November 9 - 14 | Gaylord Opryland | Nashville, TN

November 9 - 14 | Gaylord Opryland | Nashville, TN

Days until the XPERTS Summit 2026:

Overview

Four days of exclusive, forward-looking keynotes and technical workshops delivered by Fortinet's senior technical executives and experts. Compete for bragging rights and prizes in the Ultimate Fabric Challenge. Stick around to explore the newest Fortinet solutions in with our XPERTS and network with your peers as we discover all that Nashville has to offer.

During the Summit, you’ll have access to some of the brightest minds from Fortinet – our Consulting Systems Engineers. These are the people interacting with our customers every day, solving the toughest challenges they come up against – and they’ll be offering insightful workshops based on those use cases, only available at our XPERTS Summit.

Agenda

Monday, Nov. 9
TimeTypeDetailsLocation
12:00PM – 8:00PMRegistrationArrivals + Onsite Check-InWater's Edge
Gaylord Opryland
6:00PM – 8:00PMEvening EventWelcome ReceptionWater's Edge
Gaylord Opryland
Tuesday, Nov 10
Time Type Details Location
6:30AM – 8:00AM Meals &
Registration

Full Buffet Breakfast
You'll be well fed during XPERTS Summit, starting with a full buffet breakfast every morning. You can grab something quick, or enjoy the full spread.

If you were unable to grab your badge on Monday, you can check-in with us during Breakfast.

 Ryman Exhibit Hall B1
8:00AM – 12:00PM General Session

Opening General Session

Robert May
Robert May, EVP, Technology & Product, Fortinet
 Davidson Ballroom AE
12:00PM – 1:00PM Meals Full Buffet Lunch
Come see what we have cooked up for you for lunch!		 Ryman Exhibit Hall B1
1:30PM – 5:30PM Special Event Ultimate Fabric Challenge
The Ultimate Fabric Challenge is an eSports skills competition, based on a series of cybersecurity challenges. To succeed, players must use their skills with Fortinet products to solve objectives in a set amount of time, with bonus points available for the fastest times throughout. Previous challenges include objectives related to SD-WAN, Zero Trust, SASE, Incident Response, Operational Technology (OT), Central Management, and more.		 Davidson Ballroom AE
6:00PM – 8:00PM Testing Onsite Testing
Sit for any Fortinet exam - free of charge. Open to all XPERT Summit attendees.		 Davidson Chamber 5
6:00PM – 8:00PM Evening Event Meet the XPERTS
It's your chance to pose your best, most technical questions to our CSE XPERTS and sponsors. There'll be lively conversations, food and drink, and oh, some fabulous prizes you could win!		 Davidson Ballroom B
Wednesday, Nov 11
TimeTypeDetailsLocation
6:30AM – 8:00AMMeals

Full Buffet Breakfast
You'll need a full belly and lots of energy for today, so come get breakfast and get ready for your workshops.

