The major use case for Lacework FortiCNAPP is for security.
I'm using it for security internally for my company.
Fortinet Lacework FortiCNAPP
Fortinet Inc.External reviews
382 reviews
from
External reviews are not included in the AWS star rating for the product.
Improving security insights has been helpful but inconsistent vulnerability tracking needs attention
What is our primary use case?
What is most valuable?
The machine learning capability in Lacework FortiCNAPP is used for threat detection.
Automated policy recommendation helps to improve my security measures in general.
I usually use certain policies in my workspace, like if there are some alerts or something.
Continuous compliance and security monitoring are good, but they need more improvement in the vulnerabilities part.
What needs improvement?
The vulnerability part is not systematically organized; it is all clumsy in the web UI, and it is not user-friendly.
Regarding improvements, the vulnerability part, recent changes with user management, and Fortinet IM coming into place, which is not helpful at all because it cuts out the automation part, are the most important things.
Lacework FortiCNAPP should have a new clean UI and ease of access for the users as that should be the main concern.
There are limitations regarding the scalability of Lacework FortiCNAPP.
There are also more limitations with integrations like GitHub or any other pipeline, CI/CD, or ISD.
It is glitchy and works well only sometimes, and most of the time, the reports or other things are not properly calculated or circulated with the teams.
For how long have I used the solution?
I have been using Lacework FortiCNAPP for about two years.
What do I think about the stability of the solution?
The threat response time is good; we haven't faced any major threats as of now.
What do I think about the scalability of the solution?
There are limitations regarding the scalability of Lacework FortiCNAPP.
How are customer service and support?
Technical support from Fortinet is good; I get feedback and responses quickly.
How was the initial setup?
The installation of Lacework FortiCNAPP is quite complicated, especially regarding the settings.
We face some issues with troubleshooting the settings.
Which other solutions did I evaluate?
I see some big differences between Lacework FortiCNAPP and Microsoft.
The ease of access is better with Lacework FortiCNAPP, while Microsoft is more complex.
What other advice do I have?
I'm not aware of the pricing because I've seen it with my lead.
If I do these integrations, I see some impact on the DevSecOps workflow.
The integrations, like with GitHub, help with alerts directly over there.
The positive impacts I see from Lacework FortiCNAPP are majorly regarding security itself, but it has a long way to improve; there are many things to improve, and I have had many connects with the team to provide my feedback and requirements.
The review rating for Lacework FortiCNAPP is 6.
Excellent security solution for the cloud
What do you like best about the product?
Lacework offers complete visibility over our entire cloud infrastructure, thus facilitating threat detection and compliance with security standards.
What do you dislike about the product?
The initial setup can be a bit complex for new users, but once in place, the platform works perfectly.
What problems is the product solving and how is that benefiting you?
Lacework helps us solve visibility and compliance issues in our cloud and container environments. Thanks to its automated threat detection, we can quickly identify vulnerabilities and ensure that our infrastructure is always secure, allowing us to reduce the risk of cyberattacks while adhering to compliance standards.
A lot to improve considering enterprise tools like SonarQube and Snyk, way below Prowler.
What do you like best about the product?
I like the multi cloud feature of Lacework including its high reporting standards.
What do you dislike about the product?
If I am a business owner, I wouldn't only think of cloud security, and then there are many other respects to look into for proper security posture management or vulnerability management. So spending on such a new tool which is yet to make a mark would be a tough choice.
What problems is the product solving and how is that benefiting you?
Currently it helps in compliance reporting/integrations wherever required.
It is a one stop security solution for my cloud environment
What do you like best about the product?
Its threat detection is the best feature I saw, which is one of the most important thing these days for the oraganisations. Specially when you are handelling a very critical data of your clients.
What do you dislike about the product?
It is a bit tricky to cconfigure Lacework with tools
What problems is the product solving and how is that benefiting you?
It made us think freely and concentrate on other important tasks.
Helps to scan all of IAC scripts and configurations across our AWS and GCP environments
What is our primary use case?
We use the tool for two main purposes: vulnerability management and monitoring. We utilize it to scan all of our IAC scripts and configurations across our AWS and GCP environments. Additionally, we employ its agent to scan our compute nodes. This covers three main areas: cloud configuration, host systems, and IAC code, all essential for vulnerability management. We primarily focus on monitoring AWS CloudTrail to detect anomalous activities and risky behavior.
What is most valuable?
I find the cloud configuration compliance scanning mature. It generates a lot of data and supports major frameworks like ISO 27001 or SOC 2, providing reports and datasets. Another feature I appreciate is setting custom alerts for specific events. Additionally, I value the agent-based monitoring and scanning for compute nodes. It gives us deeper insights into our workloads and helps identify vulnerabilities across our deployed assets.
One key aspect of the agent that stands out is its capability to distinguish between active and inactive packages on compute nodes. This feature reduces the number of actionable vulnerabilities by focusing on packages actively running in the environment rather than all installed packages.
I noticed that it was quite noisy, with many alerts about things I wasn't particularly concerned about. However, over time, Lacework's anomaly detection improved by establishing baselines of normal activity. It now alerts us only when there are deviations from these baselines. Integrating with Slack was especially beneficial—I set up a dedicated Slack channel just for Lacework alerts. This allowed me to focus on the alerts that required attention.
