How can we help?

Scoping a CMMC, FedRAMP, SOC 2, ISO 27001, or SCIF/SAPF engagement

For prospective clients evaluating whether Fortinetics is the right partner. The scoping conversation is thirty to forty-five minutes, no commitment.

• Path: /contact/ form, or email contact@fortinetics.com
• Initial reply: within 1 business day
• Scoping call: within 5 business days
• NDA: Mutual NDA on request before sensitive scoping conversations

Existing CMMC / FedRAMP / SCIF clients

If you're already engaged with Fortinetics, your engagement lead and Slack/Teams channel is the primary path. Use this surface only for off-hours or escalation.

• Primary: your engagement-specific channel (Slack, Teams, or email thread)
• Escalation: contact@fortinetics.com with subject line beginning "[Client Escalation]"
• Incident: for any cyber incident triggering DFARS 252.204-7012 reporting, contact your engagement lead immediately. Do not delay reporting to wait for our response — DC3 has a 72-hour clock.

Users of compliance reference apps published on the Apple App Store

For bugs, feature requests, or general questions about a compliance reference app published under "Fortinetics LLC" on the Apple App Store. Each app has a support email listed in its App Store page; the address below is the catch-all.

• Path: contact@fortinetics.com (subject "App Support — [App Name]")
• Initial reply: within 2 business days for bug reports, 5 business days for feature requests
• Include: app name, version (Settings → General → About → app name), iOS version, device model, steps to reproduce
• Crashes: Apple's diagnostics flow (Settings → Privacy & Security → Analytics & Improvements → "Share with App Developers") is the most useful path; we receive anonymized crash data through Apple, no personal info attached

We publish only compliance and federal-cybersecurity reference apps under "Fortinetics LLC." If you've installed a non-compliance app (a game, lifestyle app, etc.) that lists "Fortinetics LLC" as the developer, that's not ours — please report it via Apple's "Report a Concern" link on the App Store page.

Access, correction, deletion of your data

If you'd like a copy of the information we hold about you, want us to correct something, or request deletion (subject to record-retention obligations), use this channel. Applies to website inquiries, engagement clients, and app users.

• Path: contact@fortinetics.com (subject "Privacy Request")
• Initial reply: within 5 business days; substantive response within 30 calendar days
• Verification: we will ask you to verify your identity before producing or deleting records (typically by responding from the email address associated with the records)
• See also: Privacy Policy for the full data-handling disclosure

Reporting a vulnerability in our website or apps

We're a compliance firm. We treat vulnerability reports against our own surfaces with the same rigor we sell to clients.

• Path: contact@fortinetics.com (subject "Security Disclosure")
• RFC 9116: machine-readable disclosure path published at /.well-known/security.txt
• Initial reply: within 1 business day
• Coordinated disclosure: we ask for 30 days to remediate before public disclosure; we don't pursue researchers acting in good faith
• Bug bounty: we do not currently run a paid bounty program. We will publicly credit researchers who report material vulnerabilities, with their consent.

Editorial, partnership, or speaking inquiries

For journalists, podcast producers, conference programs, or partnership inquiries.

• Path: contact@fortinetics.com (subject "Press" or "Partnership")
• Initial reply: within 3 business days; we triage by topic relevance