If you review these NSE4-5-4 practice test, you will get 100% marks.

If are looking to successfully finish the Fortinet NSE4-5-4 exam, killexams.com has Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4 Questions and Answers which usually will ensure a person passes NSE4-5-4 on the first attempt. killexams.com provides you download for valid, Newest, and 2022 up-to-date NSE4-5-4 practice test and practice test using full money back ensure.

Exam Code: NSE4-5-4 Practice test 2022 by Killexams.com team
Fortinet Network Security Expert 4 Written test - FortiOS 5.4
Fortinet Fortinet Questions and Answers
Killexams : Fortinet Fortinet Questions Answers - BingNews https://killexams.com/pass4sure/exam-detail/NSE4-5-4 Search results Killexams : Fortinet Fortinet Questions Answers - BingNews https://killexams.com/pass4sure/exam-detail/NSE4-5-4 https://killexams.com/exam_list/Fortinet Killexams : Patch Now: Fortinet FortiGate & FortiProxy Contain Critical Vuln

UPDATE

A Fortinet bug disclosed last week is now under active exploitation. 

Fortinet on Friday warned that users of its FortGate firewall and FortiProxy Web proxies should apply the latest updates to their products ASAP due to a critical vulnerability that could allow an attacker to bypass authentication to the products' administration interfaces. 

On Monday, the security firm updated the advisory to note that it's now aware of instances of the bug being exploited in the wild.

An exploit would in effect supply an attacker administrative control of the network devices. The flaw, CVE-2022-40684, affects FortiOS versions 7.0.0 to 7.06 and 7.20 to 7.2.1, and FortiProxy versions 7.0.0 to 7.0.6 and 7.2.0, and could allow an attacker to use "specially crafted HTTP or HTTPS requests" to execute admin operations, according to Fortinet.

"Due to the ability to exploit this issue remotely Fortinet is strongly recommending all customers with the vulnerable versions to perform an immediate upgrade," Fortinet said in its advisory, which was cited on Twitter.

SANS Internet Storm Center (ISC), which reported the advisory, provided additional advice: "If you have Fortinet products managed by a 3rd party, we also recommended you to cross-check with them to ensure the upgrade will be performed," SANS Interior Storm Center handler Xavier Mertens said in a post in the ISC Diary.

“We are committed to the security of our customers. Fortinet recently distributed a PSIRT advisory (FG-IR-22-377) that details mitigation guidance for customers and recommended next steps," according to a Fortinet media statement. "We continue to monitor the situation and have been proactively communicating to customers, strongly urging them to immediately follow the guidance provided in connection with CVE-2022-40684.”

This article was updated at 2 p.m. on Oct. 10 to include information on the bug's active exploitation in the wild, and at 11 a.m. Oct. 11 to include Fortinet's media statement.

Tue, 11 Oct 2022 09:06:00 -0500 en text/html https://www.darkreading.com/vulnerabilities-threats/patch-now-fortinet-fortigate-and-fortiproxy-contain-critical-vuln
Killexams : Fortinet Customers Told to Urgently Patch Remotely Exploitable Vulnerability

Fortinet has privately informed some customers about a critical and remotely exploitable vulnerability that poses a significant risk.

The cybersecurity firm does not appear to have released a public advisory, but in emails sent to customers the company revealed that its FortiOS and FortiProxy products are affected by a critical authentication bypass vulnerability on the admin interface. The issue is tracked as CVE-2022-40684.

The email has only been distributed to ‘select customers’ and it’s marked as ‘strictly confidential’, with recipients instructed not to share it outside their organization. However, copies of the email have been shared on social media and even on Fortinet forums by customers.

“Fortinet is providing an advanced notification of a critical severity authentication bypass using an alternate path or channel [CWE-88] in specific versions of FortiOS and FortiProxy that may allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests,” Fortinet said.

The company has instructed customers to immediately update their products due to attackers being able to remotely exploit the vulnerability.

FortiOS versions between 7.0.0 and 7.0.6, and between 7.2.0 and 7.2.1 are affected, as well as FortiProxy 7.0.0 through 7.0.6 and 7.2.0. FortiOS patches are included in versions 7.0.7 and 7.2.2, and fixes for FortiProxy are included in 7.0.7 and 7.2.1. There have also been some unconfirmed reports that versions 6.x.x could also be impacted.

Users can also prevent attacks by ensuring that only trusted IP addresses can reach the affected products’ administrative interface.

