While the FortiWeb Certification validates your expertise in securing web applications with Fortinet’s FortiWeb (WAF), a dedicated course can take your knowledge further. Earning the certification demonstrates your understanding of web security threats, ability to configure FortiWeb features, and proficiency in utilizing advanced tools. However, a course dives deeper, teaching you practical skills in deploying, configuring, and troubleshooting FortiWeb. You’ll learn to handle load balancing, enforce security, inspect traffic, secure sessions, and understand key web application security concepts. The course also utilizes real-world simulations to hone your skills. Both the certification and a comprehensive course provide valuable tools for securing web applications and enhancing your career prospects.
- FortiWeb Fundamentals:
- Introduction to FortiWeb and its features
- Understanding web application security threats
- FortiWeb architecture
- Web Application Security:
- HTTP basics
- Common web application vulnerabilities (OWASP Top 10)
- Security controls and techniques (authentication, authorization, etc.)
- FortiWeb Configuration & Management:
- Creating security policies
- Defining virtual servers and profiles
- Utilizing security features (WAF, IPS, bot protection)
- Managing users, roles, and permissions
- Advanced Features (may vary):
- SSL/TLS configuration
- External system integrations (SIEM, logging)
- Automation and scripting
- Security event reporting and analysis
- Additional Topics (may vary):
- Machine learning and bot detection
- DoS and defacement protection
- External SIEM integration
You must understand the topics covered in the following courses, or have equivalent experience:
- FCP – FortiGate Security
- FCP – FortiGate Infrastructure
It is also recommended that you understand the following topics:
- HTTP protocol
- Basic knowledge of HTML, JavaScript, and server-side dynamic page languages, such PHP