Ryman Exhibit Hall B1
8:00AM – 12:00PMWorkshops

Morning Workshops

  • AI-Powered Security for the Modern Attack Surface: FortiOS 8.0 
    As organizations expand across cloud, on-premises, and edge environments, the attack surface is growing more dynamic—and more difficult to control. This workshop explores how FortiOS 8.0.0 addresses these challenges with a comprehensive, AI-driven security approach. Attendees will learn how to gain visibility into shadow AI usage across the environment, along with the governance and control mechanisms needed to manage it effectively. The workshop also highlights advanced AI-powered threat detection capabilities and the role of next-generation hardware platforms in delivering high-performance, hybrid protection that extends beyond the traditional perimeter.
  • Automated Unified SASE Deployment: A Technical Deep-Dive for Network Engineers and Security Architects
    This intensive hands-on workshop takes you behind the curtain of modern managed security operations, showing you how to provision, automate, and scale secure network infrastructure using Fortinet’s full SASE and management ecosystem — from first-click cloud onboarding to policy-driven edge security. Participants will work through a progressive series of controlled demos and live lab exercises designed to mirror real-world deployment scenarios at scale.
  • Data Protection, Insider Risk Management, SaaS Data Protection and Data Loss Prevention with FortiDLP
    Protecting sensitive data—such as intellectual property, financial records, and customer or patient information—is critical in today’s threat landscape. FortiDLP is a next-generation, AI-enhanced, cloud‑native endpoint DLP solution that enables security teams to prevent data leaks, identify insider risks, and enforce cyber hygiene at the point of access—without the complexity of legacy DLP tools. By baselining user behavior and applying real-time, context-aware content inspection, FortiDLP provides immediate visibility into data usage across endpoints, cloud drives, and SaaS applications, allowing teams to detect high-risk activity and stop data exfiltration from day one. You will learn FortiDLP configuration and policy creation, with hands-on labs to help protect your organization’s sensitive data effectively.
  • Designing and Deploying FortiSwitch in Data Centers: Standalone and FortiSwitch NMS Managed Modes
    This hands-on technical workshop covers the complete process of designing and deploying FortiSwitch in modern data center environments. Participants will learn key architecture considerations, configuration best practices, and step-by-step deployment in both standalone mode and FortiSwitch NMS managed mode, including stacking, VLAN design, and high-availability setups.
  • End-to-End OT Security with Fortinet: From Threat Surfaces to Secure Operations
    This hands-on class workshop Fortinet's OT security portfolio from the ground up. Students will explore OT-specific threat surfaces including PLCs and HMI along with micro-segmentation strategies using FortiGate's OT Security Service, then move into IT/OT convergence topics including Digital I/O integration and industrial protocol connectivity. The second half addresses secure remote access and identity management tailored for OT environments, and closes with practical logging, SIEM integration, and real-world implementation considerations for brownfield and greenfield deployments.
  • FAZ Advanced: You're Using 20% of Your FortiAnalyzer — Here's the Other 80%, Mastering Advanced FortiAnalyzer Features
    This workshop is built around extracting real, measurable value from a FortiAnalyzer that's likely underutilized today. We start with a quick orientation on the 8.0 capabilities most customers haven't activated, then move into machine-learning behavior baselining. We'll design improved, multi-stage playbooks using 8.0's enhanced automation to orchestrate response across your environment. The centerpiece is a deep dive on the four agentic FortiAI agents: Alert Triage, Threat Hunting, Endpoint Analysis, and Reporting. You will walk away with a concrete plan to transform your FortiAnalyzer from a passive log archive into an active, AI-driven SOC engine.
  • Fortinet SD-WAN Troubleshooting: Real-World Scenarios and Solutions
    This hands-on workshop focuses on troubleshooting Fortinet SD-WAN environments using real-world scenarios you’re likely to encounter in production. Through a combination of guided instruction and lab exercises, you’ll diagnose and resolve common issues involving SD-WAN policies, IPsec VPN connectivity, BGP routing behavior, and FortiManager deployments. Designed to strengthen your troubleshooting mindset, this session builds practical skills and confidence for handling live network challenges. Participants should have a foundational understanding of Fortinet SD-WAN and will leave with actionable techniques they can immediately apply in day-to-day SD-WAN operations.
  • FortiWeb AI to Secure Your AI Applications
    AI presents an evolution of the application phenotype with its own L7 protocols, such as MCP and A2A. FortiWeb’s advanced machine learning and AI inspects AI traffic flows and secure AI-based application deployments by adapting security policy to each application or API. In this workshop, students will learn how to design application security for AI and inspect MCP sessions for protected endpoints.
  • Reducing Cloud Risk with CNAPP: Visibility, Posture, and Identity in One Platform
    Cloud-native applications introduce new security challenges that require integrated visibility across infrastructure, workloads, and identities. This session provides a foundational overview of Fortinet’s CNAPP approach to securing modern cloud environments from development through runtime. Students will explore core capabilities including CSPM, CWPP, and CIEM, and understand how they work together to reduce risk and improve security posture. Hands-on exercises will guide participants through identifying misconfigurations and applying security best practices in cloud-native environments.
  • Unlocking Zero Trust Building Repeatable Identity, Device, and Privileged Access Solutions
    This workshop focuses on building repeatable Zero Trust solutions that secure users, devices, and provide privileged access. Partners will learn how to design and position integrated identity architectures using FortiAuthenticator, FortiNAC‑F, and FortiPAM, enabling scalable deployments, stronger customer outcomes, and expanded solution opportunities within the Fortinet Security Fabric.
  • Zero Trust Journey: Fortinet Universal ZTNA
    This hands-on lab walks through the integration of FortiOS, EMS Cloud, and FortiEndpoint to build a unified Zero Trust remote access architecture. Participants will explore how the FortiOS ZTNA application gateway enforces access policy, while the FortiEndpoint ZTNA agent supplies device posture and SSO authentication. The workshop also includes hands-on exercises covering inline CASB inspection and agentless ZTNA for clientless endpoints.
Ryman Ballroom & Ryman Studios
12:00PM – 1:00PMMealsFull Buffet Lunch
Come see what we have cooked up for you for lunch!		Ryman Exhibit Hall B1
1:00PM – 5:00PMWorkshops

