Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.1.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiCNAPP Release Notes

    February 2026 Platform Releases

    February 2026 Platform Releases

    Generally Available

    • New Azure service coverage added

      The following Azure services and related datasources are now available:

      Chaos:

      • microsoft.chaos/experiments

      Cost Managment:

      • microsoft.costmanagement/alerts

      Hardware Security Modules:

      • microsoft.hardwaresecuritymodules/dedicatedhsms

      IoT Central:

      • microsoft.iotcentral/iotapp

      Kubernetes Configuration:

      • microsoft.kubernetesconfiguration/extensions

      • microsoft.kubernetesconfiguration/fluxconfigurations

      • microsoft.kubernetesconfiguration/privatelinkscopes

      Network:

      • microsoft.network/networksecurityperimeters

      Power BI:

      • microsoft.powerbi/privatelinkservicesforpowerbi

      For more information, see Datasource Metadata. Note that the introduction of new services may require you to modify the privileges of the FortiCNAPP user in your cloud accounts. For more information, see Maintain Cloud Integrations with Terraform.

    • AI Assist: Prioritized summaries and context-aware remediation across all alerts

      AI Assist now delivers consistent, prioritized summaries and context-aware remediation across alert types—including Composite, Policy, and Anomaly—so teams can move from “what happened?” to “what should I do next?” faster and with fewer clicks.

      What’s new

      • Prioritized summaries (top findings first)

        Summaries now surface the most important findings (especially for Composite alerts with multiple detections), helping you focus on what matters most before digging into details.

      • Consistent summary and remediation experience across alert types

        Whether you’re working a Composite, Policy, or Anomaly alert, AI Assist follows a consistent structure for:

        • What happened (key evidence + sequence).

        • Who or what is involved (entities).

        • Scope and impact considerations.

        • Next steps.

      • Context-aware remediation (not generic playbooks)

        Remediation guidance is tailored to the alert context—using the alert description, supporting facts, and timeline and entities when available—to produce actionable steps aligned to what is actually involved.

      • Triage-first response guidance

        Remediation starts with verification and scoping (who, what, when, and how far), then moves into containment, eradication, recovery, and hardening—designed for teams with mixed security experience.

      • Improved AI Assist actions in the console

        Quick actions are simplified and aligned with the two most common workflows: Summarize and Remediate, making it easier to get high-signal answers immediately.

      Benefits

      • Faster triage with ranked findings instead of long, flat summaries.

      • More actionable responses with entity-aware, context-driven remediation.

      • A single assistant experience that works reliably across alert categories—helpful for both experienced responders and newer analysts.

    • Alerts updated with table view

      The Alerts page now presents the list of alerts as a table, which provides you with the following additional functionality:

      • Download all displayed alerts in a CSV file.

      • Customize the displayed columns.

      • Display up to 100 alerts on each page.

      • Sort by more columns.

      • Perform bulk actions on any number of alerts.

    • Dynamic Terraform support

      Support for dynamic Terraform configurations has been implemented. While Code Security policies have not been updated, the introduction of dynamic Terraform support could affect findings where these configurations are present. See FortiCNAPP IaC policies in the FortiCNAPP Administration Guide.

    • New AWS service coverage added

      The following AWS services and related datasources are now available:

      For more information, see Datasource Metadata. Note that the introduction of new services may require you to modify the privileges of the FortiCNAPP user in your cloud accounts. For more information, see Maintain Cloud Integrations with Terraform.

    • Vulnerabilities support for base container images

      A base image, or golden image, is a standardized, preconfigured container image that serves as the foundation for other images.

      Base image scanning allows you to track and manage vulnerabilities in your base images to quickly identify and prioritize fixes for vulnerabilities that affect multiple images and containers.

      You can view base image vulnerabilities in the Vulnerabilities dashboard, determine the base image for a specific image, and separate vulnerabilities found in base images from those found in custom applications and packages.

      For more information, see Base image scanning in the FortiCNAPP Administration Guide.

