FortiCNAPP Reviews & Product Details

FortiCNAPP (formerly Lacework) is an AI-powered Cloud-Native Application Protection Platform that delivers unified security across your multi-cloud and hybrid environments. Built to protect the entire application lifecycle—from development to runtime—it combines posture management, workload protection, identity security, and threat detection into one integrated platform. By leveraging machine learning and behavioral analytics, FortiCNAPP helps security teams detect unknown threats, reduce noise, and accelerate response. Integrated with the Fortinet Security Fabric, it provides full-stack visibility across cloud, network, and endpoint environments—empowering teams to operate with confidence, reduce complexity, and scale securely.

Product Website

Seller

Fortinet

Discussions

FortiCNAPP Community

Languages Supported

English

Product Description

FortiCNAPP is a comprehensive Cloud-Native Application Protection Platform (CNAPP) that consolidates Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWPP), Cloud Infrastructure Entitlement Management (CIEM), Kubernetes security, and compliance into a single solution. Using AI-based anomaly detection and behavioral analytics, FortiCNAPP continuously monitors cloud environments to identify misconfigurations, vulnerabilities, and active threats in real time. The platform supports agentless and agent-based deployment models, ensuring flexible coverage across diverse architectures. FortiCNAPP also integrates with the Fortinet Security Fabric, correlating cloud data with network and endpoint insights from FortiGuard, FortiSOAR, and more, delivering full-stack threat context, faster remediation, and unified risk management.

Overview by

Frederick Harris

Value at a Glance

Averages based on real user reviews.

Time to Implement

2 months

View More Pricing Information

FortiCNAPP Integrations

(8)

Verified by FortiCNAPP

FortiCNAPP Media

This is the first view someone sees when entering the Polygraph Data Platform. From the dashboard, you can see total alerts by severity, newly detected vulnerabilities, cloud compliance by provider, and more.

FortiCNAPP Demo - High-Severity Event Card

This screenshot is of an event card associated with a Critical alert. From this card, we can determine that this alert was triggered by an anomalous activity, that it's internet exposed, and that it's already connected to a Jira ticket (LWAL-3955) for remediation. You can also explore why the ale...

FortiCNAPP Demo - High-Severity Event Polygraph Visualization

Within every event card is a visualization, mapping out the exposure path. Here, we see that the initial Critical alert mentioned in the previous screenshot (a bad external host connection) stemmed from a log4j vulnerability.

FortiCNAPP Demo - Environment-wide Polygraph Visualization

At any point, users can get a view of all application communications across an entire cloud environment, over a set period of time. In this situation, we can see how a known bad IP address connected to multiple cloud properties, including the log4j vulnerability tied to the alert in the prior 2 s...

FortiCNAPP Demo - Vulnerability Dashboard

This screenshot shows the vulnerability dashboard, which provides both a high-level view of all containers scanned and active vulnerabilities present along with the specifics for each image — which can be further explored for more information.

From the Compliance dashboard, users can get a view of compliance standing for all connected cloud accounts. This scenario shows 4 total cloud accounts across AWS, Google Cloud, and Microsoft Azure.

Introducing Fortinet's Lacework FortiCNAPP, the most comprehensive cloud-native application protection platform available. Lacework FortiCNAPP helps quickly manage risk, rapidly detect, and respond to active threats.

Official Downloads

(3)

edit

The CISO Playbook for Cloud Security

CNAPP For Dummies

Interactive Demo

edit

Try an interactive demo created by the software seller (right here on G2).

Try demo

G2 reviews are authentic and verified.

Here's how.

Michael P.

Mid-Market (51-1000 emp.)

10/6/2023

"Application protection in the cloud using AI to bubble up important events"

4.5/5

What do you like best about FortiCNAPP?

An easy tool to setup to weed out noise of security alerts. Review collected by and hosted on G2.com.

What do you dislike about FortiCNAPP?

Recent changes to using VCPU pricing could make it expensive. Review collected by and hosted on G2.com.

What problems is FortiCNAPP solving and how is that benefiting you?