Afternoon Workshops

  • Designing and Deploying FortiSwitch in Data Centers: Standalone and FortiSwitch NMS Managed Modes
    This hands-on technical workshop covers the complete process of designing and deploying FortiSwitch in modern data center environments. Participants will learn key architecture considerations, configuration best practices, and step-by-step deployment in both standalone mode and FortiSwitch NMS managed mode, including stacking, VLAN design, and high-availability setups.
  • Extending Global SD-WAN into AWS Cloud WAN
    As enterprises scale globally, integrating cloud-native networking with SD-WAN becomes essential for performance and resilience. This workshop demonstrates how Fortinet SD-WAN can be extended into AWS Cloud WAN to provide seamless connectivity between on-premises and cloud environments. Participants will learn design considerations, deployment models, and best practices for optimizing routing, security, and application performance. Through guided labs, students will build and validate a hybrid architecture that delivers consistent policy enforcement and end-to-end visibility.
  • FortiOS 8.0 SD-WAN and Beyond: SD-WAN Deployment with FMG Blueprints, IPsec PKI Automation, SSO User Authentication, Zone-mode Policies & More
    This hands-on workshop explores frameworks in FortiOS, FortiManager and FortiAuthenticator 8.0; aimed at enhancing practical experience in configuring and deploying SD-WAN in combination with other features such as PKI Certificates and Single Sign On Authentication. This workshop aims to introduce you to, or strengthen, your understanding of features and workflows which can enhance the security as well as the user and operational experience in your Fortinet SD-WAN deployments.
  • FortiSASE & GenAI: Redefining ZTNA, Identity, and Secure Application Access
    The way we work has changed. So should the way we secure it! As AI totally reshapes enterprise workflows and hybrid work becomes the norm, organizations need a security model that follows the user, the device, and the application, not only the network perimeter. FortiSASE delivers exactly that: a cloud-native SSE platform combining SWG, CASB, FWaaS, and ZTNA with AI-powered threat protection enabling consistent, identity-driven security from anywhere, for anyone.
  • From Alert to Action: AI-Driven SecOps with FortiSIEM + FortiSOAR
    In this hands-on Fortinet Experts Workshop, we bridge the gap between detection and response by combining the power of FortiSIEM and FortiSOAR into a unified security operations workflow. You'll work through real-world playbooks already proven in production - including automatically blocking IOCs on FortiGate directly from a SIEM alert, and enriching investigations with live threat feed integration - so you leave with automation that's ready to deploy, not just demo-ware. We'll also pull back the curtain on agentic AI investigations, showing how AI can autonomously triage, correlate, and drive response actions - reducing analyst workload and mean time to respond.
  • From Zero to SOC: Building, Scaling, and Maturing Operations with FortiSOC
    This Fortinet Experts workshop is designed for both new and mature SOC teams—from those building their first SOC to those looking to eliminate repetitive Tier 1 work. Using the FortiSOC platform, we’ll demonstrate how SIEM, SOAR, UEBA, TIP, and case management come together in a single cloud‑native console. Attendees will see how to ingest and normalize logs, reduce alert noise through tuned correlation, automate triage and response with prebuilt playbooks, and apply FortiAI for machine‑speed investigation and response. You’ll leave with a clear path to build, modernize, or scale SOC operations while reclaiming valuable analyst time.
  • Inside the Attacker’s Path: Deception‑Based Detection with FortiDeceptor‑as‑a‑Service
    FortiDeceptor‑as‑a‑Service is a SaaS‑based deception solution that detects in‑network attacks such as credential theft, lateral movement, and ransomware by luring attackers into a fabricated hybrid deception environment spanning cloud, IT, IoT, and OT. Integrated with the Fortinet Security Fabric, it improves visibility and enables automated identification, investigation, and containment of compromised systems. In this workshop, participants deploy FortiDeceptor in a hybrid environment by configuring edge appliances, deploying decoys, and distributing tokens to user endpoints. Students then simulate real attacker activity to trigger deception events, analyze incidents in the DaaS console, and automate response actions using the Fortinet Security Fabric.
  • Protecting the Inbox: AI‑Powered Defense Against Phishing, BEC, and Ransomware
    Over 90% of cyberattacks start with email, yet traditional defenses often miss advanced threats such as phishing, BEC, ransomware, and account takeovers. In this workshop, you’ll explore AI‑driven email security techniques including anti‑spam and anti‑malware, outbreak protection, content disarm and reconstruction, sandbox analysis, impersonation detection, and targeted threat prevention. We’ll compare Secure Email Gateways and Integrated Cloud Email Security, highlighting Fortinet’s unique ability to deliver both. The session also introduces the updated FortiSAT portal, combining security awareness training and phishing simulations in a single, streamlined platform to build an effective, cyber‑aware workforce.
  • SecOps Thunderdome CTF: FortiEDR + FortiNDR Cloud
    See the attack. Learn the tools. Then enter the arena. This hands-on partner workshop begins with a live attack simulation, giving attendees immediate insight into how threats can unfold across endpoint and network layers. From there, participants receive guided instruction on how FortiEDR and FortiNDR Cloud expose attacker behavior, correlate evidence, and support faster investigation. The session then transitions into a team based CTF where partners apply what they have learned to uncover threats, capture flags, and out-hunt the competition.
  • Securing the SaaS Layer: Deep Visibility, Compliance, and Risk Reduction with SSPM
    As organizations expand SaaS adoption, visibility and control across cloud applications becomes critical to reducing risk. This workshop explores how Fortinet’s CASB and SSPM capabilities deliver deep observability into user activity, misconfigurations, and data exposure across SaaS environments. Participants will learn how to identify risky behaviors, enforce compliance, and continuously assess SaaS security posture. By the end of the lab, students will be able to design and implement cloud observability strategies that strengthen overall security outcomes.
  • Unlocking the Power of SASE: Secure Connectivity for the Modern Enterprise
    In today’s hybrid work environment, traditional networks struggle to deliver secure, seamless application access. This session covers how SASE unifies networking and security in a cloud‑delivered architecture. We’ll review core capabilities such as SD‑WAN and Zero Trust Network Access, with a focus on recent enhancements including agentless ZTNA, secure browser extensions with DLP controls, digital experience monitoring for private apps, and branch on‑ramp connectivity using existing infrastructure.
Ryman Ballroom & Ryman Studios
6:00PM – 8:00PMTestingOnsite Testing
Sit for any Fortinet exam - free of charge. Open to all XPERT Summit attendees.		Davidson Chamber 5
6:00PM – 9:00PMEvening EventOpen Night

TBA
Thursday, Nov 12
TimeTypeDetailsLocation
6:30AM – 8:00AMMeals

Full Buffet Breakfast
Hungry? Breakfast is served.

