No more typing reviews! Try our Samantha, our new voice AI agent.
FortiCNAPP Logo

FortiCNAPP Reviews

Vendor: Fortinet
4.2 out of 5
Leave a review

What is FortiCNAPP?

FortiCNAPP is a comprehensive cloud security platform focusing on ease of use and machine learning-driven anomaly detection. It offers robust compliance reporting, seamless integration, and continuous monitoring, making it an essential tool for organizations managing multi-cloud environments and security configurations.

Get the FortiCNAPP Buyer's Guide and find out what your peers are saying about FortiCNAPP, Cloudflare, SentinelOne Singularity Cloud Security and more!
FortiCNAPP is the #10 ranked solution in top Compliance Management solutions, #16 ranked solution in top Cloud-Native Application Protection Platforms (CNAPP) solutions, #17 ranked solution in Cloud Workload Protection Platforms, #21 ranked solution in top Cloud Security Posture Management (CSPM) solutions, #27 ranked solution in Container Security Solutions, and #33 ranked solution in top Vulnerability Management solutions. PeerSpot users give FortiCNAPP an average rating of 8.4 out of 10. FortiCNAPP is most commonly compared to Cloudflare: FortiCNAPP vs Cloudflare. FortiCNAPP is popular among the large enterprise segment, accounting for 50% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 11% of all views.
Buyer's Guide
FortiCNAPP
May 2026
Get the report
Helped 892,611 peers since 2012

Featured FortiCNAPP reviews

Read more reviews

FortiCNAPP mindshare

Product category:
Vulnerability Management
As of May 2026, the mindshare of FortiCNAPP in the Vulnerability Management category stands at 1.8%, up from 1.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
FortiCNAPP1.8%
Wiz5.0%
Qualys VMDR4.2%
Other89.0%
Vulnerability Management

PeerResearch reports based on FortiCNAPP reviews

TypeTitleDate
CategoryVulnerability ManagementMay 2, 2026Download
ProductReviews, tips, and advice from real usersMay 2, 2026Download
ComparisonFortiCNAPP vs WizMay 2, 2026Download
ComparisonFortiCNAPP vs Tenable NessusMay 2, 2026Download
ComparisonFortiCNAPP vs Qualys VMDRMay 2, 2026Download
Suggested products
TitleRatingMindshareRecommending
Cloudflare4.3N/A96%79 interviewsAdd to research
SentinelOne Singularity Cloud Security4.42.6%99%123 interviewsAdd to research
 
 
Key learnings from peers
Last updated Mar 8, 2026

Valuable Features

FortiCNAPP's most valuable features include compliance reports, seamless data ingestion, and robust security measures. Users appreciate alert systems, agent-based vulnerability management, and anomaly detection with severity context. Continuous monitoring and integration with tools like Slack enhance efficiency. The platform excels in security compliance across multiple standards, proactive threat identification, and automated policy recommendations. Network segmentation, security fabrics, and SIEM integrations further improve security. FortiCNAPP provides clear insights into their environment, reducing noise and focusing on critical vulnerabilities.
  • "The best feature, in my opinion, is the ease of use, as well as some levels of machine learning anomaly detection that they have that can detect pivotal anomalies faster."
  • "FortiCNAPP definitely brings time-saving benefits, and security is the main concern for the company."
  • "FortiCNAPP is a competitive and robust solution, the only one in the IT sphere that addresses all quadrants in the Gartner Quadrants."

Room for Improvement

FortiCNAPP configurations, integrations, and alert management need enhancement. Users find the interface clunky and reporting features limited. Integrations with systems like Slack and Datadog require simplification. Support for third-party SIEMs and container security visibility is insufficient. Users highlight issues with IAM security, compliance features, and data governance. The vulnerability section lacks organization, and support for FedRAMP authorization is desired. Communicating updates efficiently and enhancing the user interface for better navigation are also suggested improvements.
  • "In general, I would not recommend Lacework right now. There are more mature solutions that would be a better fit."
  • "Policy implementation is quite complex, and the stability will take more time for the solutions."
  • "However, the solution could be more user-friendly and intuitive."

