Fall 2026

Software Development Intern

GenAI

Updated on 7/4/2026

Fortinet

Fortinet

10,001+ employees

Delivers integrated cybersecurity via security fabric

Compensation Overview

$35 - $45/hr

No H1B Sponsorship

Santa Clara, CA, USA

In Person

On-site internship in Santa Clara, CA. Must be authorized to work in the United States without sponsorship.

Category
Software Engineering (1)
Requirements
  • Must be authorized to work in the United States without sponsorship.
Responsibilities
  • Develop and test components of FortiChat AI/Smart Assist systems.
  • Involve in troubleshooting and resolving issues in the existing products.
  • Execute system integration in both cloud-based and on premise environment
  • Managing code updates using Source Control systems to ensure code quality
  • Optimize and support existing systems and documents

Fortinet provides cybersecurity solutions for organizations with an emphasis on integrated security. Its core platform, the Fortinet Security Fabric, ties together firewalls, endpoint protection, intrusion detection, and secure SD-WAN so they share threat intelligence and security policies. The products work by coordinating across networks, endpoints, cloud, and applications through common management and subscription-based services. Fortinet differentiates itself with a broad, interoperable stack that enables centralized policy and visibility across on-premises, remote, and cloud environments, helping customers protect digital assets from a wide range of threats.

Company Size

10,001+

Company Stage

IPO

Headquarters

Sunnyvale, California

Founded

2000

Your Connections

People at Fortinet who can refer or advise you

Simplify Jobs

Simplify's Take

What believers are saying

  • Analyst price target upgrades from Barclays, BofA, and TD Cowen signal strong market confidence in Fortinet's AI-integrated security strategy.
  • Fortinet's Security Fabric partner program enhances partner capabilities to deliver integrated security across hybrid and cloud environments.
  • Fortinet's AI-native security solutions position the company to capture emerging demand for AI-specific threat protection in data centers.

What critics are saying

  • FortiBleed credential theft exposing 75,000+ internet-facing FortiGate firewalls to Russian-linked hackers risks customer network compromise and brand erosion.
  • CVE-2026-24858 FortiCloud SSO bypass allows rogue admin account creation on patched devices, enabling persistent backdoors across cloud deployments.
  • Fortinet's $9.2B 2029 revenue target requires 10.6% annual growth amid slowing firewall refresh cycles and declining enterprise hardware spending.

What makes Fortinet unique

  • Fortinet's FortiAIGate with NVIDIA integration secures AI workloads using runtime guardrails for LLMs and zero-trust AI traffic.
  • FortiSOC platform consolidates threat detection, incident response, and security workflows into a single SaaS offering enabled by AI tools.
  • Fortinet's partnership with NVIDIA on FortiAIGate supports GPU-accelerated AI security, reducing hardware requirements and energy consumption compared to CPU solutions.

Help us improve and share your feedback! Did you find this helpful?

Benefits

Health Insurance

Dental Insurance

Vision Insurance

Life Insurance

Disability Insurance

Health Savings Account/Flexible Spending Account

Unlimited Paid Time Off

Paid Vacation

Paid Sick Leave

Paid Holidays

Hybrid Work Options

401(k) Company Match

Wellness Program

Mental Health Support

Employee & Family Assistance Plan

Company Equity

Growth & Insights and Company News

Headcount

6 month growth

0%

1 year growth

1%

2 year growth

0%
Fortinet
Jun 26th, 2026
Fortinet Announces Closing of Initial Public Offering of Common Stock and Exercise of Over-Allotment Option | Fortinet, Inc.

SUNNYVALE, CA, Nov 23, 2009 (MARKETWIRE via COMTEX News Network) -- Fortinet(R) (NASDAQ: FTNT) -- a provider of network security appliances and unified threat management (UTM) solutions -- today announced that it has closed its previously announced initial public offering of 12,500,000 shares of

UNPWNED
Jun 22nd, 2026
CISA warns Fortinet users to secure devices after FortiBleed credential leak.