Ryman Exhibit Hall B1
8:00AM – 12:00PMWorkshops

Morning Workshops

  • AI-Powered Security for the Modern Attack Surface: FortiOS 8.0 
    As organizations expand across cloud, on-premises, and edge environments, the attack surface is growing more dynamic—and more difficult to control. This workshop explores how FortiOS 8.0.0 addresses these challenges with a comprehensive, AI-driven security approach. Attendees will learn how to gain visibility into shadow AI usage across the environment, along with the governance and control mechanisms needed to manage it effectively. The workshop also highlights advanced AI-powered threat detection capabilities and the role of next-generation hardware platforms in delivering high-performance, hybrid protection that extends beyond the traditional perimeter.
  • Automated Unified SASE Deployment: A Technical Deep-Dive for Network Engineers and Security Architects
    This intensive hands-on workshop takes you behind the curtain of modern managed security operations, showing you how to provision, automate, and scale secure network infrastructure using Fortinet's full SASE and management ecosystem — from first-click cloud onboarding to policy-driven edge security. Participants will work through a progressive series of controlled demos and live lab exercises designed to mirror real-world deployment scenarios at scale.
  • Building Secure Networks with FortiManagement Cloud and FortiAIOps: WiFi, Switching & FortiExtender Deployment
    This practical technical workshop explores how to design and deploy secure, integrated networks using FortiManagement Cloud as the central management platform. Participants will gain hands-on experience configuring FortiAP for enterprise WiFi, FortiSwitch for wired connectivity, and FortiExtender for reliable WAN extension and 4G/5G backup, all unified under FortiManagement Cloud for simplified provisioning, monitoring, and security policy enforcement.
  • Data Protection, Insider Risk Management, SaaS Data Protection and Data Loss Prevention with FortiDLP
    Protecting sensitive data—such as intellectual property, financial records, and customer or patient information—is critical in today’s threat landscape. FortiDLP is a next-generation, AI-enhanced, cloud‑native endpoint DLP solution that enables security teams to prevent data leaks, identify insider risks, and enforce cyber hygiene at the point of access—without the complexity of legacy DLP tools. By baselining user behavior and applying real-time, context-aware content inspection, FortiDLP provides immediate visibility into data usage across endpoints, cloud drives, and SaaS applications, allowing teams to detect high-risk activity and stop data exfiltration from day one. You will learn FortiDLP configuration and policy creation, with hands-on labs to help protect your organization’s sensitive data effectively.
  • End-to-End OT Security with Fortinet: From Threat Surfaces to Secure Operations
    This hands-on class workshop Fortinet's OT security portfolio from the ground up. Students will explore OT-specific threat surfaces including PLCs and HMI along with micro-segmentation strategies using FortiGate's OT Security Service, then move into IT/OT convergence topics including Digital I/O integration and industrial protocol connectivity. The second half addresses secure remote access and identity management tailored for OT environments, and closes with practical logging, SIEM integration, and real-world implementation considerations for brownfield and greenfield deployments.
  • FAZ Advanced: You're Using 20% of Your FortiAnalyzer — Here's the Other 80%, Mastering Advanced FortiAnalyzer Features
    This workshop is built around extracting real, measurable value from a FortiAnalyzer that's likely underutilized today. We start with a quick orientation on the 8.0 capabilities most customers haven't activated, then move into machine-learning behavior baselining. We'll design improved, multi-stage playbooks using 8.0's enhanced automation to orchestrate response across your environment. The centerpiece is a deep dive on the four agentic FortiAI agents: Alert Triage, Threat Hunting, Endpoint Analysis, and Reporting. You will walk away with a concrete plan to transform your FortiAnalyzer from a passive log archive into an active, AI-driven SOC engine.
  • FortiClient EMS 8.0 at Scale: High Availability, Unified Endpoint, and MSSP Multi‑Tenancy
    Discover the power of the latest endpoint security enhancements with FortiClient EMS 8.0. In this hands-on lab, you’ll dive into the latest FortiClient EMS innovations including High Availability deployments, FortiClient Unified Endpoint and Multi-tenancy for MSSPs . Gain practical, real-world insights into delivering frictionless user experiences, reducing complexity all within one cohesive platform.
  • Fortinet SD-WAN Troubleshooting: Real-World Scenarios and Solutions
    This hands-on workshop focuses on troubleshooting Fortinet SD-WAN environments using real-world scenarios you’re likely to encounter in production. Through a combination of guided instruction and lab exercises, you’ll diagnose and resolve common issues involving SD-WAN policies, IPsec VPN connectivity, BGP routing behavior, and FortiManager deployments. Designed to strengthen your troubleshooting mindset, this session builds practical skills and confidence for handling live network challenges. Participants should have a foundational understanding of Fortinet SD-WAN and will leave with actionable techniques they can immediately apply in day-to-day SD-WAN operations.
  • FortiWeb AI to Secure Your AI Applications
    AI presents an evolution of the application phenotype with its own L7 protocols, such as MCP and A2A. FortiWeb’s advanced machine learning and AI inspects AI traffic flows and secure AI-based application deployments by adapting security policy to each application or API. In this workshop, students will learn how to design application security for AI and inspect MCP sessions for protected endpoints.
  • Reducing Cloud Risk with CNAPP: Visibility, Posture, and Identity in One Platform
    Cloud-native applications introduce new security challenges that require integrated visibility across infrastructure, workloads, and identities. This session provides a foundational overview of Fortinet’s CNAPP approach to securing modern cloud environments from development through runtime. Students will explore core capabilities including CSPM, CWPP, and CIEM, and understand how they work together to reduce risk and improve security posture. Hands-on exercises will guide participants through identifying misconfigurations and applying security best practices in cloud-native environments.
  • Unlocking Zero Trust Building Repeatable Identity, Device, and Privileged Access Solutions
    This workshop focuses on building repeatable Zero Trust solutions that secure users, devices, and provide privileged access. Partners will learn how to design and position integrated identity architectures using FortiAuthenticator, FortiNAC‑F, and FortiPAM, enabling scalable deployments, stronger customer outcomes, and expanded solution opportunities within the Fortinet Security Fabric.
Ryman Ballroom & Ryman Studios
12:00PM – 1:00PMMealsFull Buffet Lunch
Come see what we have cooked up for you for lunch!		Ryman Exhibit Hall B1
1:00PM – 5:00PMWorkshops

