Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    Home FortiRecon 25.1.a User Guide
    25.1.a
    25.1.a
    25.1.0
    24.4.b
    24.4.a
    24.4.0
    24.3.a
    24.3.0
    24.2.b
    24.2.a
    24.2.0
    24.1.b
    24.1.a
    24.1.0
    23.4.a
    23.4.0
    23.3.a
    23.3.0
    23.2.b
    23.2.a
    23.2.0
    23.1.b
    23.1.a
    23.1.0
    22.4.a
    22.4.0
    22.3.0
    22.2.0

    Adding integrations

    Adding integrations

    The Attack Surface Management > Integrations page displays all existing integrations. You can manually add new integrations as needed.

    IASM only supports FortiGate integration.
    To add a new AWS integration:

    1. Go to Attack Surface Management > Integrations.

    2. Click the + icon.

    3. Select AWS. The Add AWS page is displayed.

      Note

      For more information on creating an AWS IAM policy and role, click Need Help?.

    4. Select EASM.

    5. Enter the account ID number in the Account ID field.

    6. Enter a descriptive name in the Integration Name field.

    7. Click Save.

    To add a new Azure integration:

    1. Go to Attack Surface Management > Integrations.

    2. Click the + icon.

    3. Select Azure. The Add Azure page is displayed.

    4. Select EASM.

    5. Enter the relevant values in the Subscription ID, Client ID, Tenant ID, and Client Secret fields.

      Note

      These four values are necessary to create read-only access for your Azure cloud account. For information on generating these values, click Need Help?.

    6. Enter a descriptive name in the Integration Name field.

    7. Click Save.

    To add a new Google Cloud Platform integration:

    1. Go to Attack Surface Management > Integrations.

    2. Click the + icon.

    3. Select GCP. The Add GCP page is displayed.

    4. Select EASM.

    5. Enter a descriptive name in the Integration Name field.

    6. Enter the JSON information from the GCP configuration file.

      Note

      For information on generating the GCP key file and downloading JSON, click Need Help?.

    7. Click Validate.

    To add a new FortiDAST integration:

    1. Go to Attack Surface Management > Integrations.

    2. Click the + icon.

    3. Select FortiDAST. The Add FortiDAST page is displayed.

    4. Select EASM.

    5. Enter the master email address in the Email field.

    6. Enter the API Key from FortiDAST.

    7. Click Save to verify the key.

      Note

      Once the FortiDAST integration is verified, you can scan assets in the EASM > Asset Discovery page. See Performing a FortiDAST scan.
    FortiGate Integration

    Integrating FortiGate with FortiRecon enhances the asset discovery capabilities of FortiRecon EASM. It does this by adding FortiGate Interface IPs and all IPs behind NAT to the Attack Surface Management > Asset Discovery page. Once the integration is verified, all assets discovered via FortiGate will have additional metadata, including:

    • Name of Virtual IP on FortiGate

    • Mapped Internal IP

    • MAC address of Internal IP

    • Mapped External Port

    • Mapped Internal Port

    • Operating System

    You can use this metadata to take action faster on security vulnerabilities and threats.

    To add a new FortiGate integration:

    1. Go to Attack Surface Management > Integrations.

    2. Click the + icon.

    3. Select EASM or IASM using toggle.

    4. Select FortiGate. The Add FortiGate page is displayed.

    5. Enter a name for the integration.

    6. Enter FortiGate IP address in the Host field.

    7. Enter the Port number.

    8. Enter the FortiGate access Token.

      Note

      For information on creating token, click Need Help?

    9. Select Use HTTPs checkbox if required.

    10. Click Save.

    Previous
    Next

    Adding integrations

    Adding integrations

    The Attack Surface Management > Integrations page displays all existing integrations. You can manually add new integrations as needed.

    IASM only supports FortiGate integration.
    To add a new AWS integration:

    1. Go to Attack Surface Management > Integrations.

    2. Click the + icon.

    3. Select AWS. The Add AWS page is displayed.

      Note

      For more information on creating an AWS IAM policy and role, click Need Help?.

    4. Select EASM.

    5. Enter the account ID number in the Account ID field.

    6. Enter a descriptive name in the Integration Name field.

    7. Click Save.

    To add a new Azure integration:

    1. Go to Attack Surface Management > Integrations.

    2. Click the + icon.

    3. Select Azure. The Add Azure page is displayed.

    4. Select EASM.

    5. Enter the relevant values in the Subscription ID, Client ID, Tenant ID, and Client Secret fields.

      Note

      These four values are necessary to create read-only access for your Azure cloud account. For information on generating these values, click Need Help?.

    6. Enter a descriptive name in the Integration Name field.

    7. Click Save.

    To add a new Google Cloud Platform integration:

    1. Go to Attack Surface Management > Integrations.

    2. Click the + icon.

    3. Select GCP. The Add GCP page is displayed.

    4. Select EASM.

    5. Enter a descriptive name in the Integration Name field.

    6. Enter the JSON information from the GCP configuration file.

      Note

      For information on generating the GCP key file and downloading JSON, click Need Help?.

    7. Click Validate.

    To add a new FortiDAST integration:

    1. Go to Attack Surface Management > Integrations.

    2. Click the + icon.

    3. Select FortiDAST. The Add FortiDAST page is displayed.

    4. Select EASM.

    5. Enter the master email address in the Email field.

    6. Enter the API Key from FortiDAST.

    7. Click Save to verify the key.

      Note

      Once the FortiDAST integration is verified, you can scan assets in the EASM > Asset Discovery page. See Performing a FortiDAST scan.
    FortiGate Integration

    Integrating FortiGate with FortiRecon enhances the asset discovery capabilities of FortiRecon EASM. It does this by adding FortiGate Interface IPs and all IPs behind NAT to the Attack Surface Management > Asset Discovery page. Once the integration is verified, all assets discovered via FortiGate will have additional metadata, including:

    • Name of Virtual IP on FortiGate

    • Mapped Internal IP

    • MAC address of Internal IP

    • Mapped External Port

    • Mapped Internal Port

    • Operating System

    You can use this metadata to take action faster on security vulnerabilities and threats.

    To add a new FortiGate integration:

    1. Go to Attack Surface Management > Integrations.

    2. Click the + icon.

    3. Select EASM or IASM using toggle.

    4. Select FortiGate. The Add FortiGate page is displayed.

    5. Enter a name for the integration.

    6. Enter FortiGate IP address in the Host field.

    7. Enter the Port number.

    8. Enter the FortiGate access Token.

      Note

      For information on creating token, click Need Help?

    9. Select Use HTTPs checkbox if required.

    10. Click Save.

    Previous
    Next