Lacework FortiCNAPP Reviews

Name: Lacework FortiCNAPP
Brand: Fortinet
Rating: 4.3 (10 reviews)

4.3 out of 5

10 reviews
90% willing to recommend

135 followers

What is Lacework FortiCNAPP?

Lacework FortiCNAPP provides robust cloud security, combining vulnerability management and multi-cloud insight with user-friendly controls, machine learning detection, and compliance support.

Get the Lacework FortiCNAPP Buyer's Guide and find out what your peers are saying about Lacework FortiCNAPP, Wiz, Microsoft Defender for Cloud and more!

Lacework FortiCNAPP is the #7 ranked solution in top Compliance Management solutions, #11 ranked solution in top Cloud-Native Application Protection Platforms (CNAPP) solutions, #13 ranked solution in Cloud Workload Protection Platforms, #16 ranked solution in top Cloud Security Posture Management (CSPM) solutions, #17 ranked solution in top Vulnerability Management solutions, and #17 ranked solution in Container Security Solutions. PeerSpot users give Lacework FortiCNAPP an average rating of 8.6 out of 10. Lacework FortiCNAPP is most commonly compared to Wiz: Lacework FortiCNAPP vs Wiz. Lacework FortiCNAPP is popular among the large enterprise segment, accounting for 58% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 19% of all views.

Helped 849,190 peers since 2012

Featured Lacework FortiCNAPP reviews

Carlos Vitrano

Cloud security director at Medallia

First of all, alert reduction is helping us to be focused on other things that matter. The other thing is in regards to visibility. What we found is that Lacework is super easy to deploy in Kubernetes environments and other environments. You can get super quick visibility into what is going on in your environment. Even though it has a behavioral engine, and it takes a couple of hours to consolidate the information and present that to you, it is pretty quick. We have a huge environment, it is great for us. Lacework saves us a lot of money because in terms of the ingestion of data or in terms of the way AWS, GCP, and other cloud providers are sending logs into Lacework, if we have to ingest the data in our SIEM, for instance, it is going to cost us a lot of money. Having Lacework in the middle, ingesting the data, processing the data, and providing us with the right information is super valuable, at least from a cost perspective. I know every company would like to have all the logs in the SIEM or store them somewhere in their environment, but that is an advantage that I recognize in Lacework. The data is good. We can see the data that we want. It is good for helping us view our environment from an attacker’s perspective. One of the things that they introduced recently is Attack Path. Previously, we needed to go to two or three places to figure out what was going on in our environment. Even though we had alerts from Lacework that gave us a lot of information, we sometimes needed to go to other places to make sure that we fully understood the context of the data alert. Lacework has introduced Attack Path which helps us a lot to identify the activity from the beginning to the end. It has the ability to monitor configurations continuously. This capability is important, but we have complementary tools that monitor the configuration of certain files. We have reduced the alert noise by 60% to 70%. We needed an opportunity to focus on projects and improve our controls elsewhere. We also wanted to focus on improving our detection capabilities because the network is providing a subset of alerts that are helpful, but we also need to think about all those things that we need to do in our environment, such as make a list of some use cases from an attacker's perspective and see if we can catch the event. We have threat intelligence as well. We can see whether we have a particular type of threat in our environment. There is vulnerability management as well. The combination of those factors is what we are currently doing. We can focus on these things. Lacework helped save time by reducing our manual tasks. Lacework is providing us with comprehensive data or some set of data to see what is going on. In the past, we were doing that manually. We had to go to other places to understand what was going on, so Lacework helped us on that front. That was the most important saving of manual tasks. It also has helped us to free up existing resources. The number of people that I had initially on the on-call rotation is less because of it. I could take out those people for other projects. That is the huge value that I saw from Lacework. As long as we reduce alerts, we will have time to focus on other things. In terms of human resources, people are more focused on other things. Lacework has absolutely helped to reduce our organization's breach risk. Our company is super focused on protecting customer data. We are storing data in several cloud providers' object storage. With Lacework, especially with Cloud Security Posture Management, there is a compliance part where we can see how many object storages are exposed to the Internet. Whenever we have any event, we can identify that properly and immediately take action. That is how we reduce the risk in cloud providers. We take customer data super seriously, and we were able to identify all the alerts for the public object storage or for those that we had already but did not know. Lacework has been helpful for spotting critical weaknesses. The most important thing is our customer data. It has helped us a lot, and it is super valuable.