Afternoon Workshops

  • Building Secure Networks with FortiManagement Cloud and FortiAIOps: WiFi, Switching & FortiExtender Deployment
    This practical technical workshop explores how to design and deploy secure, integrated networks using FortiManagement Cloud as the central management platform. Participants will gain hands-on experience configuring FortiAP for enterprise WiFi, FortiSwitch for wired connectivity, and FortiExtender for reliable WAN extension and 4G/5G backup, all unified under FortiManagement Cloud for simplified provisioning, monitoring, and security policy enforcement.
  • Extending Global SD-WAN into AWS Cloud WAN
    As enterprises scale globally, integrating cloud-native networking with SD-WAN becomes essential for performance and resilience. This workshop demonstrates how Fortinet SD-WAN can be extended into AWS Cloud WAN to provide seamless connectivity between on-premises and cloud environments. Participants will learn design considerations, deployment models, and best practices for optimizing routing, security, and application performance. Through guided labs, students will build and validate a hybrid architecture that delivers consistent policy enforcement and end-to-end visibility.
  • FortiOS 8.0 SD-WAN and Beyond: SD-WAN Deployment with FMG Blueprints, IPsec PKI Automation, SSO User Authentication, Zone-mode Policies & More
    This hands-on workshop explores frameworks in FortiOS, FortiManager and FortiAuthenticator 8.0; aimed at enhancing practical experience in configuring and deploying SD-WAN in combination with other features such as PKI Certificates and Single Sign On Authentication. This workshop aims to introduce you to, or strengthen, your understanding of features and workflows which can enhance the security as well as the user and operational experience in your Fortinet SD-WAN deployments.
  • FortiSASE & GenAI: Redefining ZTNA, Identity, and Secure Application Access
    The way we work has changed. So should the way we secure it! As AI totally reshapes enterprise workflows and hybrid work becomes the norm, organizations need a security model that follows the user, the device, and the application, not only the network perimeter. FortiSASE delivers exactly that: a cloud-native SSE platform combining SWG, CASB, FWaaS, and ZTNA with AI-powered threat protection enabling consistent, identity-driven security from anywhere, for anyone.
  • From Alert to Action: AI-Driven SecOps with FortiSIEM + FortiSOAR
    In this hands-on Fortinet Experts Workshop, we bridge the gap between detection and response by combining the power of FortiSIEM and FortiSOAR into a unified security operations workflow. You'll work through real-world playbooks already proven in production - including automatically blocking IOCs on FortiGate directly from a SIEM alert, and enriching investigations with live threat feed integration - so you leave with automation that's ready to deploy, not just demo-ware. We'll also pull back the curtain on agentic AI investigations, showing how AI can autonomously triage, correlate, and drive response actions - reducing analyst workload and mean time to respond.
  • From Zero to SOC: Building, Scaling, and Maturing Operations with FortiSOC
    This Fortinet Experts workshop is designed for both new and mature SOC teams—from those building their first SOC to those looking to eliminate repetitive Tier 1 work. Using the FortiSOC platform, we’ll demonstrate how SIEM, SOAR, UEBA, TIP, and case management come together in a single cloud‑native console. Attendees will see how to ingest and normalize logs, reduce alert noise through tuned correlation, automate triage and response with prebuilt playbooks, and apply FortiAI for machine‑speed investigation and response. You’ll leave with a clear path to build, modernize, or scale SOC operations while reclaiming valuable analyst time.
  • Inside the Attacker’s Path: Deception‑Based Detection with FortiDeceptor‑as‑a‑Service
    FortiDeceptor‑as‑a‑Service is a SaaS‑based deception solution that detects in‑network attacks such as credential theft, lateral movement, and ransomware by luring attackers into a fabricated hybrid deception environment spanning cloud, IT, IoT, and OT. Integrated with the Fortinet Security Fabric, it improves visibility and enables automated identification, investigation, and containment of compromised systems. In this workshop, participants deploy FortiDeceptor in a hybrid environment by configuring edge appliances, deploying decoys, and distributing tokens to user endpoints. Students then simulate real attacker activity to trigger deception events, analyze incidents in the DaaS console, and automate response actions using the Fortinet Security Fabric.
  • Protecting the Inbox: AI‑Powered Defense Against Phishing, BEC, and Ransomware
    Over 90% of cyberattacks start with email, yet traditional defenses often miss advanced threats such as phishing, BEC, ransomware, and account takeovers. In this workshop, you’ll explore AI‑driven email security techniques including anti‑spam and anti‑malware, outbreak protection, content disarm and reconstruction, sandbox analysis, impersonation detection, and targeted threat prevention. We’ll compare Secure Email Gateways and Integrated Cloud Email Security, highlighting Fortinet’s unique ability to deliver both. The session also introduces the updated FortiSAT portal, combining security awareness training and phishing simulations in a single, streamlined platform to build an effective, cyber‑aware workforce.
  • SecOps Thunderdome CTF: FortiEDR + FortiNDR Cloud
    See the attack. Learn the tools. Then enter the arena. This hands-on partner workshop begins with a live attack simulation, giving attendees immediate insight into how threats can unfold across endpoint and network layers. From there, participants receive guided instruction on how FortiEDR and FortiNDR Cloud expose attacker behavior, correlate evidence, and support faster investigation. The session then transitions into a team based CTF where partners apply what they have learned to uncover threats, capture flags, and out-hunt the competition.
  • Securing the SaaS Layer: Deep Visibility, Compliance, and Risk Reduction with SSPM
    As organizations expand SaaS adoption, visibility and control across cloud applications becomes critical to reducing risk. This workshop explores how Fortinet’s CASB and SSPM capabilities deliver deep observability into user activity, misconfigurations, and data exposure across SaaS environments. Participants will learn how to identify risky behaviors, enforce compliance, and continuously assess SaaS security posture. By the end of the lab, students will be able to design and implement cloud observability strategies that strengthen overall security outcomes.
  • Unlocking the Power of SASE: Secure Connectivity for the Modern Enterprise
    In today’s hybrid work environment, traditional networks struggle to deliver secure, seamless application access. This session covers how SASE unifies networking and security in a cloud‑delivered architecture. We’ll review core capabilities such as SD‑WAN and Zero Trust Network Access, with a focus on recent enhancements including agentless ZTNA, secure browser extensions with DLP controls, digital experience monitoring for private apps, and branch on‑ramp connectivity using existing infrastructure.
Ryman Ballroom & Ryman Studios
6:00PM – 8:00PMTestingOnsite Testing
Sit for any Fortinet exam - free of charge. Open to all XPERT Summit attendees.		Davidson Chamber 5
6:00PM – 9:00PMEvening Event

Ultimate Fabric Challenge Finale + Party
Cheer on the finalists as they compete for a spot at Accelerate 2027 and enjoy good food, drink, music, and conversation.