Lacework has helped us have piece of mind in regards to activties in our production environment. We don't have to worry about as much noise as the important risky alerts get posted to us instead of common behaviors. It has also helped us with following recommendations for security practices across multiple clouds. Review collected by and hosted on G2.com.

Jeffrey M.

Senior Security Engineer

Mid-Market (51-1000 emp.)

2/14/2023

"Lacework Oh How Do I Love Thee!"

4/5

What do you like best about FortiCNAPP?

Lacework has been my goto for any Cloud Security needs! It integrates well with all the cloud hosting companies and is easy to navigate. Review collected by and hosted on G2.com.

What do you dislike about FortiCNAPP?

Nothing at all, Lacework has been just hands down solid. Review collected by and hosted on G2.com.

Jay R.

Mid-Market (51-1000 emp.)

7/17/2023

"Delivers right information at the right time!!"

5/5

What do you like best about FortiCNAPP?

We have been working with Lacework for more than 2 years now. Lacework has delivered value from day 1; We used their dashboards to visualise and promote the tool internally to non-technical teams and Steakholders.

Techinical teams love it because

* it was easy to deploy (15-20 mins first try!!!)

* Sends the right alerts with good context at the right time (No need to monitor dashboards 24x7)

* Dashboards abstract a lot of information and present just what's needed with the ability to dig deep

* Automation and plugins with Slack and Jira make it easier to manage investigatins

* Complience reports forms a nice todo list for devops to improve the infrastructure

Lacework is best in class product. Review collected by and hosted on G2.com.

What do you dislike about FortiCNAPP?

not much to add here. Lacework has prioritised all important aspacts. Review collected by and hosted on G2.com.

Verified User in Financial Services

Mid-Market (51-1000 emp.)

7/14/2023

"Comprehensive platform for cloud security and compliance"

4.5/5

What do you like best about FortiCNAPP?

Lacework is really easy to integrate, with various different deployment strategies (i.e. Terraform, CloudFormation), and covers all aspects of cloud security monitoring. For our AWS deployment, Lacework analyses CloudTrail logs and alerts on anomalous behaviour. The compliance management function has a large number of pre-defined policies which are aligned to standards such as SOC 2, NIST CSF and others.

Data is accessible in an easy to use portal as well as via CLI, API, and integrations with tools including Jira, Slack and PagerDuty. Container images are scanned for vulnerabilities - again, with a few different options for integration. Lacework's agent also gives great visibility into the runtime behaviour on hosts and within containers, facilitating deep-dive investigations. Overall, Lacework offers a comprehensive set of features, making it a great choice for a cloud security platform. Review collected by and hosted on G2.com.

What do you dislike about FortiCNAPP?

There is a bit of a learning curve with LQL (the query language that Lacework runs on for policy definition), although it's now possible to view queries defined as part of default policies, so there are a number of examples to refer to.

Alerts can sometimes be a little noisy with false positives. Review collected by and hosted on G2.com.

What problems is FortiCNAPP solving and how is that benefiting you?

Lacework provides a single location for us to monitor our cloud security posture and perform investigations when required. The compliance features identify any resources that deviate from the standards we expect, which allows us to follow up and remediate. Runtime/workload capabilities provide insight into application/host/container behaviour and identifies anomalies. To summarise, the benefit for us of using Lacework is holistic visibility and threat detection across our cloud environment. Review collected by and hosted on G2.com.

Cardell G.

Mid-Market (51-1000 emp.)

9/14/2023

"The Team at Lacework Has Been Super Supportive with The Information, Training and Knowledge Sharing."

5/5

What do you like best about FortiCNAPP?

With the advent of using Slack Workspace, having the accessibility to reach out directly to our team always results in an immediate response. Furthermore, we have an on-going Monthly touch base via Zoom to ensure that our goals and priorities are meet. With this much attention, as a customer I’m extremely happy to know that our interest, security, and clients are at the best of heart. Review collected by and hosted on G2.com.

What do you dislike about FortiCNAPP?

I don’t have anything that I currently dislike. My full introduction to the Security side of IT have been a wonderful journey, especially when you’re working with a team such as Lacework. Review collected by and hosted on G2.com.

