We use the tool for two main purposes: vulnerability management and monitoring. We utilize it to scan all of our IAC scripts and configurations across our AWS and GCP environments. Additionally, we employ its agent to scan our compute nodes. This covers three main areas: cloud configuration, host systems, and IAC code, all essential for vulnerability management. We primarily focus on monitoring AWS CloudTrail to detect anomalous activities and risky behavior.
Fortinet Lacework FortiCNAPP
Fortinet Inc.External reviews
382 reviews
from
External reviews are not included in the AWS star rating for the product.
Enhance security in your company with this real time threat detection and reporting software
What do you like best about the product?
Some of the best features that I have enjoyed using Lacework are security information and intelligent threat isolation of Lacework. It offers a high level of security since it offers insight of physical security in the cloud infrastructure to offer prompt response. Integrational with other systems like AWS and Azure has been realized to be easy and this implies that one can monitor his or her environments without having to change systems. The many reports and the dashboard allows us to be always in touch with security compliance and be ready to make sound decisions.
What do you dislike about the product?
The one weakness that is worth mentioning about Lacework is that it may be difficult to set up and it occupy a considerable amount of time. This has however brought some inconveniences in the assimilation process of the software into our system since it has been staged in sections. Furthermore, its potential is high as to some functions it might take some time to master them so we would need training for our team. All of these have slightly impacted on our on boarding process by causing a slight lag and also the need to direct more resources in as regards to making sure everyone is on to it.
What problems is the product solving and how is that benefiting you?
Regarding the problems of cloud security management, Lacework provides maximum monitoring and performs automatic threat related analysis and identification. It makes it easier for us to timely identify weaknesses as well as tackle events thus boosting our security level. The software also enhances our compliance prowess through provision of detailed reports and auditors that ease on regulation compliance. Therefore, the team is more effective and assured in the secure cloud environment that enhances our general business processes.
Lacework is a versatile product that has proven invaluable in various use cases
What do you like best about the product?
Its functions have been essential to detec anomalies, but do not cause fatigue in the control panel or tools. Additionally, I love that it gives us a single dashboard to view all of our workloads, and the daily alerts help our incident response team prioritize and address urgent issues.
What do you dislike about the product?
Starting to use this platform was one of the best decisions our organization has made. We were looking for an easy-to-use solution that covered all our assets in the cloud. Lacework has worked perfectly. I have nothing negative to say here about this tool.
What problems is the product solving and how is that benefiting you?
We use Lacework primarily for user and entity behavior analysis. Provides protection guarantee against the latest vulnerabilities and different types of threats. Additionally, they our company significantly improve its security posture in the cloud environment.
Coverage, security, data and compliance in a single portal automatically
What do you like best about the product?
I like their Speed of innovation and continuous improvement of the solution. In addition, beign able to put the whole puzzle together helps diagnose the risk of attacks on security layers and the impact of data. The Lacework app is very intuitive and has better features than the competition.
What do you dislike about the product?
I would like to see Lacework delve more into real-time suspicious or malicious threat analysis for virtual machines. Additioanlly, they sometimes have difficulties with historical metrics.
What problems is the product solving and how is that benefiting you?
I love that it is agent-free and that when new resources are added, Lacework detects them in the scan. This tool offers me a wide range of cloud security capabilities spanning all major cloud service providers.
We especially value the ability to quickly detect anomalies
What do you like best about the product?
I love that it's really easy to create a panel of widgets that you think are most important and use that to display on a dedicated monitor. We were pleasantly surprised at how easy it was to implement and integrated Lacework into our environment.
What do you dislike about the product?
It is neccessary to spend many hours becoming familiar with the tool to exploit its full potential. And in complex situations, it's sometimes difficult to determine why an alert is high or critical.
What problems is the product solving and how is that benefiting you?
Attack path mapping creates a contextual view beyond that of cloud-native security services. Plus the comprehensive user interface and extensive security features are really what sets it apart from other tools.
Dig into the details to discover inaccurate configurations and vulnerabilities
What do you like best about the product?
I love that the team actively listens to user feedback and releases new features and improvements frequently. The platform is exceptionally easy to use, making it easy to set up and integrates for teams of all size. And I love that it offers buil-in protection for cloud infrastructure, workloads, data, APIs, containers, and access management.
What do you dislike about the product?
I would like it to be able to integrate with a great variety of applications. Also, it would be nice if they could include timely security monitoring. Plus there is room to improve the board.
What problems is the product solving and how is that benefiting you?
Lacework makes cloud security management easy with all-in one platform. It also offers a three-sided view of our cloud environment: code scanning, resources monitoring and hacker view. Advanced reporting also makes it a great option for team meetings.
The systems are easy to use and understand, and setup is simple
What do you like best about the product?
I like implementing Lacework as it's very easy and the continuous development means you stay ahead of the curve. It can also help you gain complete visibility of your workloads in almost all security tasks that will be assigned to you.
What do you dislike about the product?
I think it would be great to be able to easily control what permissions the agent has on the endpoints. And to get the most value, you need to be able to write queries instead of human-readable questions. And in cases columns are unnecessarily truncated.
What problems is the product solving and how is that benefiting you?
The data analytics used in the platform allows for a single plane of glass at the endpoints. Furthermore, the response to the final points is excellent. With this tool we have the possibility of otaining a large amount of information from Windows endpoints and we also reduced costs.