TBA
Friday, Nov 13
TimeTypeDetailsLocation
6:30AM – 8:00AMMeals

Full Buffet Breakfast
Last chance to have breakfast on us. 

Ryman Exhibit Hall B1
8:00AM – 12:00PMWorkshops

Morning Workshops

  • AI-Powered Security for the Modern Attack Surface: FortiOS 8.0 
    As organizations expand across cloud, on-premises, and edge environments, the attack surface is growing more dynamic—and more difficult to control. This workshop explores how FortiOS 8.0.0 addresses these challenges with a comprehensive, AI-driven security approach. Attendees will learn how to gain visibility into shadow AI usage across the environment, along with the governance and control mechanisms needed to manage it effectively. The workshop also highlights advanced AI-powered threat detection capabilities and the role of next-generation hardware platforms in delivering high-performance, hybrid protection that extends beyond the traditional perimeter.
  • Automated Unified SASE Deployment: A Technical Deep-Dive for Network Engineers and Security Architects
    This intensive hands-on workshop takes you behind the curtain of modern managed security operations, showing you how to provision, automate, and scale secure network infrastructure using Fortinet's full SASE and management ecosystem — from first-click cloud onboarding to policy-driven edge security. Participants will work through a progressive series of controlled demos and live lab exercises designed to mirror real-world deployment scenarios at scale.
  • Data Protection, Insider Risk Management, SaaS Data Protection and Data Loss Prevention with FortiDLP
    Protecting sensitive data—such as intellectual property, financial records, and customer or patient information—is critical in today’s threat landscape. FortiDLP is a next-generation, AI-enhanced, cloud‑native endpoint DLP solution that enables security teams to prevent data leaks, identify insider risks, and enforce cyber hygiene at the point of access—without the complexity of legacy DLP tools. By baselining user behavior and applying real-time, context-aware content inspection, FortiDLP provides immediate visibility into data usage across endpoints, cloud drives, and SaaS applications, allowing teams to detect high-risk activity and stop data exfiltration from day one. You will learn FortiDLP configuration and policy creation, with hands-on labs to help protect your organization’s sensitive data effectively.
  • Designing and Deploying FortiSwitch in Data Centers: Standalone and FortiSwitch NMS Managed Modes
    This hands-on technical workshop covers the complete process of designing and deploying FortiSwitch in modern data center environments. Participants will learn key architecture considerations, configuration best practices, and step-by-step deployment in both standalone mode and FortiSwitch NMS managed mode, including stacking, VLAN design, and high-availability setups.
  • End-to-End OT Security with Fortinet: From Threat Surfaces to Secure Operations
    This hands-on class workshop Fortinet's OT security portfolio from the ground up. Students will explore OT-specific threat surfaces including PLCs and HMI along with micro-segmentation strategies using FortiGate's OT Security Service, then move into IT/OT convergence topics including Digital I/O integration and industrial protocol connectivity. The second half addresses secure remote access and identity management tailored for OT environments, and closes with practical logging, SIEM integration, and real-world implementation considerations for brownfield and greenfield deployments.
  • FAZ Advanced: You're Using 20% of Your FortiAnalyzer — Here's the Other 80%, Mastering Advanced FortiAnalyzer Features
    This workshop is built around extracting real, measurable value from a FortiAnalyzer that's likely underutilized today. We start with a quick orientation on the 8.0 capabilities most customers haven't activated, then move into machine-learning behavior baselining. We'll design improved, multi-stage playbooks using 8.0's enhanced automation to orchestrate response across your environment. The centerpiece is a deep dive on the four agentic FortiAI agents: Alert Triage, Threat Hunting, Endpoint Analysis, and Reporting. You will walk away with a concrete plan to transform your FortiAnalyzer from a passive log archive into an active, AI-driven SOC engine.
  • FortiClient EMS 8.0 at Scale: High Availability, Unified Endpoint, and MSSP Multi‑Tenancy
    Discover the power of the latest endpoint security enhancements with FortiClient EMS 8.0. In this hands-on lab, you’ll dive into the latest FortiClient EMS innovations including High Availability deployments, FortiClient Unified Endpoint and Multi-tenancy for MSSPs . Gain practical, real-world insights into delivering frictionless user experiences, reducing complexity all within one cohesive platform.
  • Fortinet SD-WAN Troubleshooting: Real-World Scenarios and Solutionsv
    This hands-on workshop focuses on troubleshooting Fortinet SD-WAN environments using real-world scenarios you’re likely to encounter in production. Through a combination of guided instruction and lab exercises, you’ll diagnose and resolve common issues involving SD-WAN policies, IPsec VPN connectivity, BGP routing behavior, and FortiManager deployments. Designed to strengthen your troubleshooting mindset, this session builds practical skills and confidence for handling live network challenges. Participants should have a foundational understanding of Fortinet SD-WAN and will leave with actionable techniques they can immediately apply in day-to-day SD-WAN operations.
  • FortiWeb AI to Secure Your AI Applications
    AI presents an evolution of the application phenotype with its own L7 protocols, such as MCP and A2A. FortiWeb’s advanced machine learning and AI inspects AI traffic flows and secure AI-based application deployments by adapting security policy to each application or API. In this workshop, students will learn how to design application security for AI and inspect MCP sessions for protected endpoints.
  • Reducing Cloud Risk with CNAPP: Visibility, Posture, and Identity in One Platform
    Cloud-native applications introduce new security challenges that require integrated visibility across infrastructure, workloads, and identities. This session provides a foundational overview of Fortinet’s CNAPP approach to securing modern cloud environments from development through runtime. Students will explore core capabilities including CSPM, CWPP, and CIEM, and understand how they work together to reduce risk and improve security posture. Hands-on exercises will guide participants through identifying misconfigurations and applying security best practices in cloud-native environments.
  • Unlocking Zero Trust Building Repeatable Identity, Device, and Privileged Access Solutions
    This workshop focuses on building repeatable Zero Trust solutions that secure users, devices, and provide privileged access. Partners will learn how to design and position integrated identity architectures using FortiAuthenticator, FortiNAC‑F, and FortiPAM, enabling scalable deployments, stronger customer outcomes, and expanded solution opportunities within the Fortinet Security Fabric.
Ryman Ballroom & Ryman Studios
12:00PM – 1:00PMMealsFull Buffet Lunch
Come see what we have cooked up for you for lunch!		Ryman Exhibit Hall B1
1:00PM – 5:00PMWorkshops