    Previous
    Next

    February 2026 Platform Releases

    February 2026 Platform Releases

    Generally Available

    • New Azure service coverage added

      The following Azure services and related datasources are now available:

      Chaos:

      • microsoft.chaos/experiments

      Cost Managment:

      • microsoft.costmanagement/alerts

      Hardware Security Modules:

      • microsoft.hardwaresecuritymodules/dedicatedhsms

      IoT Central:

      • microsoft.iotcentral/iotapp

      Kubernetes Configuration:

      • microsoft.kubernetesconfiguration/extensions

      • microsoft.kubernetesconfiguration/fluxconfigurations

      • microsoft.kubernetesconfiguration/privatelinkscopes

      Network:

      • microsoft.network/networksecurityperimeters

      Power BI:

      • microsoft.powerbi/privatelinkservicesforpowerbi

      For more information, see Datasource Metadata. Note that the introduction of new services may require you to modify the privileges of the FortiCNAPP user in your cloud accounts. For more information, see Maintain Cloud Integrations with Terraform.

    • AI Assist: Prioritized summaries and context-aware remediation across all alerts

      AI Assist now delivers consistent, prioritized summaries and context-aware remediation across alert types—including Composite, Policy, and Anomaly—so teams can move from “what happened?” to “what should I do next?” faster and with fewer clicks.

      What’s new

      • Prioritized summaries (top findings first)

        Summaries now surface the most important findings (especially for Composite alerts with multiple detections), helping you focus on what matters most before digging into details.

      • Consistent summary and remediation experience across alert types

        Whether you’re working a Composite, Policy, or Anomaly alert, AI Assist follows a consistent structure for:

        • What happened (key evidence + sequence).

        • Who or what is involved (entities).

        • Scope and impact considerations.

        • Next steps.

      • Context-aware remediation (not generic playbooks)

        Remediation guidance is tailored to the alert context—using the alert description, supporting facts, and timeline and entities when available—to produce actionable steps aligned to what is actually involved.

      • Triage-first response guidance

        Remediation starts with verification and scoping (who, what, when, and how far), then moves into containment, eradication, recovery, and hardening—designed for teams with mixed security experience.

      • Improved AI Assist actions in the console

        Quick actions are simplified and aligned with the two most common workflows: Summarize and Remediate, making it easier to get high-signal answers immediately.

      Benefits

      • Faster triage with ranked findings instead of long, flat summaries.

      • More actionable responses with entity-aware, context-driven remediation.

      • A single assistant experience that works reliably across alert categories—helpful for both experienced responders and newer analysts.

    • Alerts updated with table view

      The Alerts page now presents the list of alerts as a table, which provides you with the following additional functionality:

      • Download all displayed alerts in a CSV file.

      • Customize the displayed columns.

      • Display up to 100 alerts on each page.

      • Sort by more columns.

      • Perform bulk actions on any number of alerts.

    • Dynamic Terraform support

      Support for dynamic Terraform configurations has been implemented. While Code Security policies have not been updated, the introduction of dynamic Terraform support could affect findings where these configurations are present. See FortiCNAPP IaC policies in the FortiCNAPP Administration Guide.

    • New AWS service coverage added

      The following AWS services and related datasources are now available:

      For more information, see Datasource Metadata. Note that the introduction of new services may require you to modify the privileges of the FortiCNAPP user in your cloud accounts. For more information, see Maintain Cloud Integrations with Terraform.

    • Vulnerabilities support for base container images

      A base image, or golden image, is a standardized, preconfigured container image that serves as the foundation for other images.

      Base image scanning allows you to track and manage vulnerabilities in your base images to quickly identify and prioritize fixes for vulnerabilities that affect multiple images and containers.

      You can view base image vulnerabilities in the Vulnerabilities dashboard, determine the base image for a specific image, and separate vulnerabilities found in base images from those found in custom applications and packages.

      For more information, see Base image scanning in the FortiCNAPP Administration Guide.

    Previous
    Next