Lacework enforces policies and monitors containers at runtime to prevent vulnerabilities
What do you like best about the product?
I love its capabilities like centralized administration, control groups, role-based access, and auditing. Additionally, the graphical user interface is easy to understand and clearly breaks down which resources are failing or passing which policies.
What do you dislike about the product?
I thought the initial setup process was a bit long, but we managed to do it with the help of the Lacework team. And I think some areas of the user interface require improvement.
What problems is the product solving and how is that benefiting you?
Lacework helps us with its ease of implementation, nice user interface, available CI/CD integration options and more! It also offers clear and practical recommendations to solve vulnerabilities and, at the same time, helps us make our CSPs more secure.
Perfect solution to protect your cloud environment
What do you like best about the product?
The tool is used daily to monitor vulnerabilities and threats in our environment. Lacework provides the functionality our team needs to protect the systems and data our business depends on every day. It is a wonderful solution for assets located in public cloud hosting environments.
What do you dislike about the product?
The truth is that there is nothing I don't like about Lacework, our team was looking for an easy-to-use solution that covered all our assets in the cloud and we are very happy with the results obtained thanks to this platform.
What problems is the product solving and how is that benefiting you?
We use Lacework primarily for user and entity behavior analysis. It allows us to be awere of any anomalies in our systems, whether it is a process, a user or a connection coming from an unusual location, etc.
Helps to scan all of IAC scripts and configurations across our AWS and GCP environments
What is our primary use case?
What is most valuable?
I find the cloud configuration compliance scanning mature. It generates a lot of data and supports major frameworks like ISO 27001 or SOC 2, providing reports and datasets. Another feature I appreciate is setting custom alerts for specific events. Additionally, I value the agent-based monitoring and scanning for compute nodes. It gives us deeper insights into our workloads and helps identify vulnerabilities across our deployed assets.
One key aspect of the agent that stands out is its capability to distinguish between active and inactive packages on compute nodes. This feature reduces the number of actionable vulnerabilities by focusing on packages actively running in the environment rather than all installed packages.
I noticed that it was quite noisy, with many alerts about things I wasn't particularly concerned about. However, over time, Lacework's anomaly detection improved by establishing baselines of normal activity. It now alerts us only when there are deviations from these baselines. Integrating with Slack was especially beneficial—I set up a dedicated Slack channel just for Lacework alerts. This allowed me to focus on the alerts that required attention.
What needs improvement?
The solution lacks a cohesive data model, making extracting the necessary data from the platform challenging. It uses its own LQL query language, and each database across different layers and modules is structured differently, complicating correlation efforts. Consequently, I had to create extensive custom reports outside Lacework because their default dashboards didn't communicate risk metrics. They're addressing these issues by redesigning their tools, including introducing the dashboard, which is a step closer to actionable insights but still needs refinement.
Regarding reporting features, the ability to create granular custom alerts remains limited. For instance, I could only filter alerts by source or type rather than selecting alerts based on specific IDs. This lack of granularity in alert management and reporting customization is a notable drawback.
For how long have I used the solution?
I have been using the product for one and a half years.
What do I think about the scalability of the solution?
The solution is scalable. I rate it a nine out of ten.
How are customer service and support?
One thing I appreciated about Lacework was the support I received from their team. I regularly met with them to provide feedback on what worked well and what didn't in their modules. They took my feedback seriously, often implementing it into features, hotfixes, and interface changes. Part of the reason for this was my clear and detailed communication style.
While some customers might say, "This sucks," I made sure to explain exactly why and how I would suggest fixing it. This approach was well-received by their product managers, who valued my input. As a premium customer, I have access to account managers. Its support is very good.
Sometimes, the support process was quite slow. While they acknowledged my tickets promptly, resolving issues could take weeks as they liaised back and forth with engineering to diagnose and determine solutions. However, the support I received from my account management and technical account management teams was very good.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
Lacework's advantage is its ability to differentiate between active and inactive packages through the agent. Most other CNAPP solutions don't offer this capability, and competitors like Wiz don't implement it as effectively.
I've used several other platforms, such as Wiz and Prisma, and they all cover similar functionalities, such as scanning for misconfigurations in the cloud against compliance standards, monitoring IAM configurations for risks, logging and anomaly detection, host-based vulnerability scanning, and IAC code scanning. Wiz offers better reporting and ease of data extraction from datasets.
Lacework, on the other hand, is generally more cost-effective and becomes user-friendly once you're accustomed to its UI conventions. However, extracting specific data from Lacework can sometimes be challenging.
How was the initial setup?
The product is very straightforward to deploy across an entire AWS or GCP organization. They offer automation via Terraform and CloudFormation templates, which allow deployment across all accounts with the appropriate permissions. As for Azure, I'm unsure about its compatibility.
What was our ROI?
You can expect ROI from vulnerability management.
What's my experience with pricing, setup cost, and licensing?
My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz.
What other advice do I have?
I rate the overall product a seven out of ten.
Cloud Security Management simplified
What do you like best about the product?
Its diverse service offerings and ability to adapt to market needs - it's like the swiss army knife of cloud security tools, allowing us to consolidate different functions and needs all in one place
What do you dislike about the product?
Account management team has seen some flux in the last year
What problems is the product solving and how is that benefiting you?
The dynamic growth of our cloud infrastructure requires us to have automated posture analysis to mitigate and reduce risks, as on our scale manual remediation would be near impossible
showing 11 - 20