Threat intelligence company GreyNoise says it will be keeping an eye out for exploitation attempts, but for the time being there is not enough information for them to be able to identify attacks.

Threat intelligence firm Cyberthint reported seeing more than 150,000 potentially vulnerable Fortinet product instances that are exposed to the internet.

While it’s unclear if attacks exploiting CVE-2022-40684 have already begun, it’s not uncommon for threat actors to target vulnerabilities in Fortinet products.

UPDATE: Fortinet has made its advisory public. The company has also informed customers about CVE-2022-33873, which allows an unauthenticated remote attacker to execute arbitrary commands in the underlying shell.

UPDATE 2: Fortinet has confirmed that CVE-2022-40684 is zero-day that has been exploited in at least one attack. 

Related: Vulnerabilities in Fortinet WAF Can Expose Corporate Networks to Attacks

Related: CISA Expands 'Must-Patch' List With Log4j, FortiOS, Other Vulnerabilities

Related: Fortinet Patches High-Severity Vulnerabilities in Several Products

Related: Tens of Thousands of Unpatched Fortinet VPNs Hacked via Old Security Flaw

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
Previous Columns by Eduard Kovacs:
Sun, 09 Oct 2022 22:51:00 -0500 en text/html https://www.securityweek.com/fortinet-customers-told-urgently-patch-remotely-exploitable-vulnerability
Killexams : Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy

Fortinet has privately warned its customers of a security flaw affecting FortiGate firewalls and FortiProxy web proxies that could potentially allow an attacker to perform unauthorized actions on susceptible devices.

Tracked as CVE-2022-40684 (CVSS score: 9.6), the critical flaw relates to an authentication bypass vulnerability that may permit an unauthenticated adversary to carry out arbitrary operations on the administrative interface via a specially crafted HTTP(S) request.

The issue impacts the following versions, and has been addressed in FortiOS versions 7.0.7 and 7.2.2, and FortiProxy versions 7.0.7 and 7.2.1 released this week:

  • FortiOS - From 7.0.0 to 7.0.6 and from 7.2.0 to 7.2.1
  • FortiProxy - From 7.0.0 to 7.0.6 and 7.2.0

"Due to the ability to exploit this issue remotely, Fortinet is strongly recommending all customers with the vulnerable versions to perform an immediate upgrade," the company cautioned in an alert shared by a security researcher who goes by the alias Gitworm on Twitter.

As temporary workarounds, the company is recommending users to disable internet-facing HTTPS Administration until the upgrades can be put in place, or alternatively, enforce a firewall policy to "local-in traffic."

When reached for a comment, Fortinet acknowledged the advisory and noted that it's delaying public notice until its customers have applied the fixes.

"Timely and ongoing communications with our customers is a key component in our efforts to best protect and secure their organization," the company said in a statement shared with The Hacker News. "Customer communications often detail the most up-to-date guidance and recommended next steps to best protect and secure their organization."

"There are instances where confidential advance customer communications can include early warning on advisories to enable customers to further strengthen their security posture, which then will be publicly released in the coming days to a broader audience. The security of our customers is our first priority."


Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.
Fri, 07 Oct 2022 16:39:00 -0500 Ravie Lakshmanan en text/html https://thehackernews.com/2022/10/fortinet-warns-of-new-auth-bypass-flaw.html
Killexams : Fortinet Confirms Zero-Day Vulnerability Exploited in One Attack

Fortinet has confirmed that the critical vulnerability whose existence came to light last week is a zero-day flaw that has been exploited in at least one attack.

The company privately informed some customers last week about the availability of patches and workarounds for an authentication bypass vulnerability exposing FortiOS and FortiProxy products to remote attacks.

The flaw, tracked as CVE-2022-40684, can allow a remote, unauthenticated attacker to perform unauthorized operations on the targeted appliance’s admin interface using specially crafted HTTP or HTTPS requests.

Fortinet on Monday made public an advisory for CVE-2022-40684 and warned that it’s aware of one attack involving exploitation of the zero-day. The company has provided an indicator of compromise (IoC) that customers can use to check if their appliances have been hacked.

It’s likely that exploitation of the vulnerability occurred before Fortinet released a patch. Limited exploitation of a security flaw typically suggests that a sophisticated threat actor — likely a state-sponsored group — is behind the attacks.

However, details and proof-of-concept (PoC) exploits are expected to become publicly available in the coming days, which will allow other threat actors to add the exploit to their toolset.

