Description
Fortinet PSIRT Team has made extensive changes to the PSIRT Process in recent months and this documents the changes and how customers can receive updated on product vulnerabilities.
FortiGuard Website.
All Vulnerabilities are posted on the FortiGuard Web site (https://www.fortiguard.com/psirt) according to the Fortinet PSIRT Policy (https://www.fortiguard.com/psirt_policy).
Solution
Monthly Advisory Process.
In line with the Fortinet PSIRT Policy (https://www.fortiguard.com/psirt_policy), all vulnerabilities up to and including high severity are posted on the first Tuesday of the month, allowing for a consistent cadence when it comes to addressing issues. All Critical Severity issues will be addressed via an out of cycle advisory as required.
How do I get notified of vulnerabilities?
There are multiple methods for being proactively notified of vulnerabilities.
RSS Feed (https://www.fortiguard.com/rss/ir.xml) – Real time feed with links to all the vulnerabilities for notification in the
chosen RSS Reader.
Email (https://support.fortinet.com).
Register for the Monthly Advisory Notification via the Organization Master Support account.
- Log into the support account and select the account name at the top right of the support portal and select My Account
- Select -> My Account => Account Preferences.
- In the PSIRT Contact field and enter the required PSIRT contacts separated by a comma, semicolon or whitespace.
Note that mail will be received from the following address.
From: Fortinet <noreply@fortinetpm.com>.
From: Fortinet <noreply@fortinetpm.com>.
Example Monthly PSIRT Advisory.