CISA warns Fortinet users to secure devices after FortiBleed credential leak. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory asking Fortinet customers to secure their devices following a significant credential leak. As reported by BleepingComputer, nearly 74,000 firewall and VPN credentials were exposed in an incident now being called "FortiBleed." What happened. A large collection of credentials tied to Fortinet firewall and VPN devices was leaked publicly. The dataset, containing close to 74,000 entries, has been dubbed FortiBleed by the security community. CISA responded by publishing guidance urging all affected organizations to treat their Fortinet devices as potentially compromised and take immediate remediation steps. The leak exposes usernames, passwords, and device configuration data that attackers could use to gain unauthorized access to corporate networks. Fortinet devices are widely deployed as perimeter security controls, meaning a successful intrusion through one of these devices can give an attacker a direct path into an organization's internal systems. Why this matters to small teams. Small teams and indie developers often rely on shared or managed infrastructure, VPN appliances, or cloud-hosted firewalls to protect their internal tools, staging environments, and production systems. If your team uses Fortinet products, or if your hosting provider or managed service provider does, your network perimeter may be at risk even if you did not configure the device yourself. Run the exact check on your domain. See your security score, grade, and a breakdown of what's exposed. Free. Takes under 2 minutes. Credential leaks of this scale are particularly dangerous because attackers can automate login attempts across all exposed entries within hours of a leak becoming public. A valid set of VPN credentials is often all an attacker needs to bypass your entire security stack and land directly on your internal network. From there, lateral movement to databases, source code repositories, or customer data becomes straightforward. Even if you do not run Fortinet hardware yourself, third-party suppliers and vendors who serve you might. A breach in their perimeter can create exposure in your own systems through shared access, API integrations, or trust relationships. This is the kind of indirect risk that solo founders and small startups frequently overlook. How to stay protected. * Inventory your Fortinet devices. Check whether your team or your infrastructure provider uses any Fortinet firewalls, FortiGate appliances, or FortiVPN products. If you are unsure, ask your hosting or managed service provider directly. * Rotate all Fortinet credentials immediately. If you have any Fortinet device in your environment, treat all existing passwords as compromised. Change administrative passwords and any VPN user credentials without delay. * Enable multi-factor authentication on VPN access. Passwords alone are not sufficient protection. If your Fortinet VPN supports MFA, enable it now for all users. This limits the damage from any future credential exposure. * Review device access logs. Look for unexpected login attempts, unusual source IP addresses, or access at odd hours. Signs of unauthorized access may already be present if your credentials were included in the leaked dataset. * Apply all available firmware and security patches. Keep Fortinet devices updated to the latest supported firmware version. Check the Fortinet PSIRT advisory page and the CISA known exploited vulnerabilities catalog for any related guidance. * Audit third-party and vendor access. If suppliers or contractors have VPN access to your systems, review whether their credentials and devices are also covered. Revoke any access that is no longer needed. How UNPWNED helps. UNPWNED scans your public-facing web properties for exposed configuration data, insecure headers, and other signals that indicate a misconfigured or poorly hardened environment. While its scanner does not directly test VPN appliances or firewall credentials, it can surface exposed admin panels, insecure authentication endpoints, and missing security controls that attackers commonly target after gaining initial network access through a compromised perimeter device. Running a scan after an incident like FortiBleed helps you verify that your web layer is not adding additional exposure on top of any network-level risk. This post was drafted with AI assistance based on authoritative security sources, then published under editorial review.

ITdaily
Jun 19th, 2026
Fortinet bleeding: data from 74,000 firewalls leaked.

Fortinet bleeding: data from 74,000 firewalls leaked. Fortinet's FortiGate firewalls are the target of a large-scale data leak. Data from nearly 74,000 firewalls worldwide has been made public. Fortinet is dealing with a large-scale data leak affecting its customers. The data of more than 70,000 firewalls has reportedly been exposed by suspected Russian hackers. Fortinet states that the data leak, dubbed 'FortiBleed', is not the result of a vulnerability or hack in its own systems. The U.S. cybersecurity agency CISA has issued an official warning. "Malicious cyber actors are targeting internet-accessible Fortinet devices at government and private organizations, using stolen credentials. This activity involves the exposure of leaked credentials," the organization writes in a public statement. FortiBleed. The leaked data was first investigated by security researcher Bob Diachenko, who sounded the alarm via LinkedIn. He discovered a server containing credentials for 21,634 FortiGate devices, including usernames, email addresses, and passwords in plain text. That first batch is just a preview of the scale of the data leak. Several security experts have launched investigations and are verifying the authenticity of the data. According to security researcher Kevin Beaumont, the majority of the affected firewalls are still online, which would indicate that these are recent credentials that may even still work. This data is normally only available from within the configurations. 74,000 firewalls affected. Security firm Hudson Rock has launched an online tool to map the extent of the leak. Via the 'FortiBleed tracker', you can look up whether URLs and domains of firewalls active in your organization have been compromised. The counter currently stands at 73,932 leaked URLs, originating from 21,387 domains and spread across 194 countries. Hudson Rock is already calling it one of the largest firewall leaks ever. Major names are among the list of affected domains. Spotify, Samsung, Sony, Oracle, Lenovo, Alibaba, Huawei, FedEx, Siemens, and the French parent organization of Orange are reportedly affected. The original discoverer, Diachenko, also mentions a Turkish organization under contract with NATO. The majority of affected companies are located on the American and Asian continents. No hack. Diachenko points toward an unnamed Russian actor who collects hashed credentials from internet-facing FortiGate devices and cracks them using a GPU cluster. The researcher knows this because the perpetrators unintentionally left some documents behind on the server. If the leaked credentials are indeed still ready for use, hackers could use them to simply log in. CISA is urging organizations to terminate all active sessions and take firewalls offline. Suspicious activity can be detected through log data to remove unauthorized accounts. Additional advice includes securing passwords with hashing algorithms, resetting VPN and administrative passwords, and enabling MFA where possible. Fortinet responded via Bleeping Computer that the database was likely compiled during previous incidents and through brute-force attacks. The vendor states with certainty that there is no question of exploited zero-days or a hack of its own systems. Fortinet advises companies to regularly refresh their login details, and preferably as soon as possible if firewalls in your organization are affected. Earlier this week, Fortinet reported three vulnerabilities in its FortiSandbox solution.