ROI

FortiCNAPP shows a strong return on investment as users report significant time and resource savings. It optimizes staff roles, automates tasks like anomaly management, and reduces manual monitoring. Its pricing is competitive, offering savings through time efficiency and reduced need for additional personnel. Users appreciate the tool's ability to simplify processes while maintaining effectiveness, with some leveraging integrations to further automate workflow, emphasizing that FortiCNAPP offsets costs by enhancing operational efficiencies.

Pricing

Enterprise buyers find FortiCNAPP's pricing slightly expensive, with annual costs varying based on deployment size, typically around $200,000. Licensing fees can reach $80,000 per year, with potential discounts available. Although the cost aligns with similar products, the pricing structure has improved to provide more flexibility, especially for early adopters. Users appreciate the coverage for cloud providers and colocation facilities, despite initial challenges in understanding resource definitions.
  • "My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz."
  • "It is slightly expensive. It depends on how big your environment is, but it is expensive. Right now, we are spending a lot of money. We have covered all of the cloud providers and most of our colocation facilities as well, so we cannot complain, but it is slightly expensive. It is not super expensive."
  • "The pricing has gotten better. That scenario was somewhat unstable. They have a rather interesting licensing structure. I believe you get 200 resources per "Lacework unit." It was difficult, in the beginning, to figure out exactly what a "resource" was... That was a problem until about a year or so ago.They have improved it and it has stabilized quite a bit."

Popular Use Cases

FortiCNAPP is primarily employed for cloud security, focusing on compliance reporting, detection, and response in environments like AWS. It supports vulnerability management and monitoring across cloud services, IAC configurations, and compute nodes. Users leverage it for network access control, monitoring security vulnerabilities, and ensuring cloud security posture management. It aids in detecting anomalies, managing cloud configurations, and operates extensively in IoT environments and Kubernetes platforms for enhanced security oversight.

Service and Support

Customers find FortiCNAPP's customer service and support highly effective. They appreciate proactive communication, such as quarterly check-ins and Slack availability. Responses are often quick, taking only minutes. Dedicated managers and technical teams handle tickets and resolve issues efficiently, despite occasional delays. FortiCNAPP is noted for involving customer feedback in feature improvements. Users also commend the platform's seamless integration with DevOps tools, benefiting from automation capabilities and consistent support throughout usage.

Deployment

Setup of FortiCNAPP is generally straightforward, though complexity is noted in settings and troubleshooting. Users report easy deployment, especially for those familiar with containers. Automation via Terraform and CloudFormation simplifies installation across AWS and GCP. Maintenance is minimal, often limited to agent updates. Initial deployment times vary from minutes to weeks, depending on manual or automated methods. While most deployments require limited oversight, some configurations necessitate skilled personnel for effective management.

Scalability

FortiCNAPP demonstrates strong scalability across various environments including cloud providers. Users report seamless scaling with effortless resource addition. Deployment times vary based on customer size and complexity, with potential limitations in highly populated settings. The platform accommodates multiple locations and users effectively, handling extensive assets and accounts without significant issues. Some highlight licensing structure concerns, while others praise its flexibility and ease of use. FortiCNAPP operates efficiently even in large environments, according to multiple sources.

