Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.6.2
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiSOAR 7.6.2 Release Notes
    7.6.2
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.5.3
    7.5.2
    7.5.1
    7.5.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.3.3
    7.3.2
    7.3.1
    7.3.0
    7.2.2
    7.2.1
    7.2.0
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.4
    6.4.3
    6.4.1
    6.4.0
    6.0.0

    New Features and Enhancements

    New Features and Enhancements

    This release brings exciting new features and enhancements to improve performance, strengthen data security, and elevate your FortiSOAR™ experience.

    RabbitMQ clustering across all active HA nodes

    • FortiSOAR 7.6.2 enhances its High Availability (HA) architecture with RabbitMQ clustering across all active HA nodes, adding a new layer of resilience to your deployment. With this improvement, message queues are mirrored across the cluster, enabling seamless message processing and reducing downtime during node transitions.
      For details, see the Setting up High Availability of the Secure Message Exchange topic in the Distributed Tenancy Support chapter of the "Multi-Tenancy Support Guide."

    Enhanced Dashboards and Reports to display advanced datasets and relationships with the new Data Visualization widget

    • The new Data Visualization widget utilizes advanced tools to present complex datasets visually, helping you uncover intricate patterns, relationships, and insights that traditional charts might miss. The new options included for data visualization in dashboards and reports include: Heat Map, Tree Map, Sunburst, and Word Cloud. Starting with release 7.6.2, the Data Visualization widget will be installed by default on fresh FortiSOAR installations and systems upgraded to release 7.6.2 and later.
      For details, see the Data Visualization widget documentation.

    Support for visualizing playbook relationships in a tree diagram with the new Playbook Developer Assistant widget

    • The new Playbook Developer Assistant widget offers a tree diagram that visually represents the relationships between nested playbooks, simplifying playbook design, configuration, and debugging. It also enables users find playbook steps including variables, step names, and more, that contain the search term within the open playbook.
      For details, see the Playbook Developer Assistant widget documentation.

    Support for early exit in reference playbooks using for_each loops

    • Starting with release 7.6.2, FortiSOAR introduces the 'Loop break' condition option while using for_loops in steps executed in the 'Sequential' mode. This feature enables you to define a condition that will terminate the loop early, returning the results up to that point.
      For details see the Triggers & Steps chapter in the "Playbook Guide."

    Support for multiple System View Templates in module's detail view

    • System View Templates (SVTs) are predefined blueprints that customize the layout and presentation of user interface views. Starting with release 7.6.2, users can now create and modify multiple SVTs in the detailed view of module records to suit their requirements. This enhancement is particularly useful for modules with a large number of fields, (e.g., 100-110 fields), where displaying everything in a single view can be overwhelming. With multiple SVTs, users can create focused views that show only the most relevant fields for specific use cases. For example, a focused SVT might display fields related to alert type and source, allowing users to quickly access the information they need without sifting through all fields.
      For details, see the Working with Modules - Alerts & Incidents chapter in the "User Guide."

    Administrative Enhancements

    • Retention of custom updates in SVTs during Solution Packs upgrades: In release 7.6.2, custom changes made to SVTs (System View Templates) in the detail view will now be preserved during solution pack upgrades. This means that any modifications you make will no longer be overwritten, saving you valuable time and effort. Previously, Solution Pack upgrades would overwrite any custom modifications made to existing view templates.
      For details, see the Solution Packs and the Working with Modules - Alerts & Incidents chapters in the "User Guide."
    • Improved Rolling Upgrades for High Availability (HA) Clusters: In release 7.6.2, the rolling upgrade process has been enhanced to reduce manual steps. Users no longer need to manually set nodes to "Upgrade" mode, as FortiSOAR now automates this process. This enhancement streamlines upgrades and ensures high availability with minimal downtime and efforts.
      For details, see the Upgrading a FortiSOAR High Availability Cluster chapter in the "Upgrade Guide".

