Fall 2026
Updated on 7/4/2026
Delivers integrated cybersecurity via security fabric
$35 - $45/hr
No H1B Sponsorship
Santa Clara, CA, USA
In Person
On-site internship in Santa Clara, CA. Must be authorized to work in the United States without sponsorship.
Fortinet provides cybersecurity solutions for organizations with an emphasis on integrated security. Its core platform, the Fortinet Security Fabric, ties together firewalls, endpoint protection, intrusion detection, and secure SD-WAN so they share threat intelligence and security policies. The products work by coordinating across networks, endpoints, cloud, and applications through common management and subscription-based services. Fortinet differentiates itself with a broad, interoperable stack that enables centralized policy and visibility across on-premises, remote, and cloud environments, helping customers protect digital assets from a wide range of threats.
Company Size
10,001+
Company Stage
IPO
Headquarters
Sunnyvale, California
Founded
2000
People at Fortinet who can refer or advise you
Help us improve and share your feedback! Did you find this helpful?
Health Insurance
Dental Insurance
Vision Insurance
Life Insurance
Disability Insurance
Health Savings Account/Flexible Spending Account
Unlimited Paid Time Off
Paid Vacation
Paid Sick Leave
Paid Holidays
Hybrid Work Options
401(k) Company Match
Wellness Program
Mental Health Support
Employee & Family Assistance Plan
Company Equity
SUNNYVALE, CA, Nov 23, 2009 (MARKETWIRE via COMTEX News Network) -- Fortinet(R) (NASDAQ: FTNT) -- a provider of network security appliances and unified threat management (UTM) solutions -- today announced that it has closed its previously announced initial public offering of 12,500,000 shares of
CISA warns Fortinet users to secure devices after FortiBleed credential leak. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory asking Fortinet customers to secure their devices following a significant credential leak. As reported by BleepingComputer, nearly 74,000 firewall and VPN credentials were exposed in an incident now being called "FortiBleed." What happened. A large collection of credentials tied to Fortinet firewall and VPN devices was leaked publicly. The dataset, containing close to 74,000 entries, has been dubbed FortiBleed by the security community. CISA responded by publishing guidance urging all affected organizations to treat their Fortinet devices as potentially compromised and take immediate remediation steps. The leak exposes usernames, passwords, and device configuration data that attackers could use to gain unauthorized access to corporate networks. Fortinet devices are widely deployed as perimeter security controls, meaning a successful intrusion through one of these devices can give an attacker a direct path into an organization's internal systems. Why this matters to small teams. Small teams and indie developers often rely on shared or managed infrastructure, VPN appliances, or cloud-hosted firewalls to protect their internal tools, staging environments, and production systems. If your team uses Fortinet products, or if your hosting provider or managed service provider does, your network perimeter may be at risk even if you did not configure the device yourself. Run the exact check on your domain. See your security score, grade, and a breakdown of what's exposed. Free. Takes under 2 minutes. Credential leaks of this scale are particularly dangerous because attackers can automate login attempts across all exposed entries within hours of a leak becoming public. A valid set of VPN credentials is often all an attacker needs to bypass your entire security stack and land directly on your internal network. From there, lateral movement to databases, source code repositories, or customer data becomes straightforward. Even if you do not run Fortinet hardware yourself, third-party suppliers and vendors who serve you might. A breach in their perimeter can create exposure in your own systems through shared access, API integrations, or trust relationships. This is the kind of indirect risk that solo founders and small startups frequently overlook. How to stay protected. * Inventory your Fortinet devices. Check whether your team or your infrastructure provider uses any Fortinet firewalls, FortiGate appliances, or FortiVPN products. If you are unsure, ask your hosting or managed service provider directly. * Rotate all Fortinet credentials immediately. If you have any Fortinet device in your environment, treat all existing passwords as compromised. Change administrative passwords and any VPN user credentials without delay. * Enable multi-factor authentication on VPN access. Passwords alone are not sufficient protection. If your Fortinet VPN supports MFA, enable it now for all users. This limits the damage from any future credential exposure. * Review device access logs. Look for unexpected login attempts, unusual source IP addresses, or access at odd hours. Signs of unauthorized access may already be present if your credentials were included in the leaked dataset. * Apply all available firmware and security patches. Keep Fortinet devices updated to the latest supported firmware version. Check the Fortinet PSIRT advisory page and the CISA known exploited vulnerabilities catalog for any related guidance. * Audit third-party and vendor access. If suppliers or contractors have VPN access to your systems, review whether their credentials and devices are also covered. Revoke any access that is no longer needed. How UNPWNED helps. UNPWNED scans your public-facing web properties for exposed configuration data, insecure headers, and other signals that indicate a misconfigured or poorly hardened environment. While its scanner does not directly test VPN appliances or firewall credentials, it can surface exposed admin panels, insecure authentication endpoints, and missing security controls that attackers commonly target after gaining initial network access through a compromised perimeter device. Running a scan after an incident like FortiBleed helps you verify that your web layer is not adding additional exposure on top of any network-level risk. This post was drafted with AI assistance based on authoritative security sources, then published under editorial review.
