Testing for vulnerabilities & exposure
Even if you are not a merchant, hospital, or other agency that is required by law to demonstrate compliance with basic security diligence to a regulatory body, you still may want to verify your security.
• Denial of service attacks can tarnish your reputation and jeopardize service income.
• Hacked servers can behave erratically, decreasing uptime.
• Malicious traffic can decrease performance.
• Compromised web servers can be used as a stepping stone for attacks on sensitive database servers.
To verify your configuration, start by running a vulnerability scan. See
“Vulnerability scans”. You may also want to schedule a penetration test on a lab environment. Based upon results, you may decide to expand or harden your FortiWeb’s initial configuration (see
“Hardening security”).