    Playbook Enhancements

    • Jinja Editor Enhancement: Release 7.6.2 has improved the Choose A Recent Playbook Execution drop-down list in the Jinja Editor (Tools > Jinja Editor in the Playbook Designer). Now, the list will display the exact time of the playbook executions, such as '2 hours 23 minutes ago'. This precise time display helps you more effectively identify and troubleshoot issues.
      For details, see the Jinja Editor topic in the Dynamic Values chapter of the "Playbooks Guide."

    Solution Packs, Connectors, and Widget Enhancements

    Release 7.6.2 brings a powerful wave of innovation to FortiSOAR that included new Solution Packs, connectors, and widgets designed to supercharge SecOps teams:

    • Notable New and Updated Solution Packs:
      • SOAR Framework Solution Pack (SFSP) v3.2.0: This release adds support for multiple System View Templates (SVTs), allowing users to create customized views for modules with large data sets. This improves visibility and efficiency when tracking alerts, analyzing sources, or managing workflows. SVTs included in solution packs are now locked to ensure stability during upgrades. Users can create custom SVTs, which will be preserved during future updates.
        For details, see the SFSP document.
      • FortiAI v4.0.0: FortiAI now makes it easier than ever to create custom connectors! You can automatically generate a connector, complete with a set of API actions, simply by specifying your API endpoints. This streamlines the connector creation process, saving you time and effort. Additionally, FortiAI also streamlines playbook design by generating intelligent, context-aware blocks with accurate Jinja expressions, reducing manual edits and accelerating workflow development.
        For details, see the FortiAI document.
      • Outbreak Response Framework v2.1.0: This release broadens the framework with four new outbreak response packs targeting Apache Tomcat RCE, Ivanti Cloud Services Appliance zero-day, Microsoft .NET Framework Information Disclosure, and PTZOptics camera exploits
        The Outbreak Management experience has been fully redesigned for faster investigations, featuring a new dashboard, detailed outbreak alerts, and advanced hunt rule management. Enhancements include an improved configuration wizard with streamlined setup, instant response pack ingestion, and automatic installation notifications. New automation schedules simplify the full alert-to-response workflow.
        A new Pluggable Threat Hunt Framework enables seamless integration with tools such as FortiSIEM, FortiAnalyzer, QRadar, and Splunk. Usability improvements include updated widgets, refined picklists, and new key store records for modular integrations. Playbooks have been reorganized to centralize hunt workflows for faster access and execution.
        For details, see the Outbreak Response Framework documents.
      • Threat Intel Management v2.0.0: This release includes key upgrades to streamline setup, navigation, and threat feed management. A new Configuration Wizard simplifies setup with guided steps for selecting feed sources, configuring integrations, and setting granular rules. The redesigned Navigation Menu offers quicker access to Dashboards, Threat Intel Feeds, and Hunts.
        To support compliance and accuracy, the update includes mandatory fields for STIX/TAXII 2.0, improved System View Templates, and a more intuitive workspace setup. Feed management is enhanced with support for unstructured feed imports, a preconfigured MITRE ATT&CK connector, and new Threat Feed Rules that simplify indicator mapping. The Hunts module is now integrated into the Threat Intel Management section, delivering a unified experience for threat analysis. These enhancements make threat intelligence management more efficient and aligned to standards.
        For details, see the Threat Intel Management document.
    • New and Updated Connectors: Multiple integrations (Fortinet Fabric and third-party) have been released, along with updates to existing connectors – few notable ones being:
      • New integrations include: Grafana, Logic Monitor, CrowdStrike Falcon, and Azure DevOps.
      • Enhanced Fortinet Fabric integrations include: Fortinet FortiDLP and Fortinet FortiRecon ACI.
      For details, see the FortiSOAR Content Hub.
    • New and Updated Widgets: Key widgets have been enhanced for better usability and functionality:
      • Data Visualization widget enhances Dashboards and Reports to display advanced datasets and relationships. For details, see the Data Visualization widget document.
      • Playbook Developer Assistant widget adds support for visualizing playbook relationships in a tree diagram. For details, see the Playbook Developer Assistant widget document.
    Previous
    Next

    New Features and Enhancements

    New Features and Enhancements

    This release brings exciting new features and enhancements to improve performance, strengthen data security, and elevate your FortiSOAR™ experience.