Read full review

Jim Shank

VP of Engineering Security at a tech services company with 201-500 employees

The most valuable features are the anomaly detection and security compliance, both, that the product does pretty well. For anomaly detection, it parses things using a severity scale of low, moderate, and high, and that helps provide context to the urgency and prioritization of the alerts that you get in the tool. And on the compliance side, it supports several benchmarks, including CIS, NIST 800-53, as well as other security standards. It will give you insights into compliance against those standards so you can see how your product is configured and if it complies with the best security practices of those standards. Where it really shines is in helping you detect anomalous activities and known threats, assuming that you have it properly configured. Out-of-the-box, it's not difficult to configure. You do need to do some minor configuration work depending on how you deployed your application. But for the most part, out-of-the-box, it tells you right away about the things you need to work on. I like the fact that it prioritizes alerts based on severity, so that you can focus your efforts on anything that would be critical/high first, moderate second, and work your way down, trying to continue to improve your security posture. That part works very well. Also, to the extent that attackers are trying to take advantage of vulnerabilities that you may have in your system, Lacework is very good at giving you a view of your environment from an attacker's perspective. It provides context to help understand how easy or difficult, and how likely or unlikely, it is for an adversary to exploit the vulnerabilities that you may have. In addition, it's really good at continuously monitoring, 24/7, 365. It's designed to do that. It's constantly working in the background to protect our AWS workloads, and I feel good about that. It's very important because it's one of the things we rely upon the most to give us insights into our security posture at any given point in time. I also like a lot of the dashboards and reports. They're fairly user-friendly and easy to understand.

Read full review

Robert Croteau

Director of Enablement at Avesha

The most valuable feature is Lacework's ability to distill all the security and audit logs. I recommend it to my customers. Normally, when I consult for other customers that are getting into the cloud, we use native security tools. It's more of a rule-based engine. They have to go in and put their policies in place. It's hard for them to implement that, especially if they don't have a real security team. The team's policymakers don't do anything. Lacework takes out all the noise and gives them bits of things that actually matter with the application after it learns the behavior.

Read full review

Lacework FortiCNAPP mindshare

Product category:

As of April 2025, the mindshare of Lacework FortiCNAPP in the Vulnerability Management category stands at 1.4%, down from 2.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Vulnerability Management

PeerResearch reports based on Lacework FortiCNAPP reviews

Type	Title	Date
Category	Vulnerability Management	Apr 25, 2025	Download
Product	Reviews, tips, and advice from real users	Apr 25, 2025	Download
Comparison	Lacework FortiCNAPP vs Wiz	Apr 25, 2025	Download
Comparison	Lacework FortiCNAPP vs Qualys VMDR	Apr 25, 2025	Download
Comparison	Lacework FortiCNAPP vs Tenable Nessus	Apr 25, 2025	Download

Title	Rating	Mindshare	Recommending
Wiz	4.5	12.3%	100%	20 interviews Add to research
Microsoft Defender for Cloud	4.0	5.6%	94%	76 interviews Add to research

Valuable Features

Users find Lacework FortiCNAPP's ease of use and seamless integration valuable. Its standout features include advanced anomaly detection, compliance reports, agent-based vulnerability management, and continuous monitoring. It effectively consolidates alerts, reducing noise and saving time. The platform supports multiple compliance standards, adapts well to multi-cloud environments, and provides in-depth insights into security posture and misconfigured settings. Alerts are prioritized by severity, ensuring focus on critical issues. Integrating with Slack greatly enhances alert management.

"I find the cloud configuration compliance scanning mature. It generates a lot of data and supports major frameworks like ISO 27001 or SOC 2, providing reports and datasets. Another feature I appreciate is setting custom alerts for specific events. Additionally, I value the agent-based monitoring and scanning for compute nodes. It gives us deeper insights into our workloads and helps identify vulnerabilities across our deployed assets."
"Lacework is helping a lot in reducing the noise of the alerts. Usually, whenever you have a tool in place, you have a lot of noise in terms of alerts, but the time for an engineer to look into those alerts is limited. Lacework is helping us to consolidate the information that we are getting from the agents and other sources. We are able to focus only on the things that matter, which is the most valuable thing for us. It saves time, and for investigations, we have the right context to take action."
"Polygraph compliance is a valuable feature. In our perspective, it delivers significant benefits. The clarity it offers, along with the ability to identify and address misconfigurations, is invaluable. When such issues arise, we promptly acknowledge and take action, effectively collaborating with our teams and the responsible parties for those assets. This enables us to promptly manage problems as soon as they arise."