Researcher Carlos Vieira said the vulnerability is “really simple to exploit and easy to weaponize” and warned that exploitation can lead to a full device takeover.

SANS Institute reported seeing an increase in scans for an old Fortigate vulnerability and the company believes someone may be trying to create a list of potential targets for CVE-2022-40684 exploitation.

According to Fortinet’s advisory, in addition to FortiProxy web gateways and security appliances running FortiOS, the flaw impacts FortiSwitch Manager, the management platform for FortiSwitch switches. Versions 7.0.x and 7.2 are affected and patches are included in versions 7.0.7, 7.2.1 and 7.2.2.

There are many vulnerable devices that are exposed to the internet, which makes widespread exploitation very likely. It’s not uncommon for threat actors to target Fortinet devices in their attacks.

Related: Vulnerabilities in Fortinet WAF Can Expose Corporate Networks to Attacks

Related: Fortinet Patches High-Severity Vulnerabilities in Several Products

Related: Tens of Thousands of Unpatched Fortinet VPNs Hacked via Old Security Flaw

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
Previous Columns by Eduard Kovacs:
Mon, 10 Oct 2022 23:13:00 -0500 en text/html https://www.securityweek.com/fortinet-confirms-zero-day-vulnerability-exploited-one-attack
Killexams : Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug

Fortinet on Monday revealed that the newly patched critical security vulnerability impacting its firewall and proxy products is being actively exploited in the wild.

Tracked as CVE-2022-40684 (CVSS score: 9.6), the flaw relates to an authentication bypass in FortiOS, FortiProxy, and FortiSwitchManager that could allow a remote attacker to perform unauthorized operations on the administrative interface via specially crafted HTTP(S) requests.

"Fortinet is aware of an instance where this vulnerability was exploited, and recommends immediately validating your systems against the following indicator of compromise in the device's logs: user='Local_Process_Access,'" the company noted in an advisory.

The list of impacted devices is below -

  • FortiOS version 7.2.0 through 7.2.1
  • FortiOS version 7.0.0 through 7.0.6
  • FortiProxy version 7.2.0
  • FortiProxy version 7.0.0 through 7.0.6
  • FortiSwitchManager version 7.2.0, and
  • FortiSwitchManager version 7.0.0

Updates have been released by the security company in FortiOS versions 7.0.7 and 7.2.2, FortiProxy versions 7.0.7 and 7.2.1, and FortiSwitchManager version 7.2.1.

The disclosure comes days after Fortinet sent "confidential advance customer communications" to its customers, urging them to apply patches to mitigate potential attacks exploiting the flaw.

If updating to the latest version isn't an option, it's recommended that users disable the HTTP/HTTPS administrative interface, or alternatively limit IP addresses that can access the administrative interface.

Update: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added the Fortinet flaw to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply patches by November 1, 2022.

Details and proof-of-concept (PoC) code for the vulnerability are expected to become publicly available in the coming days, in a move that could enable other threat actors to adopt the exploit to their toolset and mount their own attacks.

"Vulnerabilities affecting devices on the edge of corporate networks are among the most sought after by threat actors because it leads to breaching the perimeter, and CVE-2022-40684 allows exactly this," Zach Hanley, chief attack engineer at Horizon3.ai, said.

"Past Fortinet vulnerabilities, like CVE-2018-13379, have remained some of the top exploited vulnerabilities over the years and this one will likely be no different."


Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.
Wed, 12 Oct 2022 01:16:00 -0500 Ravie Lakshmanan en text/html https://thehackernews.com/2022/10/fortinet-warns-of-active-exploitation.html
Killexams : Fortinet issues emergency patches for FortiOS, FortiProxy and FortiSwitchManager

Fortinet Inc. today issued emergency patches for a number of its products after a severe vulnerability was discovered and exposed last week.

The vulnerability, designated CVE-2022-40684, is described by Fortinet as an authentication bypass. The bypass uses an alternate path or channel vulnerability in FortiOS, FortiProxy and FortiSwitchManager that may allow an unauthenticated attacker to perform operations on the administrative interface via a specifically crafted HTTP or HTPPS request. Fortinet noted that it’s aware of an instance where the vulnerability has been exploited.

Fortinet first let “select customers” know of the vulnerability via email last week. According to Security Week, copies of the email were shared on social media and Fortinet forums in the following days.