    RabbitMQ clustering across all active HA nodes

    • FortiSOAR 7.6.2 enhances its High Availability (HA) architecture with RabbitMQ clustering across all active HA nodes, adding a new layer of resilience to your deployment. With this improvement, message queues are mirrored across the cluster, enabling seamless message processing and reducing downtime during node transitions.
      For details, see the Setting up High Availability of the Secure Message Exchange topic in the Distributed Tenancy Support chapter of the "Multi-Tenancy Support Guide."

    Enhanced Dashboards and Reports to display advanced datasets and relationships with the new Data Visualization widget

    • The new Data Visualization widget utilizes advanced tools to present complex datasets visually, helping you uncover intricate patterns, relationships, and insights that traditional charts might miss. The new options included for data visualization in dashboards and reports include: Heat Map, Tree Map, Sunburst, and Word Cloud. Starting with release 7.6.2, the Data Visualization widget will be installed by default on fresh FortiSOAR installations and systems upgraded to release 7.6.2 and later.
      For details, see the Data Visualization widget documentation.

    Support for visualizing playbook relationships in a tree diagram with the new Playbook Developer Assistant widget

    • The new Playbook Developer Assistant widget offers a tree diagram that visually represents the relationships between nested playbooks, simplifying playbook design, configuration, and debugging. It also enables users find playbook steps including variables, step names, and more, that contain the search term within the open playbook.
      For details, see the Playbook Developer Assistant widget documentation.

    Support for early exit in reference playbooks using for_each loops

    • Starting with release 7.6.2, FortiSOAR introduces the 'Loop break' condition option while using for_loops in steps executed in the 'Sequential' mode. This feature enables you to define a condition that will terminate the loop early, returning the results up to that point.
      For details see the Triggers & Steps chapter in the "Playbook Guide."

    Support for multiple System View Templates in module's detail view

    • System View Templates (SVTs) are predefined blueprints that customize the layout and presentation of user interface views. Starting with release 7.6.2, users can now create and modify multiple SVTs in the detailed view of module records to suit their requirements. This enhancement is particularly useful for modules with a large number of fields, (e.g., 100-110 fields), where displaying everything in a single view can be overwhelming. With multiple SVTs, users can create focused views that show only the most relevant fields for specific use cases. For example, a focused SVT might display fields related to alert type and source, allowing users to quickly access the information they need without sifting through all fields.
      For details, see the Working with Modules - Alerts & Incidents chapter in the "User Guide."

    Administrative Enhancements

    • Retention of custom updates in SVTs during Solution Packs upgrades: In release 7.6.2, custom changes made to SVTs (System View Templates) in the detail view will now be preserved during solution pack upgrades. This means that any modifications you make will no longer be overwritten, saving you valuable time and effort. Previously, Solution Pack upgrades would overwrite any custom modifications made to existing view templates.
      For details, see the Solution Packs and the Working with Modules - Alerts & Incidents chapters in the "User Guide."
    • Improved Rolling Upgrades for High Availability (HA) Clusters: In release 7.6.2, the rolling upgrade process has been enhanced to reduce manual steps. Users no longer need to manually set nodes to "Upgrade" mode, as FortiSOAR now automates this process. This enhancement streamlines upgrades and ensures high availability with minimal downtime and efforts.
      For details, see the Upgrading a FortiSOAR High Availability Cluster chapter in the "Upgrade Guide".