What needs improvement?
The solution lacks a cohesive data model, making extracting the necessary data from the platform challenging. It uses its own LQL query language, and each database across different layers and modules is structured differently, complicating correlation efforts. Consequently, I had to create extensive custom reports outside Lacework because their default dashboards didn't communicate risk metrics. They're addressing these issues by redesigning their tools, including introducing the dashboard, which is a step closer to actionable insights but still needs refinement.
Regarding reporting features, the ability to create granular custom alerts remains limited. For instance, I could only filter alerts by source or type rather than selecting alerts based on specific IDs. This lack of granularity in alert management and reporting customization is a notable drawback.
For how long have I used the solution?
I have been using the product for one and a half years.
What do I think about the scalability of the solution?
The solution is scalable. I rate it a nine out of ten.
How are customer service and support?
One thing I appreciated about Lacework was the support I received from their team. I regularly met with them to provide feedback on what worked well and what didn't in their modules. They took my feedback seriously, often implementing it into features, hotfixes, and interface changes. Part of the reason for this was my clear and detailed communication style.
While some customers might say, "This sucks," I made sure to explain exactly why and how I would suggest fixing it. This approach was well-received by their product managers, who valued my input. As a premium customer, I have access to account managers. Its support is very good.
Sometimes, the support process was quite slow. While they acknowledged my tickets promptly, resolving issues could take weeks as they liaised back and forth with engineering to diagnose and determine solutions. However, the support I received from my account management and technical account management teams was very good.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
Lacework's advantage is its ability to differentiate between active and inactive packages through the agent. Most other CNAPP solutions don't offer this capability, and competitors like Wiz don't implement it as effectively.
I've used several other platforms, such as Wiz and Prisma, and they all cover similar functionalities, such as scanning for misconfigurations in the cloud against compliance standards, monitoring IAM configurations for risks, logging and anomaly detection, host-based vulnerability scanning, and IAC code scanning. Wiz offers better reporting and ease of data extraction from datasets.
Lacework, on the other hand, is generally more cost-effective and becomes user-friendly once you're accustomed to its UI conventions. However, extracting specific data from Lacework can sometimes be challenging.
How was the initial setup?
The product is very straightforward to deploy across an entire AWS or GCP organization. They offer automation via Terraform and CloudFormation templates, which allow deployment across all accounts with the appropriate permissions. As for Azure, I'm unsure about its compatibility.
What was our ROI?
You can expect ROI from vulnerability management.
What's my experience with pricing, setup cost, and licensing?
My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz.
What other advice do I have?
I rate the overall product a seven out of ten.
Strong Security, But Takes Time to Master
What do you like best about the product?
Covers all our cloud security needs, protecting from end to end.
What do you dislike about the product?
Learning Curve: Setting up and getting the hang of it can be tricky and time-consuming for some.
What problems is the product solving and how is that benefiting you?
Lacework is solving the headache of keeping our cloud environment secure by automatically detecting threats and giving us clear insights into any security issues. This means we don't have to constantly monitor everything ourselves, freeing up our time.
Good product but dont like the UI experience much
What do you like best about the product?
Mainly like the different set of standards it provides like SOC2, PCIDSS, HIPAA etc. where we can generate reports directly against each compliance framework which is very helpful during an audit.
I really like the findings it provides using agents with our kubernetes platform where lacework can give us more granular findings on the container behavior in the platform where we struggled to find what was happening within the kubernetes infrastructure.
I really like the findings it provides using agents with our kubernetes platform where lacework can give us more granular findings on the container behavior in the platform where we struggled to find what was happening within the kubernetes infrastructure.
What do you dislike about the product?
The dashboard is difficult to navigate, making it challenging to quickly find specific information or insights.
Also creating custom dashboards for our requirement is not straightforward.
Automation with the AWS control tower is not working time to time where they have not considered large scale setups where the architecture does not scale for hundreds of accounts migration.
Also creating custom dashboards for our requirement is not straightforward.
Automation with the AWS control tower is not working time to time where they have not considered large scale setups where the architecture does not scale for hundreds of accounts migration.
What problems is the product solving and how is that benefiting you?
We are very concerned about our compliance and governance in our platform and lacework provide us the tools to stay compliant and find any deviations
Also since we are currently migrating to kubernetes platform it provide necessary information on any issues inside the platform including the images it runs
Also since we are currently migrating to kubernetes platform it provide necessary information on any issues inside the platform including the images it runs
It is good overall
What do you like best about the product?
Detection and remediation, east of use, integration
What do you dislike about the product?
Nothing much there to dislike about the product
What problems is the product solving and how is that benefiting you?
Cybersecurity
Product was ok.
What do you like best about the product?
Product once setup works well, however requires quite a bit of setup.
What do you dislike about the product?
Product still relies on agent based deployment.
initial review of logs had much higher false positives than anticipated.
initial review of logs had much higher false positives than anticipated.
What problems is the product solving and how is that benefiting you?
We didn't get to the phase of the product being fully used by our security team unfortunately.
Nice, but there is still much work to do.
What do you like best about the product?
The ease of use of the system, ease of implementation. easy integration.
What do you dislike about the product?
Limitation in creating policies / triggers.
What problems is the product solving and how is that benefiting you?
Security alerts that happening
showing 1 - 10