Versions of Fortinet software that are exposed to the vulnerability are FortiOS 7.0.0 to 7.06, 7.2.0 and 7.2.1; FortiProxy 7.0.0 to 7.0.6 and 7.2.0; and FortiSwitchManager 7.0.0 and 7.2.0. FortiOS has released patched versions for FortiOS 7.0.7 and 7.2.2 and above, FortiProxy 7.0.7 and 7.2.1 and above and FortiSwitchManager 7.2.1 or above.

Along with installing patches or newer versions of the affected software, Fortinet recommends users validate their systems against the user=”Local_Process_Access” in device logs. For those unable to install a patch, at least immediately, there are other options to address the vulnerability.

The workaround options for FortiOS and FortProxy include disabling the HTTP/HTTPS administrative access or limiting IP addresses that can reach the administrative interface. For FortiSwitchManager, the only option is to disable the HTTP/HTTPS administrative access. With all options, customers can also contact Fortinet customer support for assistance.

Although Fortinet has released patches and workarounds, the risk of the vulnerability being exploited continues to grow. The Horizon3 Attack Team posted on Twitter Inc. that it’s working on a proof-of-concept exploit that it plans to release later this week.

Fortinet did not disclose how many customers may be affected. However, cyberthreat intelligence platform company Cyberthint estimates that there are more than 150,000 Fortinet devices exposed.

Image: Fortinet

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Mon, 10 Oct 2022 20:16:00 -0500 en-US text/html https://siliconangle.com/2022/10/10/fortinet-issues-emergency-patches-fortios-fortiproxy-fortiswitchmanager/
Killexams : Fortinet (NASDAQ:FTNT) PT Lowered to $65.00

Fortinet (NASDAQ:FTNTGet Rating) had its price objective cut by equities research analysts at Barclays from $77.00 to $65.00 in a research note issued to investors on Tuesday, The Fly reports. Barclays‘s price target would indicate a potential upside of 34.83% from the stock’s current price.

Several other research firms have also recently weighed in on FTNT. Deutsche Bank Aktiengesellschaft increased their price objective on shares of Fortinet from $60.00 to $63.00 in a research report on Thursday, August 4th. BMO Capital Markets dropped their price target on shares of Fortinet from $70.00 to $68.00 and set an “outperform” rating on the stock in a research report on Thursday, August 4th. StockNews.com raised shares of Fortinet from a “hold” rating to a “buy” rating in a research report on Friday, October 7th. Evercore ISI dropped their price target on shares of Fortinet to $75.00 in a research report on Tuesday, August 9th. Finally, Morgan Stanley raised shares of Fortinet from an “equal weight” rating to an “overweight” rating and lifted their price objective for the stock from $66.00 to $69.00 in a research report on Friday, October 7th. Four analysts have rated the stock with a hold rating and twenty have issued a buy rating to the stock. Based on data from MarketBeat.com, Fortinet has a consensus rating of “Moderate Buy” and a consensus target price of $71.49.

Fortinet Trading Down 0.8 %

Shares of NASDAQ:FTNT opened at $48.21 on Tuesday. The company’s 50-day moving average price is $50.99 and its two-hundred day moving average price is $58.34. The company has a debt-to-equity ratio of 4.24, a current ratio of 1.12 and a quick ratio of 1.05. Fortinet has a one year low of $47.37 and a one year high of $74.35. The stock has a market capitalization of $38.01 billion, a PE ratio of 59.52, a price-to-earnings-growth ratio of 3.67 and a beta of 1.15.

Fortinet (NASDAQ:FTNTGet Rating) last announced its quarterly earnings results on Wednesday, August 3rd. The software maker reported $0.18 EPS for the quarter, beating analysts’ consensus estimates of $0.15 by $0.03. Fortinet had a net margin of 17.66% and a return on equity of 128.66%. The business had revenue of $1.03 billion for the quarter, compared to analyst estimates of $1.03 billion. On average, equities analysts forecast that Fortinet will post 0.78 EPS for the current fiscal year.

