What's New
25.2.a released June 26, 2025
WAF
SOCaaS Integration
You can now enable Security Operations Center-as-a-Service (SOCaaS) for your WAF applications by clicking the Enable SOCaaS button on the WAF > System Settings > Settings page. This opens the SOCaaS portal to complete onboarding. SOCaaS is available for customers with the Enterprise bundle or customers that purchased the SOCaaS SKU.
Once onboarding is successful, you should see the updated SOCaaS status on the same Settings page.
For more information, please refer to WAF Settings.
GSLB
Enhanced Diagnostics for GSLB Topology (VS/HC) and Fabric Connectors
You can now run diagnostics on Virtual Servers, Fabric Connectors, and Health Checks directly from the GSLB Topology view by selecting the item and clicking Diagnose. This provides quick visibility into connection and health check issues.
For more information, please refer to Topology.
25.2 released June 3, 2025
Contract and License Update
FortiAppSec Cloud has expanded supported contract and license offerings, and restructured license offerings for some products.
Enterprise Plan Support
FortiAppSec Cloud introduces the Enterprise plan, an all-inclusive annual subscription that bundles Advanced WAF features, Advanced Bot Protection, DAST, and GSLB services into one plan. Pricing is simplified to a predictable bandwidth-only model.
For more information, please refer to License & Contract.
AWS, Azure, and GCP Marketplace License Support
You can now purchase and manage FortiAppSec Cloud contracts through AWS, Azure, and GCP marketplaces.
For more information on the new license options, please refer to Public Cloud Marketplace subscriptions.
If you are looking to transfer a legacy FortiWeb Cloud Marketplace License to the FortiAppSec Cloud AWS, Azure, or GCP license, please refer to Migrating from existing Fortinet services.
FortiFlex License Support
FortiAppSec Cloud now supports FortiFlex, a flexible, usage-based security licensing program from Fortinet that allows organizations to provision FortiAppSec Cloud on-demand, paying only for what you consume. It eliminates the need for pre-planning, over-provisioning, or under-provisioning, offering a simplified and flexible licensing model.
For more information on this new license option, please refer to FortiFlex.
If you are looking to transfer a legacy FortiFlex entitlement to the FortiAppSec Cloud Fortiflex entitlement, please refer to Migrating from existing Fortinet services.
Advanced Bot Protection and DAST Contract Model Update
Dynamic Application Security Testing (DAST) and Advanced Bot Protection (ABP) are now included in the Advanced and Enterprise subscription plans respectively. These services are no longer available as standalone contracts. For more information, please refer to License & Contract.
GSLB
DNSSEC Enhancement
The DNSSEC feature in GSLB been enhanced with advanced cryptographic algorithms, providing stronger protection against DNS spoofing and related threats.
For more information on how to enable this feature, please refer to How to enable DNSSEC on GSLB.
Multi-Region Health Check Support
FortiAppSec Cloud GSLB now supports health checks from additional areas: Europe and Asia Pacific, alongside the existing North America option.
When configuring a health check, you can select its area of origin. Multiple health checks from different areas can be assigned to the same virtual server. GSLB aggregates results from all selected areas to determine server health, improving the accuracy of global availability monitoring.
For the list of IP addresses to add to your application's allowlist, please refer to Health check.
Enhanced Server Status Descriptions
When a server or virtual server is marked as down, the web portal now displays the specific reason.
Hovering over the server status icons on the Topology and FQDN pages reveals detailed messages with clear diagnostic information.
AWS Connector Load Balancing Support
GSLB now supports load balancing with AWS connectors using CNAME record types and single-record responses. This enhancement enables AWS-based applications to participate in traffic distribution. Only CNAME records are supported when using AWS connectors.
For more information, please refer to Fabric connectors with AWS and Azure.
Topology Page Filtering
The Topology page now includes a filter option, allowing you to quickly locate specific servers or virtual servers by name or status.
Advanced Bot Protection
FortiWeb Version Requirement Update
Advanced Bot Protection integration with FortiWeb now requires FortiWeb version 7.4.8 or later for continued compatibility.
25.1.a released March 27, 2025
Bug Fixes
This release fixes several bugs for improved stability and experience.
25.1 released February 27, 2025
WAF
Enhanced Known Attacks
Known Attacks has been enhanced with Extended Mode. This adds additional signatures to every Sensitivity Level but should be used with caution as it may result in higher false positive rates. For more information, please see Known Attacks.
Bot Mitigation Exception Policies
Exceptions (whitelisting) are now supported for Bot mitigation policies. Build granular exceptions based on elements such as client IPs, hostnames and URLs. For more information, please see Exception Policy.
Cloud Deployment Granularity
Application onboarding now allows choosing the Cloud platform and region during WAF onboarding. For more information, please refer to Onboarding WAF applications.
View Server Health Check Status on Applications Page
You can now view the status of all origin servers for an application under the Health Check column on the WAF > Applications page. For more information, please refer to WAF Applications.
Log Format for Attack Logs
Attack Logs now support the Template Name and Destination IP field when Log Format is set to Custom. For more information on Attack Log Server options, please refer to Log Settings.
Splunk URL change
The FortiAppSec Cloud Splunk Add-On has been updated with new URLs. For more information, please refer to Using WAF with Splunk.
Region IP Update
Additional scrubbing centers have deployed in the following regions. Please make sure to allow access to your application from the IP addresses listed below.
-
AWS ap-southeast-3: Asia Pacific (Jakarta)
-
16.78.99.255
2406:da19:4a2:1f01:4bfd:3d35:eeea:9960
-
16.78.217.33
2406:da19:4a2:1f02:f4ff:d71d:bc20:34fe
-
16.78.170.51
2406:da19:4a2:1f01:a2d8:6f29:242:b8d3
-
43.218.33.190
2406:da19:4a2:1f02:621a:ed16:4cea:df5d
-
16.78.206.248
2406:da19:4a2:1f01:4e37:3198:afa2:103f
-
108.137.179.56
2406:da19:4a2:1f02:e03c:7d81:aa91:7c29
-
-
Azure South Africa North (Johannesburg)
-
4.221.199.162
-
4.221.192.56
-
4.221.113.144
-
4.222.21.210
-
4.222.18.196
-
4.222.21.170
-
10.40.1.10
-
4.221.143.107
-
Advanced Bot Protection
Web Portal Improvements
Several pages under Advanced Bot Protection > [Application name] > Traffic Insights have been enhanced with additional graphs and navigation elements. For more information on the updated pages, please see Dashboard, Transactions , Bot Monitor, and Exploration.
Attack Query Enhancement
The web portal now includes a page with historical charts and statistics for Attack Query insights. For more information, please refer to Attack Query.
GSLB
Support DNS CAA Record in GSLB
GSLB now supports Certificate Authority Authorization (CAA) records, enabling administrators to specify authorized CAs for their domains. This ensures secure and compliant certificate issuance while maintaining GSLB’s high availability and performance. For more information, please refer to DNS service.
24.4.p1 released on January 9, 2024
Bug Fixes
This release fixes several bugs for improved stability and experience.