Afternoon Workshops

  • Building Secure Networks with FortiManagement Cloud and FortiAIOps: WiFi, Switching & FortiExtender Deployment
    This practical technical workshop explores how to design and deploy secure, integrated networks using FortiManagement Cloud as the central management platform. Participants will gain hands-on experience configuring FortiAP for enterprise WiFi, FortiSwitch for wired connectivity, and FortiExtender for reliable WAN extension and 4G/5G backup, all unified under FortiManagement Cloud for simplified provisioning, monitoring, and security policy enforcement.
  • Extending Global SD-WAN into AWS Cloud WAN
    As enterprises scale globally, integrating cloud-native networking with SD-WAN becomes essential for performance and resilience. This workshop demonstrates how Fortinet SD-WAN can be extended into AWS Cloud WAN to provide seamless connectivity between on-premises and cloud environments. Participants will learn design considerations, deployment models, and best practices for optimizing routing, security, and application performance. Through guided labs, students will build and validate a hybrid architecture that delivers consistent policy enforcement and end-to-end visibility.
  • FortiOS 8.0 SD-WAN and Beyond: SD-WAN Deployment with FMG Blueprints, IPsec PKI Automation, SSO User Authentication, Zone-mode Policies & More
    This hands-on workshop explores frameworks in FortiOS, FortiManager and FortiAuthenticator 8.0; aimed at enhancing practical experience in configuring and deploying SD-WAN in combination with other features such as PKI Certificates and Single Sign On Authentication. This workshop aims to introduce you to, or strengthen, your understanding of features and workflows which can enhance the security as well as the user and operational experience in your Fortinet SD-WAN deployments.
  • FortiSASE & GenAI: Redefining ZTNA, Identity, and Secure Application Access
    The way we work has changed. So should the way we secure it! As AI totally reshapes enterprise workflows and hybrid work becomes the norm, organizations need a security model that follows the user, the device, and the application, not only the network perimeter. FortiSASE delivers exactly that: a cloud-native SSE platform combining SWG, CASB, FWaaS, and ZTNA with AI-powered threat protection enabling consistent, identity-driven security from anywhere, for anyone.
  • From Alert to Action: AI-Driven SecOps with FortiSIEM + FortiSOAR
    In this hands-on Fortinet Experts Workshop, we bridge the gap between detection and response by combining the power of FortiSIEM and FortiSOAR into a unified security operations workflow. You'll work through real-world playbooks already proven in production - including automatically blocking IOCs on FortiGate directly from a SIEM alert, and enriching investigations with live threat feed integration - so you leave with automation that's ready to deploy, not just demo-ware. We'll also pull back the curtain on agentic AI investigations, showing how AI can autonomously triage, correlate, and drive response actions - reducing analyst workload and mean time to respond.
  • From Zero to SOC: Building, Scaling, and Maturing Operations with FortiSOC
    This Fortinet Experts workshop is designed for both new and mature SOC teams—from those building their first SOC to those looking to eliminate repetitive Tier 1 work. Using the FortiSOC platform, we’ll demonstrate how SIEM, SOAR, UEBA, TIP, and case management come together in a single cloud‑native console. Attendees will see how to ingest and normalize logs, reduce alert noise through tuned correlation, automate triage and response with prebuilt playbooks, and apply FortiAI for machine‑speed investigation and response. You’ll leave with a clear path to build, modernize, or scale SOC operations while reclaiming valuable analyst time.
  • Inside the Attacker’s Path: Deception‑Based Detection with FortiDeceptor‑as‑a‑Service
    FortiDeceptor‑as‑a‑Service is a SaaS‑based deception solution that detects in‑network attacks such as credential theft, lateral movement, and ransomware by luring attackers into a fabricated hybrid deception environment spanning cloud, IT, IoT, and OT. Integrated with the Fortinet Security Fabric, it improves visibility and enables automated identification, investigation, and containment of compromised systems. In this workshop, participants deploy FortiDeceptor in a hybrid environment by configuring edge appliances, deploying decoys, and distributing tokens to user endpoints. Students then simulate real attacker activity to trigger deception events, analyze incidents in the DaaS console, and automate response actions using the Fortinet Security Fabric.
  • Protecting the Inbox: AI‑Powered Defense Against Phishing, BEC, and Ransomware
    Over 90% of cyberattacks start with email, yet traditional defenses often miss advanced threats such as phishing, BEC, ransomware, and account takeovers. In this workshop, you’ll explore AI‑driven email security techniques including anti‑spam and anti‑malware, outbreak protection, content disarm and reconstruction, sandbox analysis, impersonation detection, and targeted threat prevention. We’ll compare Secure Email Gateways and Integrated Cloud Email Security, highlighting Fortinet’s unique ability to deliver both. The session also introduces the updated FortiSAT portal, combining security awareness training and phishing simulations in a single, streamlined platform to build an effective, cyber‑aware workforce.
  • SecOps Thunderdome CTF: FortiEDR + FortiNDR Cloud
    See the attack. Learn the tools. Then enter the arena. This hands-on partner workshop begins with a live attack simulation, giving attendees immediate insight into how threats can unfold across endpoint and network layers. From there, participants receive guided instruction on how FortiEDR and FortiNDR Cloud expose attacker behavior, correlate evidence, and support faster investigation. The session then transitions into a team based CTF where partners apply what they have learned to uncover threats, capture flags, and out-hunt the competition.
  • Securing the SaaS Layer: Deep Visibility, Compliance, and Risk Reduction with SSPM
    As organizations expand SaaS adoption, visibility and control across cloud applications becomes critical to reducing risk. This workshop explores how Fortinet’s CASB and SSPM capabilities deliver deep observability into user activity, misconfigurations, and data exposure across SaaS environments. Participants will learn how to identify risky behaviors, enforce compliance, and continuously assess SaaS security posture. By the end of the lab, students will be able to design and implement cloud observability strategies that strengthen overall security outcomes.
  • Unlocking the Power of SASE: Secure Connectivity for the Modern Enterprise
    In today’s hybrid work environment, traditional networks struggle to deliver secure, seamless application access. This session covers how SASE unifies networking and security in a cloud‑delivered architecture. We’ll review core capabilities such as SD‑WAN and Zero Trust Network Access, with a focus on recent enhancements including agentless ZTNA, secure browser extensions with DLP controls, digital experience monitoring for private apps, and branch on‑ramp connectivity using existing infrastructure.
Ryman Ballroom & Ryman Studios
6:00PM – 9:00PMEvening Event