Insider Buying and Selling at Fortinet

In other news, VP Michael Xie sold 8,267 shares of Fortinet stock in a transaction that occurred on Tuesday, August 2nd. The shares were sold at an average price of $60.64, for a total transaction of $501,310.88. Following the sale, the vice president now owns 29,772,120 shares in the company, valued at $1,805,381,356.80. The transaction was disclosed in a document filed with the SEC, which is available at this link. In other news, CFO Keith Jensen sold 39,440 shares of the business’s stock in a transaction on Thursday, August 25th. The shares were sold at an average price of $50.57, for a total transaction of $1,994,480.80. Following the completion of the sale, the chief financial officer now directly owns 4,541 shares of the company’s stock, valued at $229,638.37. The sale was disclosed in a legal filing with the Securities & Exchange Commission, which can be accessed through the SEC website. Also, VP Michael Xie sold 8,267 shares of the company’s stock in a transaction dated Tuesday, August 2nd. The stock was sold at an average price of $60.64, for a total transaction of $501,310.88. Following the completion of the sale, the vice president now directly owns 29,772,120 shares of the company’s stock, valued at $1,805,381,356.80. The disclosure for this sale can be found here. Insiders have sold 54,207 shares of company stock valued at $2,839,577 over the last 90 days. 18.80% of the stock is currently owned by corporate insiders.

Institutional Trading of Fortinet

A number of hedge funds have recently added to or reduced their stakes in the business. Horizon Investments LLC acquired a new position in shares of Fortinet during the first quarter valued at about $1,122,000. Merit Financial Group LLC acquired a new stake in shares of Fortinet during the 1st quarter worth approximately $1,258,000. DnB Asset Management AS lifted its position in shares of Fortinet by 403.9% during the 2nd quarter. DnB Asset Management AS now owns 112,060 shares of the software maker’s stock valued at $6,340,000 after buying an additional 89,820 shares in the last quarter. Lord Abbett & CO. LLC purchased a new position in shares of Fortinet during the 1st quarter valued at approximately $79,750,000. Finally, Great Valley Advisor Group Inc. purchased a new position in shares of Fortinet during the 2nd quarter valued at approximately $1,123,000. 65.72% of the stock is owned by hedge funds and other institutional investors.

Fortinet Company Profile

(Get Rating)

Fortinet, Inc provides broad, integrated, and automated cybersecurity solutions in the Americas, Europe, the Middle East, Africa, and the Asia Pacific. It offers FortiGate hardware and software licenses that provide various security and networking functions, including firewall, intrusion prevention, anti-malware, virtual private network, application control, web filtering, anti-spam, and wide area network acceleration.

Read More

The Fly logo

Analyst Recommendations for Fortinet (NASDAQ:FTNT)

Receive News & Ratings for Fortinet Daily - Enter your email address below to receive a concise daily summary of the latest news and analysts' ratings for Fortinet and related companies with MarketBeat.com's FREE daily email newsletter.

Wed, 12 Oct 2022 18:36:00 -0500 Defense World Staff en text/html https://www.defenseworld.net/2022/10/13/fortinet-nasdaqftnt-pt-lowered-to-65-00.html
Killexams : Fortinet: Fairly Valued, Profitable And Growing Rapidly
Computer System Hacked. Virus Software Screen

AndreyPopov

Fortinet (NASDAQ:FTNT) is a cybersecurity powerhouse that is a leader in firewalls. According to Check Point Research, global cybersecurity attacks have increased by 32% year over year, with over 1,200 attacks per week globally. The rise of remote working, the cloud and Internet of Things (IoT) devices have widened the attack surface which has made networks more vulnerable to attack. Thus it's no surprise the global cybersecurity market was worth $139 billion in 2021 and is expected to grow at a rapid 13.4% compounded annual growth rate reaching $376 billion by 2029. Fortinet is poised to ride this trend as one of the largest cybersecurity companies in the industry, with best-in-class technology. The company's stock price has slid down by 29% from its all-time highs in December 2021, and the stock now looks to be fairly valued, while being profitable. In this post, I'm going to break down the company's business model, financials, and valuation, let's dive in.

Secure Business Model

The company's FortiGate Firewall solution makes up over one-third of firewall shipments globally, leaving competitors in the dust.

Fortinet firewall

Fortinet firewall (Investor Presentation 2022)

Fortinet's firewall is also rated as the number one market leader by Gartner and the platform has even won the customer choice award for 2022.

Fortinet firewall

Fortinet firewall (Gartner)

Its firewall solution offers a network security framework that offers threat prevention while also not limiting performance. Customer reviews also indicate the solution is "simple to use" and easier to set up which can be a real selling point for any digital transformation product. From the graphic below you can see the core hardware and software products are complimented by a series of security services that are sold on a subscription, which thus offers recurring revenue.