Fortinet bleeding: data from 74,000 firewalls leaked. Fortinet's FortiGate firewalls are the target of a large-scale data leak. Data from nearly 74,000 firewalls worldwide has been made public. Fortinet is dealing with a large-scale data leak affecting its customers. The data of more than 70,000 firewalls has reportedly been exposed by suspected Russian hackers. Fortinet states that the data leak, dubbed 'FortiBleed', is not the result of a vulnerability or hack in its own systems. The U.S. cybersecurity agency CISA has issued an official warning. "Malicious cyber actors are targeting internet-accessible Fortinet devices at government and private organizations, using stolen credentials. This activity involves the exposure of leaked credentials," the organization writes in a public statement. FortiBleed. The leaked data was first investigated by security researcher Bob Diachenko, who sounded the alarm via LinkedIn. He discovered a server containing credentials for 21,634 FortiGate devices, including usernames, email addresses, and passwords in plain text. That first batch is just a preview of the scale of the data leak. Several security experts have launched investigations and are verifying the authenticity of the data. According to security researcher Kevin Beaumont, the majority of the affected firewalls are still online, which would indicate that these are recent credentials that may even still work. This data is normally only available from within the configurations. 74,000 firewalls affected. Security firm Hudson Rock has launched an online tool to map the extent of the leak. Via the 'FortiBleed tracker', you can look up whether URLs and domains of firewalls active in your organization have been compromised. The counter currently stands at 73,932 leaked URLs, originating from 21,387 domains and spread across 194 countries. Hudson Rock is already calling it one of the largest firewall leaks ever. Major names are among the list of affected domains. Spotify, Samsung, Sony, Oracle, Lenovo, Alibaba, Huawei, FedEx, Siemens, and the French parent organization of Orange are reportedly affected. The original discoverer, Diachenko, also mentions a Turkish organization under contract with NATO. The majority of affected companies are located on the American and Asian continents. No hack. Diachenko points toward an unnamed Russian actor who collects hashed credentials from internet-facing FortiGate devices and cracks them using a GPU cluster. The researcher knows this because the perpetrators unintentionally left some documents behind on the server. If the leaked credentials are indeed still ready for use, hackers could use them to simply log in. CISA is urging organizations to terminate all active sessions and take firewalls offline. Suspicious activity can be detected through log data to remove unauthorized accounts. Additional advice includes securing passwords with hashing algorithms, resetting VPN and administrative passwords, and enabling MFA where possible. Fortinet responded via Bleeping Computer that the database was likely compiled during previous incidents and through brute-force attacks. The vendor states with certainty that there is no question of exploited zero-days or a hack of its own systems. Fortinet advises companies to regularly refresh their login details, and preferably as soon as possible if firewalls in your organization are affected. Earlier this week, Fortinet reported three vulnerabilities in its FortiSandbox solution.
Vistula University becomes an Academic Partner of Fortinet. Vistula University is proud to join Fortinet as an Academic Partner. This is an important step towards strengthening the practical dimension of education and better preparing students for work in one of the fastest-growing sectors of today's economy - cybersecurity. The Academic Partner Program supports educational institutions in delivering an industry-recognised training and certification programme in cybersecurity. Through the Fortinet Training Institute, participants gain access to a course library, self-paced and instructor-led classes, as well as practical exercises designed to develop competencies in network and systems security. In practice, this means that Vistula students will use training materials prepared by Fortinet, including presentations and tasks completed systematically throughout the semester. The exercises will be carried out under the supervision and with the support of the course instructor, and their level of difficulty will gradually increase. The programme focuses on issues related to the cybersecurity of Industrial Control Systems (ICS). Participation in the programme gives students not only access to up-to-date knowledge and practical assignments, but also tangible development benefits. After successfully completing all tasks, students will receive an exam voucher which they can use toward the certification exam. Cooperation with Fortinet strengthens the practical character of education at Vistula and connects academic learning even more effectively with labour market requirements. It is also another example of the university's commitment to developing students' digital, technological, and professional competencies.
Fortinet expands G-series with FortiGate 3500G and 400G. Fortinet introduces two new firewalls in its FortiGate G-series. The FortiGate 3500G and 400G are designed to combine higher performance with extra security for AI applications, encrypted traffic, and distributed environments, from the data center to the network edge. Fortinet is expanding its G-series with the FortiGate 3500G and FortiGate 400G. The firewalls are built on the company's NP7 and SP5 processors and run on FortiOS. The chips are ASICs, developed by Fortinet itself. The company aims to differentiate itself from the competition with these unique chips. Capabilities for AI and encrypted traffic. According to Fortinet, the two new firewalls add extra visibility for AI usage within organizations. For example, they support native detection of shadow AI, making unauthorized use of AI solutions visible in real time. Additionally, the systems can apply control mechanisms to protect sensitive data. FortiGuard AI Security Services provides threat intelligence that uses machine learning to help identify and prioritize threats. FortiOS 8.0 also supports Model Context Protocol, an open standard that allows large language models and AI agents to communicate securely with external systems. Furthermore, the operating system can perform deep inspection of traffic between AI agents. Difference between FortiGate 3500G and 400G. The FortiGate 3500G is intended for the data center. The device supports 400Gb connectivity and targets high-density environments where AI workloads and east-west traffic raise the bar for firewall performance. Fortinet also emphasizes hardware controls, secure firmware, and system-level transparency. The FortiGate 400G brings the same approach to the network edge and the mid-market segment. This firewall is designed to enable network segmentation without extra complexity, featuring hardware-accelerated performance and an upgrade path for existing FortiGate firewalls. According to Fortinet, this allows organizations to modernize their network edge with minimal disruption to existing processes.