Blog
Product and company blog
Filter by category:
Recent posts
PCI Firewall Review: Practical Questions to Ask Before an Assessor Does
A focused guide to reviewing firewall rules, segmentation, management access, and evidence before a PCI-focused security review.
Network Segmentation and Firewall Policy
Why segmentation is only effective when firewall rules, objects, interfaces, and routing assumptions are reviewed as the environment changes.
FortiGate Hardening: Common Misconfigurations
A practical overview of FortiGate hardening areas such as admin access, services, logging, VPN exposure, and management-plane hygiene.
FortiGate Firewall Audit Checklist: What Security Teams Should Review First
A practical checklist for reviewing FortiGate firewall configurations, reducing hidden exposure, and turning manual review work into repeatable evidence.
Firewall Security Standards Mapping: Useful Guidance, Not a Magic Compliance Badge
How standards mappings help security teams interpret firewall findings without pretending that automated checks alone prove compliance.
Firewall Rule Order Matters: How Policy Placement Can Change Security Outcomes
Why the same firewall rules can behave differently depending on order, shadowing, and overlapping policy logic.
The Firewall Rule Lifecycle: From Emergency Change to Forgotten Risk
How firewall rules are created, changed, inherited, forgotten, and eventually become risk unless teams review them regularly.
Firewall Rule Cleanup Best Practices for Reducing Risk and Complexity
How duplicate, stale, shadowed, and overly permissive firewall rules increase risk, and how structured review helps keep a rulebase defensible.
Firewall Monitoring and Configuration Drift: Why One-Off Reviews Are Not Enough
How recurring firewall audits help detect drift after emergency changes, migrations, and routine operational work.
Firewall Compliance Audit Readiness: Turning Configuration Review into Evidence
How firewall configuration reviews support standards-aligned evidence for PCI DSS, ISO 27001, NIST, CIS, and internal security policies.
Firewall Audit Automation vs Manual Review: Where Each Fits
Why automation improves consistency and coverage, while engineer judgement remains essential for context, exceptions, and safe remediation.
Executive vs Engineer Firewall Reports: Why Both Views Matter
Why firewall audit output should support technical remediation and management-level risk conversations without mixing the two audiences together.
Why Any-Any Firewall Rules Are Still One of the Biggest Policy Risks
A plain-English explanation of why source any, destination any, service any rules are dangerous and how teams should approach remediation.
Product Update 8th Feb 2026
A short product and company update covering the push toward clearer messaging, a stronger homepage, and a tighter link between the public site and the product experience.