• CERTIFICATE
    • Eminent VARs of India
    • Best OEM 2023
  • SYNDICATION
    • AMD
    • DELL TECHNOLOGIES
    • HITACHI
    • LOGMEIN
    • MICROSOFT
    • RIVERBED
    • STORAGECRAFT
    • THALES
  • EVENTS
  • GO DIGITAL
  • INFOGRAPHICS
  • PRESS
    • Press Release PR News Wire
    • Press Release Business Wire
    • GlobeNewsWire
  • SPECIAL
    • WHITE PAPER
    • TECHNOMANIA
    • SME
    • SMART CITY
    • SERVICES
    • EDITOR SPEAK
    • CSR INITIATIVES
    • CHANNEL GURU
    • CHANNEL CHIEF
    • CASE STUDY
  • TECHTREND
    • VAR PANCHAYAT
    • TELECOM
    • SOFTWARE
    • POWER
    • PERIPHERALS
    • NETWORKING
    • LTE
    • CHANNEL BUZZ
    • ASK AN EXPERT
  • SUBSCRIBE
  • Apps
  • Gaming
  • KDS
  • Security
  • Telecom
  • WFH
  • Subscriber to Newsletter
  • April Issue
  • Blogs
  • Vlogs
  • Faceoff AI
    

HOME
NEWS

Fortinet reiterates its commitment to CISA’s Secure by Design pledge


By VARINDIA - 2024-05-15
Fortinet reiterates its commitment to CISA’s Secure by Design pledge

Fortinet has announced that it is building on the company’s long-standing commitment to responsible radical transparency as an early signer of the Secure by Design pledge developed by the Cybersecurity and Infrastructure Security Agency (CISA). This voluntary industry pledge complements and builds on existing Fortinet software security best practices, including those developed by CISA, NIST, other federal agencies, and international and industry partners. The pledge outlines seven goals, including responsible vulnerability disclosure policies, which are already an integral part of Fortinet’s product security development.

 

CISA’s latest initiative strongly aligns to Fortinet’s existing product development processes already based on Secure by Design and Secure by Default principles. Fortinet is committed to adhering to robust product security scrutiny at all stages of the product development lifecycle, helping to ensure that security is designed into each product from inception all the way through to end of life, in the following ways -

 

● Secure Product Development Lifecycle (SPDLC): Fortinet aligns its processes in accordance with leading standards, including NIST 800-53, NIST 800-161, NIST 800-218, US EO 14028, and UK Telecom Security Act.

● Robust Security Product Testing: Fortinet leverages tools and techniques such as static application security testing (SAST) and software composition analysis built into its build processes, dynamic application security testing (DAST), vulnerability scanning, and fuzzing prior to each release, as well as penetration testing and manual code audits.

● Trusted Supplier Program: To ensure rigorous selection and qualification of its major manufacturing partners, Fortinet adheres to NIST 800-161: Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations. Fortinet’s commitment to data privacy and security is embedded in every part of the company’s business and in every phase of the product development, manufacturing, and delivery processes.

● Information Security Program: The Fortinet Information Security Program is based on and aligned with industry-leading security standards and frameworks including ISO 27001/2, ISO 27017 and 27018, and NIST 800-53, as well as data privacy regulations such as GDPR and CCPA.

● Third-Party Certifications: Fortinet products are regularly certified to standard and validated through third-party product quality standards, including NIST FIPS 140-2 and NIAP Common Criteria NDcPP / EAL4+.

 

Additionally, the Fortinet Product Security Incident Response Team (PSIRT) is responsible for maintaining security standards for Fortinet products and operates one of the industry’s most robust PSIRT programs, including proactively and transparently disclosing vulnerabilities. Nearly 80% of Fortinet vulnerabilities discovered in 2023 were identified internally through the company’s rigorous auditing process. This proactive approach enables fixes to be developed and implemented before malicious exploitation can occur. Fortinet works with its customers, independent security researchers, consultants, industry organizations, and other vendors to accomplish the company’s PSIRT mission.

 

“At Fortinet, we have a long-standing commitment to being a role model in ethical and responsible product development and vulnerability disclosure. As part of this dedication, Fortinet has proactively aligned to international and industry best practices and upholds the highest security standards in every aspect of our business. We applaud CISA’s continued call to the industry to follow suit and appreciate CISA’s willingness to collaborate with Fortinet on the development of these important goals. We strongly encourage others in the technology community to join this effort to keep organizations secure,” says Jim Richberg, Head of Cyber Policy and Global Field CISO - Fortinet.