Stability

FortiCNAPP demonstrates high stability with no major issues reported. Frequent updates and webinars enhance user experience. Some users noted occasional slowness due to internal factors or internet connection. Their technical support is praised for being proactive and responsive. The threat response time is efficient, though detection accuracy needs improvement. Users have not experienced outages, showing reliability. FortiCNAPP's growth and strategic hiring initiatives further boost confidence in its steady performance.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our FortiCNAPP Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company SizeCount
Small Business5
Midsize Enterprise3
Large Enterprise4
By reviewers
By visitors reading reviews
Company SizeCount
Small Business128
Midsize Enterprise67
Large Enterprise192
By visitors reading reviews

Top industries

By visitors reading reviews
Financial Services Firm
11%
Computer Software Company
9%
Manufacturing Company
7%
Construction Company
6%
University
6%
Comms Service Provider
5%
Marketing Services Firm
5%
Educational Organization
5%
Retailer
4%
Healthcare Company
4%
Real Estate/Law Firm
4%
Media Company
4%
Government
3%
Insurance Company
3%
Energy/Utilities Company
3%
Wholesaler/Distributor
2%
Hospitality Company
2%
Outsourcing Company
2%
Performing Arts
2%
Legal Firm
2%
Transportation Company
2%
Religious Institution
2%
Non Profit
2%
Recreational Facilities/Services Company
1%
Sports Company
1%
Leisure / Travel Company
1%
Wellness & Fitness Company
1%
Venture Capital & Private Equity Firm
1%
Logistics Company
1%
Consumer Goods Company
1%
Renewables & Environment Company
1%

Compare FortiCNAPP with alternative products

Go!

Learn more about FortiCNAPP

FortiCNAPP provides significant capabilities in cloud security, compliance, and vulnerability management. Designed for organizations needing efficient monitoring, it enables detection of anomalies across cloud infrastructures while optimizing security posture and ensuring compliance with environments like AWS and GCP. The platform offers in-depth insights through scanning of IAC scripts, host systems, and cloud configurations. Recognized for effectively managing security posture, it safeguards Kubernetes and container environments, providing comprehensive threat detection and response. However, some areas like visibility, IAM security controls, and compliance metrics need improvement. Users face challenges with alert setup and lack intuitive design, alongside issues like FedRAMP authorization absence and complexity in the data model.

What are the key features of FortiCNAPP?
  • Ease of Use: FortiCNAPP simplifies security management for cloud environments.
  • Machine Learning Anomaly Detection: Automatically identifies and prioritizes threats.
  • Compliance Reporting: Streamlines compliance procedures and reporting.
  • Seamless Integration: Ensures smooth operation across multi-cloud environments.
  • Continuous Monitoring: Provides ongoing oversight of security vulnerabilities.
  • Multi-Cloud Integration: Enables swift response to misconfigurations and vulnerabilities.
What benefits should users expect when evaluating FortiCNAPP?
  • Time Efficiency: Reduces time spent on compliance and threat management.
  • Improved Security Posture: Enhances protection for cloud and container environments.
  • Valuable Security Insights: Provides in-depth analysis for proactive threat response.
  • Noise Reduction: Distills security logs to minimize alert fatigue.
  • Operational Effectiveness: Facilitates seamless multi-cloud security management.

FortiCNAPP is implemented extensively by industries needing reliable cloud security, such as finance, healthcare, and technology sectors. It supports organizations in enhancing cloud infrastructure protection, ensuring compliance, and strengthening vulnerability management. By integrating with platforms like AWS and GCP, businesses can optimize security posture in their cloud deployments.

FortiCNAPP was previously known as Polygraph, FortiCNP, Lacework.

FortiCNAPP customers

J.Crew, AdRoll, Snowflake, VMWare, Iterable, Pure Storage, TrueCar, NerdWallet, and more.

Related questions

  • 61
How would you compare Wiz vs Lacework?
  • 175
How inadvisable is it to use a single vulnerability analysis tool?
  • 128
What are the benefits of continuous scanning for vulnerability management?
  • 129
When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
  • 131
What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
  • 317
What are the main KPIs that need to be implemented to have better posture in vulnerability projects?
  • 195
Which is the best vulnerability scanner tool?
  • 170
What are your recommended automated penetration testing tools?
  • 174
How do you use the MITRE ATT&CK framework for improving enterprise security?
  • 128
Can you recommend API for Tenable Connector into ServiceNow