Akademia Finansów i Biznesu Vistula
May 25th, 2026
Vistula University becomes an Academic Partner of Fortinet.

Vistula University becomes an Academic Partner of Fortinet. Vistula University is proud to join Fortinet as an Academic Partner. This is an important step towards strengthening the practical dimension of education and better preparing students for work in one of the fastest-growing sectors of today's economy - cybersecurity. The Academic Partner Program supports educational institutions in delivering an industry-recognised training and certification programme in cybersecurity. Through the Fortinet Training Institute, participants gain access to a course library, self-paced and instructor-led classes, as well as practical exercises designed to develop competencies in network and systems security. In practice, this means that Vistula students will use training materials prepared by Fortinet, including presentations and tasks completed systematically throughout the semester. The exercises will be carried out under the supervision and with the support of the course instructor, and their level of difficulty will gradually increase. The programme focuses on issues related to the cybersecurity of Industrial Control Systems (ICS). Participation in the programme gives students not only access to up-to-date knowledge and practical assignments, but also tangible development benefits. After successfully completing all tasks, students will receive an exam voucher which they can use toward the certification exam. Cooperation with Fortinet strengthens the practical character of education at Vistula and connects academic learning even more effectively with labour market requirements. It is also another example of the university's commitment to developing students' digital, technological, and professional competencies.

ITdaily
May 19th, 2026
Fortinet expands G-series with FortiGate 3500G and 400G.

Fortinet expands G-series with FortiGate 3500G and 400G. Fortinet introduces two new firewalls in its FortiGate G-series. The FortiGate 3500G and 400G are designed to combine higher performance with extra security for AI applications, encrypted traffic, and distributed environments, from the data center to the network edge. Fortinet is expanding its G-series with the FortiGate 3500G and FortiGate 400G. The firewalls are built on the company's NP7 and SP5 processors and run on FortiOS. The chips are ASICs, developed by Fortinet itself. The company aims to differentiate itself from the competition with these unique chips. Capabilities for AI and encrypted traffic. According to Fortinet, the two new firewalls add extra visibility for AI usage within organizations. For example, they support native detection of shadow AI, making unauthorized use of AI solutions visible in real time. Additionally, the systems can apply control mechanisms to protect sensitive data. FortiGuard AI Security Services provides threat intelligence that uses machine learning to help identify and prioritize threats. FortiOS 8.0 also supports Model Context Protocol, an open standard that allows large language models and AI agents to communicate securely with external systems. Furthermore, the operating system can perform deep inspection of traffic between AI agents. Difference between FortiGate 3500G and 400G. The FortiGate 3500G is intended for the data center. The device supports 400Gb connectivity and targets high-density environments where AI workloads and east-west traffic raise the bar for firewall performance. Fortinet also emphasizes hardware controls, secure firmware, and system-level transparency. The FortiGate 400G brings the same approach to the network edge and the mid-market segment. This firewall is designed to enable network segmentation without extra complexity, featuring hardware-accelerated performance and an upgrade path for existing FortiGate firewalls. According to Fortinet, this allows organizations to modernize their network edge with minimal disruption to existing processes.