    Playbook Enhancements

    • Jinja Editor Enhancement: Release 7.6.2 has improved the Choose A Recent Playbook Execution drop-down list in the Jinja Editor (Tools > Jinja Editor in the Playbook Designer). Now, the list will display the exact time of the playbook executions, such as '2 hours 23 minutes ago'. This precise time display helps you more effectively identify and troubleshoot issues.
      For details, see the Jinja Editor topic in the Dynamic Values chapter of the "Playbooks Guide."

    Solution Packs, Connectors, and Widget Enhancements

    Release 7.6.2 brings a powerful wave of innovation to FortiSOAR that included new Solution Packs, connectors, and widgets designed to supercharge SecOps teams:

    • Notable New and Updated Solution Packs:
      • SOAR Framework Solution Pack (SFSP) v3.2.0: This release adds support for multiple System View Templates (SVTs), allowing users to create customized views for modules with large data sets. This improves visibility and efficiency when tracking alerts, analyzing sources, or managing workflows. SVTs included in solution packs are now locked to ensure stability during upgrades. Users can create custom SVTs, which will be preserved during future updates.
        For details, see the SFSP document.
      • FortiAI v4.0.0: FortiAI now makes it easier than ever to create custom connectors! You can automatically generate a connector, complete with a set of API actions, simply by specifying your API endpoints. This streamlines the connector creation process, saving you time and effort. Additionally, FortiAI also streamlines playbook design by generating intelligent, context-aware blocks with accurate Jinja expressions, reducing manual edits and accelerating workflow development.
        For details, see the FortiAI document.
      • Outbreak Response Framework v2.1.0: This release broadens the framework with four new outbreak response packs targeting Apache Tomcat RCE, Ivanti Cloud Services Appliance zero-day, Microsoft .NET Framework Information Disclosure, and PTZOptics camera exploits
        The Outbreak Management experience has been fully redesigned for faster investigations, featuring a new dashboard, detailed outbreak alerts, and advanced hunt rule management. Enhancements include an improved configuration wizard with streamlined setup, instant response pack ingestion, and automatic installation notifications. New automation schedules simplify the full alert-to-response workflow.
        A new Pluggable Threat Hunt Framework enables seamless integration with tools such as FortiSIEM, FortiAnalyzer, QRadar, and Splunk. Usability improvements include updated widgets, refined picklists, and new key store records for modular integrations. Playbooks have been reorganized to centralize hunt workflows for faster access and execution.
        For details, see the Outbreak Response Framework documents.
      • Threat Intel Management v2.0.0: This release includes key upgrades to streamline setup, navigation, and threat feed management. A new Configuration Wizard simplifies setup with guided steps for selecting feed sources, configuring integrations, and setting granular rules. The redesigned Navigation Menu offers quicker access to Dashboards, Threat Intel Feeds, and Hunts.
        To support compliance and accuracy, the update includes mandatory fields for STIX/TAXII 2.0, improved System View Templates, and a more intuitive workspace setup. Feed management is enhanced with support for unstructured feed imports, a preconfigured MITRE ATT&CK connector, and new Threat Feed Rules that simplify indicator mapping. The Hunts module is now integrated into the Threat Intel Management section, delivering a unified experience for threat analysis. These enhancements make threat intelligence management more efficient and aligned to standards.
        For details, see the Threat Intel Management document.
    • New and Updated Connectors: Multiple integrations (Fortinet Fabric and third-party) have been released, along with updates to existing connectors – few notable ones being:
      • New integrations include: Grafana, Logic Monitor, CrowdStrike Falcon, and Azure DevOps.
      • Enhanced Fortinet Fabric integrations include: Fortinet FortiDLP and Fortinet FortiRecon ACI.
      For details, see the FortiSOAR Content Hub.
    • New and Updated Widgets: Key widgets have been enhanced for better usability and functionality:
      • Data Visualization widget enhances Dashboards and Reports to display advanced datasets and relationships. For details, see the Data Visualization widget document.
      • Playbook Developer Assistant widget adds support for visualizing playbook relationships in a tree diagram. For details, see the Playbook Developer Assistant widget document.
    Previous
    Next