Fortinet FortiNDR Cloud Connector: Migration from Deprecated HTTP Data Collector API to Log Ingestion API with Managed Identity

The Fortinet FortiNDR Cloud Function App connector has been migrated from the deprecated HTTP Data Collector API (using client secret credentials) to the Log Ingestion API using Managed Identity - deployments running the previous version were heading toward a complete ingestion failure as the old API reaches end-of-life. Read More →

Fortinet FortiGate ASIM Auth Parser: Failed and System-Success Login Events Were Silently Dropped

The FortiGate ASIM Authentication parser was silently discarding event:system failed and event:system success log types, creating a blind spot for credential-based attacks and successful system authentications on FortiGate devices. Read More →

Fortinet FortiNDR Cloud Connector: Migration from Deprecated HTTP Data Collector API to Log Ingestion API

The FortiNDR Cloud Function App connector has been fully rewritten to use the Azure Monitor Log Ingestion API, replacing the retired HTTP Data Collector API – deployments still on v3.0.x have had zero ingestion since the legacy API was deprecated. Read More →

Fortinet FortiGate Playbook: Function App Authentication Security Hardening

Playbook Function App authentication level upgraded from anonymous to function-level to close security exposure. Read More →

Function App Security: Access Control Hardening Across Multiple Data Connectors

Function keys now required for HTTP-triggered functions in Zoom, Zscaler, FortiGate, Cofense, Illumio, and Infoblox connectors—removing anonymous access vulnerability. Read More →

Fortinet FortiGate ASIM Authentication Parsers: Schema Version Metadata Correction

Updates schema version metadata from 0.1.3 to 0.1.4 in FortiGate authentication parsers with no functional changes. Read More →

FortiGate ASIM Authentication Parser: New Visibility for Fortinet Administrative Access Events

New ASIM parser adds normalised authentication monitoring for FortiGate administrator login and logout events. Read More →

Fortigate ASIM Parser: Field Name Consistency Fix for Network Session Schema

Field name inconsistencies in Fortigate ASIM parsers corrected to ensure proper schema compliance and data normalization. Read More →

Fortinet FortiNDR Cloud: Security Update Addresses Python Requests CVE-2024-47081

Critical security update patches CVE-2024-47081 netrc credential leak vulnerability in Python requests library. Read More →