Verified User in Financial Services

Mid-Market (51-1000 emp.)

11/2/2023

"Good so far"

4/5

What do you like best about FortiCNAPP?

It really helpd to deep dive into container processes and their securities risks. We're using AWS ECR, and it's very easy setup with few additional commands to run Lacework agent. Last use case - we were trying to find how much memory each process in container is using, and Lacework helped to do that Review collected by and hosted on G2.com.

What do you dislike about FortiCNAPP?

The dashboard and search could be improved. Some information is container withing agent (like processes), some within container or machine information, and it's not really possible to easily navigate between them (unless I'm missing something) Review collected by and hosted on G2.com.

Verified User in Information Technology and Services

Mid-Market (51-1000 emp.)

10/9/2023

"Lacework review"

5/5

What do you like best about FortiCNAPP?

Lacework is fantastic from both the security software aspect as well as the partnership they provide via customer support and other channels. They act as an extension of my security team.

The initial implementaion was completed in a morning. Integrating it into existing environments and environments that were created after we started using it was very easy.

It is easy to use, and has valuable features, including Jira integration which allows early and frequent updates of any outstanding issue. Review collected by and hosted on G2.com.

What do you dislike about FortiCNAPP?

There is nothing to dislike. The product and service are fantastic. Review collected by and hosted on G2.com.

Verified User in Apparel & Fashion

Enterprise (> 1000 emp.)

6/28/2023

"Lacework for Vulnerability Management"

4.5/5

What do you like best about FortiCNAPP?

Excellent support and turnaround times for features, requests, and general guidance. Strong technical knowledge of the tool, its' benefits, and continuous check-ins. Review collected by and hosted on G2.com.

What do you dislike about FortiCNAPP?

The portal and UI may take a while to load due to the extensiveness of the polygraph feature, and the amount of info displayed on a page can overwhelm the browser. Review collected by and hosted on G2.com.

Alberto M.

Networking and Security Specialist

Mid-Market (51-1000 emp.)

5/18/2022

"It just makes my work easier"

4.5/5

What do you like best about FortiCNAPP?

Just the fact that I can have Infrastructure as Code Security, Vulnerability Management and Posture and Compliance in one single console makes my job easier as we can take faster decisions when time is critical. Review collected by and hosted on G2.com.

What do you dislike about FortiCNAPP?

So far I haven't found issues in the product, but for sure I'll find something in the future. Installation that it's usually one of the downsides of getting new security products was in fact pretty simple. Review collected by and hosted on G2.com.

Verified User in Marketing and Advertising

Mid-Market (51-1000 emp.)

4/13/2023

"Lacework is a cyber security Swiss army knife"

4.5/5

What do you like best about FortiCNAPP?

Threat intelligence and machine learning have improved significantly in our environment over the past 2 years and now we only receive around 5 alerts a week from the IR side. False positives have dropped down as well from external network connection alerts, which have been vastly improved as well. The who, what, why, when dossiers are instrumental for a security analyst to quickly gauge what is happening in the environment. The compliance and alert rules are vast and provide much better detection capabilities than something like Guard Duty. Review collected by and hosted on G2.com.

What do you dislike about FortiCNAPP?

The new UI in my opinion is a step back and I prefer a full-screen view of events instead of the left 1/4 of the screen real estate not being used. Compared to some competitors, Lacework is somewhat of a black box and lacks further visibility that other tools provide. The individual dossiers are very slow to load at times and do not provide any data at all in some cases. Detection is not real-time and instantaneous compared to other tools. We are still seeing 0byte network connections in dossiers which we have reported on for years and this has still not been fixed. Review collected by and hosted on G2.com.

What problems is FortiCNAPP solving and how is that benefiting you?

Lacework has helped us clean up our container vulnerability remediation process. It makes it easy to know what our highest-risk containers that need to be remediated as soon as possible. It has also been instrumental in detecting reconnaissance and is a great high-level tool for viewing IOCs and IOAs. It is a critical part of our IR process and has really helped us solve the classic security issue of alert fatigue. Review collected by and hosted on G2.com.