 

To further advance its dedication to a culture of responsible radical transparency, Fortinet has a long-standing commitment to public and private partnerships that align to its mission, including -

● As a founding member of the Network Resilience Coalition, Fortinet is helping deliver real-world solutions to protect networks and sensitive data, including addressing the issue of software and hardware updates and patches not being implemented.

● Through its membership with the Joint Cyber Defense Collaborative (JCDC), which was established by CISA in 2021, Fortinet works with public and private entities to gather, analyze, and share actionable information to more proactively protect and defend against cyberthreats.

● As a founding member of the Cyber Threat Alliance (CTA), Fortinet shares timely threat intelligence with other cybersecurity practitioners to better protect customers against adversaries.

● Working with global leaders as a founding member of the World Economic Forum’s Centre for Cybersecurity (C4C), Fortinet is helping to encourage intelligence sharing across the industry to reduce global cyberattacks and disrupt cybercrime.

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Zscaler announces AI innovations to its Data Protection Platform
Technology

Zscaler announces AI innovations to its Data Protection Platform

by VARINDIA 2024-05-20
SHIELD to enhance Swiggy’s fraud prevention and detection capabilities
Technology

SHIELD to enhance Swiggy’s fraud prevention and detection capabilities

by VARINDIA 2024-05-20
Axis Communications announces its first thermometric camera designed for Zone/Division 2
Technology

Axis Communications announces its first thermometric camera designed for Zone/Division 2

by VARINDIA 2024-05-20
SOFTWARE
View All
Hitachi Vantara and Veeam announce Global Strategic Alliance
Technology

Hitachi Vantara and Veeam announce Global Strategic Alliance

by VARINDIA 2024-05-16
Adobe launches Acrobat AI Assistant for the Enterprise
Technology

Adobe launches Acrobat AI Assistant for the Enterprise

by VARINDIA 2024-05-11
Oracle Database 23ai offers the power of AI to Enterprise Data and Applications
Technology

Oracle Database 23ai offers the power of AI to Enterprise Data and Applications

by VARINDIA 2024-05-10
START - UP
View All
Data Subject Access Request is an integrated module within ID-REDACT®
Technology

Data Subject Access Request is an integrated module within ID-REDACT®

by VARINDIA 2024-04-30
SiMa.ai Secures $70M Funds from Maverick Capital
Technology

SiMa.ai Secures $70M Funds from Maverick Capital

by VARINDIA 2024-04-05
Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure
Technology

Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure

by VARINDIA 2024-02-08

Tweets From @varindiamag

Nothing to see here - yet

When they Tweet, their Tweets will show up here.

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
GoDaddy harnesses AI power for new domain name recommendations

GoDaddy harnesses AI power for new domain name recommendations

by VARINDIA
UAE’s du Telecom selects STL as a strategic fibre partner

UAE’s du Telecom selects STL as a strategic fibre partner

by VARINDIA
JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

by VARINDIA
Rapyder partners with AWS to accelerate Generative AI led innovation

Rapyder partners with AWS to accelerate Generative AI led innovation

by VARINDIA
ManageEngine integrates its SIEM solution with Constella Intelligence

ManageEngine integrates its SIEM solution with Constella Intelligence

by VARINDIA
Elastic replaces traditional SIEM game with AI-driven security analytics

Elastic replaces traditional SIEM game with AI-driven security analytics

by VARINDIA
Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

by VARINDIA
Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

by VARINDIA
Dassault Systèmes to accelerate EV charging infrastructure development in India

Dassault Systèmes to accelerate EV charging infrastructure development in India

by VARINDIA
Tech Mahindra and Atento to deliver GenAI powered business transformation services

Tech Mahindra and Atento to deliver GenAI powered business transformation services

by VARINDIA
×

Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.

  • Distributors & VADs
  • Industry Associations
  • Telco's in India
  • Indian Global Leaders
  • Edit Calendar
  • About Us
  • Advertise Us
  • Contact Us
  • Disclaimer
  • Privacy Statement
  • Sitemap

Copyright varindia.com @1999-2024 - All rights reserved.