Room for Improvement

Lacework FortiCNAPP lacks robust visibility and IAM security controls. Customers find alert configuration complex, integration with third-party systems needs improvement, and there's a request for FedRAMP authorization. Communication about changes could be better. Users desire streamlined data management, faster AWS scanning, cohesive data models, and improved threat-hunting capabilities. Some feel overwhelmed by abundant alerts. Efforts are being made to address customization and integration challenges but further refinements are still anticipated by users.

"The solution lacks a cohesive data model, making extracting the necessary data from the platform challenging. It uses its own LQL query language, and each database across different layers and modules is structured differently, complicating correlation efforts. Consequently, I had to create extensive custom reports outside Lacework because their default dashboards didn't communicate risk metrics. They're addressing these issues by redesigning their tools, including introducing the dashboard, which is a step closer to actionable insights but still needs refinement."
"Its integrations with third-party SIEMs can be better. That is one of the things that we discussed with them."
"There are a couple of the difficulties we encounter in the realm of cybersecurity, or security as a whole, that relate to potentially limited clarity. Having the capacity to perceive the configuration aspect and having the ability to contribute to it holds substantial advantages, in my view.It ranks high, primarily due to its role in guaranteeing compliance and the potential to uncover vulnerabilities, which could infiltrate the system and introduce potential risks.I had been exploring a specific feature that captured my interest. However, just yesterday, I participated in a product update session that announced the imminent arrival of this feature. The feature involves real-time alerting. This was something I had been anticipating, and it seems that this capability is now being integrated, possibly as part of threat intelligence. While anomaly events consistently and promptly appear in the console, certain alerts tend to experience delays before being displayed. Yet, with the recent product update, this issue is expected to be resolved.Currently, a comprehensive view of all policies is available within the console. However, I want a more tailored display of my compliance posture, focusing specifically on policies relevant to me. For instance, if I'm not subject to HIPAA regulations, I'd prefer not to see the HIPAA compliance details. It's worth noting that even with this request, there exists a filtering mechanism to control the type of compliance information visible. This flexibility provides a workaround to my preference, which is why it's challenging for me to definitively state my exact request."

ROI

Lacework FortiCNAPP demonstrates value by reducing monitoring efforts and automating alerts with integrations like Jira, saving time and resources. Users highlight its cost-effectiveness by minimizing personnel needs for security monitoring and leveraging enhanced security measures to prevent potential losses. Despite challenges in quantifying direct financial returns, the expense is justified through operational efficiencies and extensive usage over several years. Users expect benefits from vulnerability management capabilities, noting significant savings compared to alternative tools.

Pricing

Enterprise users report Lacework FortiCNAPP's pricing structure has improved, with licenses starting around $80,000 annually. They note the licensing model includes approximately 200 resources per unit, which was initially challenging but is now more stable and flexible, especially for early adopters. Despite some describing it as slightly expensive, users acknowledge it covers cloud and colocation environments effectively. Many find it more affordable compared to other solutions like Wiz.

"My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz."
"It is slightly expensive. It depends on how big your environment is, but it is expensive. Right now, we are spending a lot of money. We have covered all of the cloud providers and most of our colocation facilities as well, so we cannot complain, but it is slightly expensive. It is not super expensive."
"The pricing has gotten better. That scenario was somewhat unstable. They have a rather interesting licensing structure. I believe you get 200 resources per "Lacework unit." It was difficult, in the beginning, to figure out exactly what a "resource" was... That was a problem until about a year or so ago.They have improved it and it has stabilized quite a bit."