Closing Party: Grand Ole Opry
You can't come to Nashville without experiencing the Grand Ole Opry. Whether you love country music, or it's just not your 'thang', the Grand Ole Opry is an experience everyone loves.

We'll enjoy Food & Drink at the Gaylord before walking over to the the Grand Ole Opry.

Grand Ole Opry
Saturday, Nov 14
Time Type Details Location
All Day Travel

Departures
Safe travels home! Check-out is at 11:00 AM.

  

FAQs

The event will take place at the Gaylord Opryland Resort & Convention Center.

A high-level agenda provided above. A more detailed agenda will be shared soon, including available workshops.

Yes. The standard registration fee is $1,495, and covers all training, meals, and evening events and activities. It does not include a hotel reservation. During registration, you may opt to pre-pay for 5 Nights at the Gaylord Opryland AND save $300 on your registration fee. See pricing for more information.

Yes. You may elect to pre-pay for 5 nights at the Gaylord Opryland Resort when you register for XPERTS Summit. You'll also enjoy a $300 registratoin fee discount! Once your registration and payment is received, a reservation will be made for you. Note the following caveats with this option:

  1. The pre-pay hotel option is offered as a convenience for XPERTS Summit attendees. It is not required to attend XPERTS Summit.
  2. The reservation will be made under the attendee name only.
  3. The reservation will be made to check-in on November 9 only.
  4. The reservation will be made to check-out on November 14 only.
  5. A standard, 'run of house' room will be reserved. Upon check-in, you will be required to present a credit card for incidental expenses.
  6. Marriott Bonvoy points may not available with the hotel pre-payment option. This is at the discretion of the Gaylord Opryland.
  7. The pre-pay option is not available for less than or more than 5 nights. If you pre-pay, and depart before November 14, no refund will be given.
  8. Early arrival (before November 9) and/or late departure (after November 14) is at the discretion of the hotel, based on availability. Once you receive your confirmation email, you can contact the hotel to extend your reservation at your own cost.
  9. Based on availability, the hotel has agreed to extend the negotiated rate three (3) days pre- and/or post-XPERTS Summit. If you wish to extend your stay in Nashville, and you pre-paid for your reservation, the hotel can assist you once you receive your confirmation.

Registration is open to current US-based Fortinet partners with a current NSE FCP, FCSS, or FCX certification. If you have recently earned (or renewed) your certification, and cannot register, please contact events@fortinet.com for assistance.

Fortinet XPERTS Summit is a tailored training event for highly-skilled partner engineers. This is a unique opportunity to connect on the latest Fortinet technology and technical training. We take our partner training very seriously at Fortinet, and have created an intensive learning opportunity for our most valued partners.

The Ultimate Fabric Challenge is an eSports skills competition, based on a series of cybersecurity challenges. To succeed, players must use their skills with Fortinet products to solve objectives in a set amount of time, with bonus points available for the fastest times throughout. Previous challenges include objectives related to SD-WAN, Zero Trust, SASE, Incident Response, Operational Technology (OT), Central Management, and more.

Yes! We will offer a testing center onsite for partners to sit for an exam, free of charge. Additionally, all partners will receive a voucher, good for any Fortinet exam in the Pearson Vue training catalog.

Yes! During registration you can enter your (ISC)² Member ID. After XPERTS Summit, Fortinet will submit credits on your behalf.