Fortinet products

Fortinet products (Investor Presentation)

Fortinet's technological success is driven by its proprietary ASIC (Application Specific Integrated Circuit) technology. This is a custom semiconductor design that enables higher performance to be achieved at a much lower cost than an off-the-shelf non-custom piece of hardware.

According to a exact survey of Chief Information Security Officers (CISOs) by Gartner, 75% of them are overwhelmed by the number of vendors and would like to consolidate with a small number of security providers. This is a large increase from 29% of CISOs in 2020. The cybersecurity industry is extremely fragmented with no one company making up over 10% market share. This offers an opportunity for Fortinet as they already have the second largest revenue, just behind Palo Alto Networks (PANW). Therefore as the industry consolidates Fortinet can offer customers its MESH platform that offers security from endpoint devices to the data center and hybrid cloud.

Fortinet

Fortinet solution (Investor presentation 2022)

Fortinet is also a Gartner Magic Quadrant leader in the software-defined WAN Edge Infrastructure. WAN stands for "Wide Area Network" and is basically the network that connects together a corporation's branch offices. The "software" part makes it much easier to scale, manage and extend this network.

Growing Financials

Fortinet generated solid financial results for the second quarter of 2022. Revenue was $1.03 billion which popped by 28.6% year over year and beat analyst estimates by $2.43 million. This growth was driven by strong product revenue of $400.7 million, which grew by a rapid 34.3% year over year, while its core platform grew revenue by 35% and extension products by 33%, which was a positive sign that its "land and expand" model is working.

Revenue

Revenue (Fortinet Q2 Earnings)

Total service revenue was $629 million, which increased by a rapid 25.2% year over year. This was driven mainly by security subscription service revenue which increased by 25% year over year to $340 million. Support service revenue also increased by a rapid 26% year over year to $289 million. Overall these revenue trends were pretty strong with diverse growth generated across the board.

Chart
Data by YCharts

If we take a step back, Billings which is the amount actually invoiced to customers and is the true "top line" for SaaS companies, also showed solid growth. Billings were $1.3 billion which increased by 36% year over year. This was driven by a strong 50% YoY increase in the number of larger customers, which transact over $1 million. This strategy of "growing upmarket" makes a lot of sense as larger customers tend to be more "sticky", have larger budgets, and more upsell opportunities. Fortinet's focus on vendor consolidation has been a key selling point that has made the platform popular with CISOs (Chief Information Security Officers). Service billings also accelerated with a 36% increase year over year. This was driven by pricing actions that offset headwinds from Russian services that had been halted.

Another great indicator to analyze with SaaS companies is "Bookings", this is a forward-looking metric that indicates the value of contracts signed by a customer. In this case, Bookings were $1.376 billion in the second quarter of 2022, which increased by 42% year over year. This was driven by strong Secure SD-WAN bookings which increased by 60% year over year, as the IT industry begins to converge networking and security together. The company also scored a larger number of global 2000 companies, which increased by 65% year over year.

Bookings

Bookings (Q2 Earnings Report)

Total Backlog which is the "unbilled" portion of the contract value was $350 million, which increased by $72 million and represented strong product demand. This was mainly driven by networking equipment, which made up ~50%, while FortiGates made up 40%. The track record shows this backlog is extremely strong and "sticky". Fortinet's, current customers make up over 95% of Backlog, and it is well diversified across customers. Management believes its Backlog will continue to increase in 2022, despite supply chain constraints which are making product shipping a challenge.

Backlog

Backlog (Q2 Earnings Report)

Fortinet is extremely diversified across various customer categories. For instance, larger enterprises make up 40% of its customer base which is the "safest" and most lucrative customer type, due to the aforementioned reasons. By geography, over 100 countries make up 47% of revenue, followed by 28% for the US. This is especially important given the increasing geopolitical uncertainty, driven by the Russia-Ukraine war. Its Industry diversification is also strong with its service being most popular by worldwide governments at 16% and "other industries" at 39%.

Customer Type

Customer Type (Q2 Report)

Moving onto profitability, Fortinet is solidly profitable with a GAAP operating margin of 19% and income of $147.5 million in Q2,22, which is fantastic. This is in sharp contrast to many other cybersecurity companies out there such as SentinelOne (S) which is unprofitable. Fortinet generated solid earnings per share of $0.21 in the second quarter, which beat analyst estimates by $0.05.