Product Categories

Product Categories
Vulnerability Management
Container Security
Cloud Workload Protection Platforms (CWPP)
Cloud Security Posture Management (CSPM)
Cloud-Native Application Protection Platforms (CNAPP)
Compliance Management

Popular Comparisons

Popular Comparisons
Cloudflare vs FortiCNAPP Logo
Cloudflare vs FortiCNAPP
SentinelOne Singularity Cloud Security vs FortiCNAPP Logo
SentinelOne Singularity Cloud Security vs FortiCNAPP
Datadog vs FortiCNAPP Logo
Datadog vs FortiCNAPP
Wiz vs FortiCNAPP Logo
Wiz vs FortiCNAPP
Snyk vs FortiCNAPP Logo
Snyk vs FortiCNAPP
Microsoft Defender for Cloud vs FortiCNAPP Logo
Microsoft Defender for Cloud vs FortiCNAPP
Darktrace vs FortiCNAPP Logo
Darktrace vs FortiCNAPP
Prisma Cloud by Palo Alto Networks vs FortiCNAPP Logo
Prisma Cloud by Palo Alto Networks vs FortiCNAPP
Checkmarx One vs FortiCNAPP Logo
Checkmarx One vs FortiCNAPP
Veracode vs FortiCNAPP Logo
Veracode vs FortiCNAPP
Qualys VMDR vs FortiCNAPP Logo
Qualys VMDR vs FortiCNAPP
NinjaOne vs FortiCNAPP Logo
NinjaOne vs FortiCNAPP
Tenable Nessus vs FortiCNAPP Logo
Tenable Nessus vs FortiCNAPP
AWS GuardDuty vs FortiCNAPP Logo
AWS GuardDuty vs FortiCNAPP
CrowdStrike Falcon Cloud Security vs FortiCNAPP Logo
CrowdStrike Falcon Cloud Security vs FortiCNAPP
See all alternatives
 
FortiCNAPP Reviews Summary
Author infoRatingReview Summary
Client Manager at MLL Telecom Ltd4.5I find FortiCNAPP a robust, competitive solution for network access control, offering strong segmentation and automated responses, backed by great support and pricing. My main wish is for a more intuitive and user-friendly interface.
Software Engineer at a university with 5,001-10,000 employees3.0I use Lacework FortiCNAPP for security, valuing its ML threat detection and automated policies. However, its UI, vulnerability management, scalability, and integrations need major improvement; initial setup is complicated. It has a long way to go.
Owner at IT CARE4.5I find FortiCNAPP a reliable and affordable security solution, saving time with good support. While policy implementation is complex and stability takes time, its benefits lead me to rate it 9/10.
Cloud security director at Medallia4.5Lacework significantly reduces our alert noise, providing quick visibility across our hybrid environment and saving us money. It frees up resources and improves our security posture, despite needing better SIEM integrations.
Director of Security Operations at a insurance company with 51-200 employees3.5I value this tool for vulnerability management, especially its mature cloud compliance and agent's active package scanning. However, I find data extraction difficult due to a poor data model and limited reporting, though support is good.
VP of Engineering Security at a tech services company with 201-500 employees4.0I find Lacework valuable for anomaly detection and security compliance, with effective severity prioritization and continuous AWS monitoring. However, the lack of FedRAMP moderate authorization limits its use in government environments, leading to potential challenges requiring multiple tools.
Director of Engineering at DeepSee.ai5.0Lacework efficiently checks AWS cloud compliance, offering seamless setup and valuable compliance reports that save time. Integration with systems like Slack needs improvement. The feature of actionable compliance reports directly with documentation greatly influenced my decision to choose Lacework.
Information Security Engineer at a insurance company with 501-1,000 employees5.0I highly recommend Lacework for cloud security, as it effectively correlates data, minimizes noise, and identifies misconfigurations. While I'd prefer a more tailored compliance view, filtering helps. Overall, its benefits justify the cost, preventing major security incidents.