Popular Use Cases

Lacework FortiCNAPP is primarily used for detecting and responding to security threats in cloud environments, specifically protecting cloud posture and Kubernetes. It is vital for vulnerability management, ensuring AWS compliance, and improving security insights. Multiple users employ it for anomaly detection, inventory purposes, and monitoring security vulnerabilities. The platform scans IAC scripts, configurations, and compute nodes across AWS and GCP, emphasizing cloud configuration, host systems, and IAC code.

Service and Support

Lacework FortiCNAPP customers frequently commend its support and customer service. Many appreciate proactive communication via Slack and email, noting swift response times and comprehensive assistance. Some highlight regular updates on features and training, while others mention prompt issue resolution and dedicated account managers. Despite occasional delays in problem-solving, users regard the support as superresponsive, helpful in technical matters, and attentive to feedback, indicating a strong commitment to enhancing user experience.

Deployment

Lacework FortiCNAPP's initial setup is reported as straightforward, often taking just days to deploy. Users appreciate its SaaS nature, which minimizes maintenance needs, with some tasks requiring additional attention like policy and alert management. Familiarity with containers simplifies deployment, achieving visibility across AWS and GCP environments efficiently. Using automation tools like Terraform eases the process, allowing multi-account deployment. Maintenance mainly involves agent updates, as cloud-specific features manage themselves.

Scalability

Users report that Lacework FortiCNAPP scales well across various environments such as Azure, GCP, and AWS. They deploy it in multiple locations with thousands of assets, showing no major scalability issues. Some have concerns related to licensing, particularly regarding resource units. Generally, they find it easy to add resources frequently with minimal effort. Despite being used by a limited number of users, confidence in its scalability is high, with no significant disruptions noted.

Stability

Lacework FortiCNAPP demonstrates stability with few reported issues. Users consistently find it reliable, with no significant outages or interruptions. Its performance has improved over time, supported by regular updates and educational webinars. Minor concerns such as occasional slowness or detection inaccuracies are noted, though often attributed to external factors like internet connections. Lacework's growth and continued scaling efforts also contribute positively to its stable status.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Lacework FortiCNAPP Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

19%

Financial Services Firm

12%

Manufacturing Company

Healthcare Company

University

Retailer

Government

Educational Organization

Real Estate/Law Firm

Construction Company

Media Company

Insurance Company

Comms Service Provider

Legal Firm

Non Profit

Hospitality Company

Wholesaler/Distributor

Energy/Utilities Company

Recreational Facilities/Services Company

Venture Capital & Private Equity Firm

Performing Arts

Transportation Company

Outsourcing Company

Marketing Services Firm

Leisure / Travel Company

Consumer Goods Company

Recruiting/Hr Firm

Pharma/Biotech Company

Compare Lacework FortiCNAPP with alternative products

Learn more about Lacework FortiCNAPP

Lacework FortiCNAPP specializes in cloud security by merging machine learning anomaly detection with agent-based vulnerability management to offer detailed alerts and compliance reports. Its comprehensive approach allows continuous monitoring across AWS and Kubernetes, providing insights from an attacker's perspective. The platform offers automation and seamless Slack integration, facilitating collaborative and efficient cloud security management. Users value its ability to handle multi-cloud environments and scan IAC scripts, configurations, and compute nodes across AWS and GCP.

What are the key features?

Machine Learning Detection: Identifies anomalies effectively.
Compliance Reports: Provides precise compliance documentation.
Vulnerability Management: Supports agent-based vulnerability assessments.
Multi-Cloud Support: Manages and secures across multiple cloud providers.
Automation and Collaboration: Enables integration with Slack for streamlined communication.
Custom Alerts: Allows creation of personalized alerts for better focus.

What benefits do users expect?

Reduced Alert Noise: Minimizes distractions with filtered alerts.
Efficient Cloud Security: Automates processes for enhanced security management.
Collaboration Support: Integrates with tools like Slack.
Insightful Perspective: Provides insight from an attacker's viewpoint.

Organizations across sectors leverage Lacework FortiCNAPP for cloud security, focusing on compliance, security posture, and vulnerability management. It is widely used for monitoring AWS and Kubernetes environments, scanning IAC scripts, configurations, and securing compute nodes. It supports multi-cloud security posture management and log ingestion, enabling companies to maintain strong cloud infrastructures without dedicated security layers.

Lacework FortiCNAPP was previously known as Polygraph, FortiCNP.