistent, cloud-delivered security across diverse enterprise environments. At the core of the solution is FortiOS, which powers every FortiSASE point-of-presence (POP) globally, ensuring that customers receive the same high-performance security efficacy in the cloud as they do with on-premises FortiGate hardware. This unified approach is bolstered by AI-driven threat intelligence from FortiGuard Labs, and the platform offers an embedded agentic AI tool within the console to help administrators monitor, troubleshoot, and debug their security environments efficiently.
The platform is designed to provide holistic security for any user or device, regardless of how they connect to the corporate network. Through an endpoint agent (FortiClient), remote users benefit from real-time posture checking and continuous ZTNA validation, which provides more granular and dynamic access control than traditional VPNs. For locations or devices that cannot host an agent, FortiSASE supports flexible connection methods, including SD-WAN integration for FortiGate hardware, standard IPsec tunnels for third-party networking equipment, and a unique “thin edge” use case utilizing FortiAPs. Furthermore, to address remote access on BYOD or contractor devices, Fortinet has introduced a secure browser extension that enforces DLP policies and governance over web and GenAI usage without requiring a full endpoint agent.
Data sovereignty and regulatory compliance are integral to the FortiSASE strategy, with options for customers to deploy sovereign POPs within their own environments or leverage geo-fencing to ensure data and logs remain within specific jurisdictions. The platform excels in unification, allowing all access methods, security features, and policy configurations to be managed through a single console and a unified data lake. By integrating with existing corporate classification standards–such as Microsoft Purview–FortiSASE allows organizations to maintain their current security policies while extending them into a cloud-native architecture that protects internet, SaaS, and private application access from a single source of truth.
Personnel: Ramnath Shenai
Thank you for being part of the Tech Field Day community! Our mailing list is a great way to stay up to date on our events and technical content, and we appreciate your signup.
We promise that we’ll never spam you, send ads, or sell your information. This list will only be used to communicate with our community about our events and content. And we’ll limit it to no more than one message per week.
Although we only need your email address, it would be nice if you provided a little more information to help us get to know you better!
