AI Powered Web Application Protection with Fortinet
Cloud Field Day 24
•
22m
Fortinet's approach to securing AI workloads involves a layered defense strategy. Their presentation at Cloud Field Day 24 demonstrated SQL injection (SQLi), Server-Side Request Forgery (SSRF), and model manipulation attacks against an AI-powered application using the Model Context Protocol (MCP), showcasing how Fortinet solutions protect at each stage of the attack kill chain. The demonstration highlighted the vulnerabilities introduced by AI agents and the importance of securing this new attack surface.
The presented environment, deployed in AWS as microservices, features a vulnerable e-commerce application ("Juice Shop") augmented with an AI chatbot. Traffic between VPCs is routed through a security services VPC, where FortiWeb (web application firewall) and FortiGate provide inspection. The attack flow involves a user interacting with the chatbot, which then communicates with a large language model (OpenAI) via MCP. This interaction exposes vulnerabilities, as demonstrated by an attacker successfully injecting SQL code through the chatbot interface, bypassing traditional web application firewall protections.
Fortinet demonstrated how FortiWeb's machine learning capabilities can detect and mitigate these attacks. By learning normal application traffic and building a model of expected API behavior, FortiWeb can identify anomalous requests, such as SQL injection attempts. The system then evaluates these alerts, leveraging its threat intelligence database to determine appropriate actions, including blocking malicious requests. Furthermore, FortiWeb's AI assistant provides detailed analysis of attacks, including remediation recommendations, and generates API documentation to keep up with rapidly evolving pre-built APIs.
Presented by Derrick Gooch, Consulting System Engineer, Fortinet, Srija Alam, Cloud Security Architect, Fortinet, and Julian Petersohn, Principal Systems Engineer, Fortinet. Recorded live at Cloud Field Day in Emeryville on October 21, 2025. Watch the entire presentation at https://techfieldday.com/event/cfd24/ or visit https://www.fortinet.com/ for more information.
Up Next in Cloud Field Day 24
-
Protecting the Keys to the Kingdom wi...
The Three Pillars of Fortinet AI Security: Protect from AI, Assist with AI, and Secure AI. This demonstration illustrates how Fortinet combines AI-driven analytics for SOC assistance with deep protection for AI workloads themselves. Showcasing a simulated attack on a cloud-based e-commerce applic...
-
HPE’s Hybrid Cloud Strategy & Portfol...
Brad Park from HPE opens by outlining the company's hybrid cloud strategy and portfolio, emphasizing the importance of achieving a cloud operating model for AI and other initiatives. He highlights the challenges posed by technical debt and the complexities of heterogeneous enterprise environments...
-
Enabling Hybrid Cloud Anywhere with H...
In this CFD session, we explore how Hewlett Packard Enterprise (HPE) is transforming the way enterprises provision, manage, and protect hybrid cloud environments with the HPE CloudOps Software suite, comprising HPE Morpheus Enterprise, HPE OpsRamp, and HPE Zerto. Including discussion and live dem...