Chart
Data by YCharts

Fortinet also generated strong free cash flow of $283.5 million in Q2,22, although it was down from the $394.7 million generated in the prior year. This was driven by an increase in Days Sales Outstanding (DSO) to 14 days, this indicates the company is experiencing delays on its payments. This can be attributed to the timing of inventory deliveries from various contract manufacturers. The new R&D capitalization rules have impacted many businesses across the board and have caused a tax increase of between $85 million and $110 million for Fortinet.

The good news is Fortinet has a robust balance sheet with $1.755 billion in cash and short-term investments. In addition, the business has long-term debt of $984.9 million. In the six months ending on June 30th, 2022, Fortinet bought back over 25.8 million shares of stock at an average price of ~$57.82 per share, for approximately $1.49 billion. Management has also authorized a $1 billion increase in its share repurchase program.

Advanced Valuation

In order to value Fortinet, I have plugged the latest financials into my advanced valuation model which uses the discounted cash flow method of valuation. I have forecasted a 24% compounded annual growth rate on its revenue over the next 5 years, based on analyst estimates.

Fortinet stock valuation

Fortinet stock valuation (created by author Ben at Motivation 2 Invest)

I have forecasted the business's margin to increase to 27% over the next 8 years, as the company continues to upsell products and offer its high-margin security software solution. It should be noted that this margin includes an adjustment for R&D expenses which I have capitalized. Thus the reported base margin is actually 19% as mentioned prior and I expect this to increase to ~23%.

Fortinet stock valuation 2

Fortinet stock valuation 2 (created by author Ben at Motivation 2 Invest)

Given these factors I get a fair value of $48.81 per share, the stock is trading at $51 per share and thus is "fairly valued" in my eyes, given the strong profitability of the business.

As an extra data point, Fortinet trades at a Price to Earnings ratio = 48, which is fairly high but this is ~1% cheaper than its 5-year average.

Chart
Data by YCharts

Relative to other cybersecurity companies, Fortinet trades at a mid-range price-to-sales ratio = 9.2. For example, Palo Alto Networks is slightly cheaper with a PS ratio = 7.4.

Chart
Data by YCharts

Risks

Recession/Longer deal cycles

The high inflation and rising interest rate environment have caused many analysts to forecast a recession. Therefore I expect purchasing deals to take longer to close, as IT security teams delay new spending. The good news is Fortinet has increasingly focused on the Return on Investment (ROI) of its service and they even have an ROI calculator on its website. Thus longer term, the value proposition is still strong for businesses.

Competition

There are many competitors in the Cybersecurity industry. Top competitors according to Gartner include; Palo Alto Networks, Juniper (JNPR), Cisco (CSCO), Forcepoint, F5 (FFIV) and more. However, Fortinet has the highest-rated network firewall platform as mentioned prior.

Final Thoughts

Fortinet is a leading cybersecurity company that dominates the firewall industry. The company has expanded its product range and is now poised to benefit from trends such as industry growth and vendor consolidation. The stock is fairly valued, profitable, and growing steadily, thus this looks to be a great investment for the long term.

Tue, 04 Oct 2022 11:16:00 -0500 en text/html https://seekingalpha.com/article/4544696-fortinet-fairly-valued-profitable-and-growing-rapidly
Killexams : What it’s like receiving the BAD kind of captain’s pick phone call

Mackenzie Hughes

Getty Images

Life is good for Mackenzie Hughes right now, as he’s chomping on chips and salsa in the United Lounge at the Las Vegas airport. He just got a workout in —  apparently, there’s a lavish gymnasium at airport code LAS — and was waiting for the PGA Tour chartered jet

Life is particularly good right now, in early October, one week removed from his second-career Tour victory at the Sanderson Farms. Between bites and giving answers to my many questions, Hughes received another soft spoil of his win: fellow Tour pros stopping by and dapping him up with congratulations. 

But it hasn’t been an entirely rosy fall for Hughes. Until that win, he gave his 2022 grade of C+. His year was an up-and-down experience with weird rules issues, spurts of great form and a late stint of four straight missed cuts in July and August … just as the International Presidents Cup team was being finalized. 

Hughes was 14th in the points standings, which is all you’d want from a season he felt was average. And considering Cameron Smith, Joaquin Niemann and an injured Erik Van Rooyen were ahead of him, he had to feel good about his chances to get the good kind of phone call. 

Unlike other sports where if draft picks hear the phone ring it can only mean good things, in pro golf’s team competitions, there are more sad phone calls than happy ones. Captains don’t love making the sad calls. And players sure don’t like receiving them. Hughes wasn’t exactly optimistic ahead of Trevor Immelman’s call. 

“I was a little bit nervous to get that phone call, kind of anticipating the bad phone call,” he told me. “Just because of the way the season finished, I just didn’t have the good vibes. Had I been one of the guys he was really thinking about, I would have been in contact with him a little bit more. So I felt like I was going to get that phone call the wrong way. And I did.”

Hughes was talking to me during a 70-minute breakdown of his entire year, for a piece we call Report Card on the Drop Zone Podcast. You can listen to it below, or tap the link here. (We also did one with Xander Schauffele in September.) We were picking at a scab that was in the process of healing.

“When it came through and I saw [Immelman’s name], I wasn’t really ready for it,” he continued. “I ran outside — I was with my kids — I ran outside and picked up the phone. My heart’s kind of starting to pound a little bit. I just got the vibe right away. You know, it was just the first couple lines. I just felt like the tone, he was ready to kind of deliver the bad news. We exchanged small talk and pleasantries for a little bit and then it was ‘Hey, I’m not going to be able to pick you for the team.’ You just sink down into the floor. It sucks.”

Hughes isn’t jaded. He doesn’t hold it against Immelman or the vice captains or the analytics team that helped them formulate selections. As we’ve said, life is good. But he does think he could have made a difference on the squad. If anything, he regrets not campaigning harder for himself. 

It was a particularly weird week for him anyway. He’s a Charlotte resident and the Cup was held at Quail Hollow, a place he’s quite familiar with. He saw all the signs up in town. Some of his best mates were already on the team. (He even considered going to the event as a fan.) But his poor form in the run-up to that fateful phone call surely loomed large for Immelman.

“If I could have done it again, I wish I had been more ready,” he said. “To know what I was going to say. I just didn’t know what to say at that point. I would have fought harder for myself and kind of been my own advocate a little bit more. Because I really do think that — at the end of the day, I know he picked a team that was super strong. It was a great team. But those first couple days they got out-putted pretty badly. I felt like I could have been a big help there.”

It’s not his choice who makes the team, but he is correct about that quality of his game. He IS a good putter. Hughes ranked 14th on Tour in Strokes Gained: Putting last season and 15th the weekend before that. If anything has progressed in his game in exact years, it’s the flatstick. And there’s a popular adage that follows these match-play team formats: they’re just putting contests. As reductive as that trope can be, winning a four-ball match often comes down to either hitting it close or hitting putts into the hole.

Hughes capped off his Presidents Cup talk how only a Canadian could: “I’m looking forward to Royal Montreal.” That’s where the Cup will be held in 2024, where whoever the International captain is will certainly be looking for players the fans can get behind. 

Pros are repeatedly dealt tricky moments like this one, and another adage often follows them: play better. Miss the cut? Play better. Miss the FedEx Cup playoffs? Play better. Miss the Presidents Cup in your hometown at a course you know well? Play better, mate. 

That’s what Hughes did. 

Not getting the phone call he desired served a juicy plateful of inspiration. He envisioned himself winning the first week of the PGA Tour season in response, at the Fortinet Championship. That would send quite the message if a exact Tour winner wasn’t on the International squad. He finished T25, solid. He watched some of the action on TV and didn’t particularly love it. When he played next, he began envisioning a Sanderson Farms, too. And when he saw his name atop the leaderboard Friday afternoon, his mind switched to a different mode.

Usually, a Friday round on Tour is filled with thoughts about the cutline but Hughes began to think about winning the event that day. Spoiler alert: that’s exactly what he did, beating Sepp Straka in a two-hole playoff with a birdie on 18, his first win on Tour in six years. (Coincidentally, another captain’s pick snub, Ryan Fox, won that week on the DP World Tour.) Before the win, Hughes graded his 2022 a C+. After the win, he boosted it to a B+, guaranteeing himself a spot in the Masters, and earning an invite to the mega-purse Tournament of Champions in Hawaii. As he told me in the podcast below he has a tendency of playing his best golf after a string of missed cuts. Pour yourself a cup of coffee, kick your feet up and check out the Drop Zone episode below.

Sat, 15 Oct 2022 06:40:00 -0500 en-US text/html https://golf.com/news/mackenzie-hughes-explains-bad-presidents-cup-phone-call/
NSE4-5-4 exam dump and training guide direct download
Training Exams List