Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, has announced significant enhancements to the FortiRecon platform, evolving it into one of the industry’s most comprehensive solutions aligned to the continuous threat exposure management (CTEM) framework. The latest release introduces expanded internal attack surface monitoring, adversary-centric dark web intelligence, and security orchestration, all in a single, unified platform. These enhancements help organisations proactively identify and prioritise real-world exposures, validate risks like an attacker would, and accelerate response, ultimately reducing the likelihood and impact of breaches.

Nirav Shah, senior vice president, products and solutions, Fortinet, said, “Chief information security officers and security teams are overwhelmed by growing attack surfaces and an endless stream of unprioritised alerts. With the latest enhancements to FortiRecon, we’re giving organisations an attacker’s eye view of their internal and external exposures, backed by artificial intelligence-powered threat intelligence from FortiGuard Labs, real-world validation, and automated response. This allows organisations to cut through the noise, focus on what matters most, and measurably reduce risks and vulnerabilities before attackers can exploit them.” 

The announcement comes amid growing demand for exposure-driven security strategies as organisations struggle to manage expanding attack surfaces, alert fatigue, and fragmented security operations. According to Gartner®, “By 2026, organisations prioritising their security investments based on a continuous exposure management program will be three times less likely to suffer from a breach.” (1) 

A Unified Platform for CTEM

FortiRecon, in combination with its strong integration to the Fortinet artificial intelligence (AI)-driven security operations centre (SOC) platform, now delivers capabilities across the five pillars of the Gartner CTEM framework—scoping, discovery, prioritisation, validation, and mobilisation—enabling organisations to operationalise these pillars within a single, tightly integrated platform and drive coordinated remediation efforts across security and IT teams. The latest enhancements include: 

• Attack surface management: Continuously monitors and delivers an adversary’s view of the organisation’s internal and external digital attack surface. The latest release adds National Vulnerability Database severity ratings, in addition to FortiRecon Active Exploitation severity ratings for faster and smarter patching. 
• Adversary-centric intelligence: Provides actionable threat insights from dark web activity, ransomware intelligence, leaked credentials, vulnerabilities being exploited in the wild, and at-risk vendors. Enhancements include bulk indicators of compromise downloads and stealer infection details, accelerating SOC workflows, and improving breach detection. 
• Brand protection: Monitors for domain impersonation, rogue mobile apps, phishing campaigns, and executive targeting. FortiRecon Brand Protection uses proprietary algorithms to monitor, detect, and take down fake phishing domains, brand and executive impersonations, rogue mobile applications on multiple app stores, data leaks in code repos, open bucket exposures, and phishing campaigns, and helps protect executive online presence. 
• Security orchestration: Leverages security orchestration and automated playbooks to investigate and respond to security threat findings. FortiRecon Security Orchestration reduces the time needed for responders to prioritise and take appropriate actions by automating and streamlining security workflows. 

Existing FortiFlex customers may use their FortiFlex credits to deploy FortiRecon Cloud. FortiFlex offers usage-based licensing with the security industry’s broadest catalogue for customers with dynamic hybrid and multi-cloud environments and managed security service providers. When purchased through major cloud marketplaces, FortiFlex can also help customers meet cloud committed spend obligations. 

Industry Recognition and Customer Results

Fortinet was recently named an Overall Leader as well as a Market Leader and Innovation Leader in the KuppingerCole Leadership Compass for Attack Surface Management 2025. The report highlights the operational readiness of FortiRecon with broad support for Center for Internet Security, industrial control systems, Internet of Things, and operational technology environments, and its integrations with the broader Fortinet Security Fabric tools such as FortiGate NGFW, FortiSOAR, FortiSIEM, and FortiDAST. 

Additional Resources

• Learn how FortiRecon can help advance your organisation’s CTEM journey. 
• Visit fortinet.com/trust to learn more about Fortinet innovation, collaboration partners, product security processes, and enterprise-grade products. 
• Learn more about Fortinet’s commitment to product security and integrity, including its responsible product development and vulnerability disclosure approach and policies.  
• Learn about Fortinet’s free cybersecurity training, which includes broad cyber awareness and product training. As part of the Fortinet Training Advancement Agenda, the Fortinet Training Institute also provides training and certification through the Network Security Expert Certification, Academic Partner, and Education Outreach programs. 
• Learn more about FortiGuard Labs threat intelligence and research and Outbreak Alerts, which provide timely steps to mitigate breaking cybersecurity attacks. 
• Learn more about Fortinet’s FortiGuard Security Services portfolio. 
• Read about how Fortinet customers are securing their organisations. 
• Follow Fortinet on X, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube. 

(1) Gartner. How to Manage Cybersecurity Threats, Not Episodes, by Jeremy D’Hoinne. Gartner, 11 Oct. 2023. 

About Fortinet

Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere our customers need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet’s solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. Collaboration with esteemed organisations from both the public and private sectors, including Computer Emergency Response Teams (“CERTS”), government entities, and academia, is a fundamental aspect of Fortinet’s commitment to enhance cyber resilience globally. FortiGuard Labs, Fortinet’s elite threat intelligence and research organisation, develops and utilises leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet blog, and FortiGuard Labs. 

Copyright © 2025 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet’s trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiOS, FortiGuard, FortiCare, FortiAnalyzer, FortiManager, FortiASIC, FortiClient, FortiCloud, FortiCore, FortiMail, FortiSandbox, FortiADC, FortiAgent, FortiAI, FortiAIOps, FortiAntenna, FortiAP, FortiAPCam, FortiAppSec, FortiAuthenticator, FortiBranchSASE, FortiCall, FortiCam, FortiCamera, FortiCarrier, FortiCART, FortiCASB, FortiCentral, FortiCNP, FortiConnect, FortiController, FortiConverter, FortiCSPM, FortiCWP, FortiDAST, FortiDATA, FortiDB, FortiDDoS, FortiDeceptor, FortiDeploy, FortiDevice, FortiDevSec, FortiDLP, FortiEdge, FortiEDR, FortiEndpoint, FortiExplorer, FortiExtender, FortiFirewall, FortiFlex, FortiFone, FortiGSLB, FortiGuest, FortiHypervisor, FortiInsight, FortiIsolator, FortiLAN, FortiLink, FortiMonitor, FortiNAC, FortiNDR, FortiPAM, FortiPenTest, FortiPhish, FortiPoint, FortiPoints, FortiPolicy, FortiPortal, FortiPresence, FortiProxy, FortiRecon, FortiRecorder, FortiSASE, FortiScanner, FortiSDNConnector, FortiSEC, FortiSIEM, FortiSMS, FortiSOAR, FortiSRA, FortiStack, FortiSwitch, FortiTelemetry, FortiTester, FortiToken, FortiTrust, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLM, FortiXDR, Lacework FortiCNAPP, Linksys, Intelligent Mesh, Velop, Max-Stream, Performance Perfected and SECURITY FABRIC. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments.