Sold by: Fortinet Inc.Â
Deployed on AWS
Free Trial
AWS Free Tier
Lacework FortiCNAPP offers unmatched visibility and context to simplify and strengthen security, empowering teams to make the biggest impact with minimal effort and time.
Overview
Lacework FortiCNAPP empowers teams to quickly identify, prioritize, and remediate code vulnerabilities, cloud misconfigurations, and overprivileged identities more efficiently, safeguard business continuity through rapid detection, investigation, and resolution of active threats like compromised credentials, streamline security operations, to do more with less, while maintaining the highest security standards and continuously comply with evolving regulations and industry best practices.
Our data-driven platform never stops learning. It automatically visualizes complex relationships between entities, events, and vulnerabilities, correlates build and runtime data for deeper insights and uses patented analytics to understand normal behavior within your environment. It notifies you to significant changes and provides highly actionable alerts, all without requiring you to create and maintain static, rigid rules.
Whether your applications run in a single cloud, across multiple clouds, in a hybrid environment, or use containers and Kubernetes, Lacework FortiCNAPP delivers the right alerts to the right people at the right time to protect your applications, data and business.
Lacework is a more comprehensive alternative to products from companies like Palo Alto Networks, Wiz, Aqua, Orca, Snyk, Sysdig, and CrowdStrike and offers key features such as:
CODE SECURITY - Lacework FortiCNAPP offers integrated code security with SCA, SAST, and IaC security. It continuously monitors runtime application behavior to identify active, exploitable vulnerable packages versus inactive ones with lower risk.
CSPM/KSPM - Lacework FortiCNAPP provides robust CSPM and KSPM to ensure cloud service usage aligns with regulatory guidelines and best practices like CIS Benchmarks for AWS and AWS FSBP. To help prioritize risks, Lacework FortiCNAPP attack path analysis visualizes how attackers could exploit misconfigurations, showing the interconnected risks of a host or container, such as internet exposure, critical vulnerabilities, misconfigurations, exposed secrets, and privileged IAM roles.
CIEM - Lacework FortiCNAPP provides Cloud Infrastructure Entitlement Management (CIEM) for complete visibility into AWS IAM users, groups, roles, policies, entitlements, and machines (EC2). It automatically discovers identities, assesses net-effective permissions, and highlights excessive ones by comparing granted and used permissions.
BEHAVIOR ANALYTICS - Lacework FortiCNAPP continuously monitors AWS workloads for unusual behaviors, like compromises by comparing past and present states to detect anomalies. With over 100 patents, our approach ensures faster detection, quicker responses, and improved security.
COMPOSITE ALERTS - Lacework FortiCNAPP is unique in detecting early signs of active attacks by automatically correlating various alerts into a single, high-confidence composite alert. This alert provides detailed context and evidence of suspected attacks for further investigation. Lacework FortiCNAPP uses behavioral analytics, anomaly detection, in-house threat intelligence, and insights from AWS CloudTrail and GuardDuty to identify active attacks, including compromised credentials, ransomware and cryptojacking.
Contact AWSsales@fortinet.com for more information, a demo, or to discuss a private offer.
Are you concerned about the security of your cloud environment? Our expert cloud consulting services can help you implement security best practices, identify vulnerabilities, ensure compliance and protect your data from potential threats.
https://aws.amazon.com/marketplace/pp/prodview-bnqdxtusyye5qÂ
https://aws.amazon.com/marketplace/pp/prodview-ua74gq5f72fcqÂ
Highlights
- Gain comprehensive, continuous visibility into your AWS assets, applications, and users, enabling you to identify, measure, prioritize, and address associated risks faster and more efficiently
- Ensure business continuity by rapidly detecting, investigating, and resolving active attacks - such as compromised credentials, ransomware, and crypto-jacking to protect critical applications, services, and data
- Do more with less by streamlining security processes while maintaining high standards. Reduce cloud security costs by consolidating multiple siloed tools into a single platform and improve time-to-value with automated, easy-to-deploy and DevOps-friendly cloud security at scale
Details
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Lacework Standard starter pack | Standard starter pack. Up to 500 vCPUs | $25,000.00 |
Lacework Pro starter pack | Pro starter pack. Up to 334 vCPUs | $25,000.00 |
Lacework Enterprise starter pack | Enterprise starter pack. Up to 250 vCPUs | $25,000.00 |
Vendor refund policy
No refunds
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
Fortinet FortiCare support offerings provide global support and deliver best-in-class support services. With FortiCare support, customers can be assured that their Fortinet security products are performing optimally and protecting their corporate assets. https://support.fortinet.comÂ
Let Fortinet cloud experts help you successfully adopt and operationalize Lacework FortiCNAPP to secure your hybrid and public cloud environments.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Fortinet Inc.
By One Identity
By Transmit Security
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Code Security
Integrated code security with Software Composition Analysis (SCA), Static Application Security Testing (SAST), and Infrastructure as Code (IaC) security with continuous runtime application behavior monitoring
Cloud Security Posture Management
Robust Cloud Service Posture Management (CSPM) and Kubernetes Security Posture Management (KSPM) with attack path analysis and visualization of interconnected infrastructure risks
Cloud Infrastructure Entitlement Management
Comprehensive visibility and assessment of AWS IAM users, groups, roles, policies, and machine entitlements with automatic discovery and excessive permission identification
Behavioral Analytics
Continuous monitoring of AWS workloads using advanced anomaly detection techniques with comparison of past and present states to identify unusual behaviors
Threat Correlation
Automated correlation of multiple security alerts into high-confidence composite alerts using behavioral analytics, anomaly detection, and threat intelligence from AWS CloudTrail and GuardDuty
Single Sign-On (SSO)
Supports automatic user synchronization across multiple directories with one-click access to corporate applications across on-premises and cloud environments
Multi-Factor Authentication
Provides diverse authentication methods including passwordless, passkeys, one-time passcodes, push notifications, biometric data, and security keys with real-time reporting capabilities
Identity Lifecycle Management
Enables role-based user provisioning with least-privileged access controls and automated user management workflows
Cloud Directory Services
Offers secure cloud-based directory management with web interface for managing users, authentication policies, and access controls
Security Integration
Supports pre-built authentication connectors with third-party web applications and integrations with cloud infrastructure platforms like AWS IAM, AWS SSO, Amazon Cognito, and Amazon EventBridge
Multi-Factor Authentication
Support for biometric authentication, FIDO standards, passwordless authentication, social logins, magic links, OTPs, and single sign-on across multiple authentication methods
Risk Detection Engine
Real-time fraud protection service analyzing hundreds of signals using machine learning to detect and prevent account takeover, session hijacking, device spoofing, and malicious bot attacks
Identity Verification
Advanced identity proofing using facial scans with liveness detection and government document validation for comprehensive identity verification
Authentication Protocols
Integration with open authentication protocols including OIDC and SAML for flexible and secure identity management
Contextual Policy Engine
Dynamic security profiling that continuously assesses trust levels and applies intelligent risk-based authorization decisions in real-time
Standard contract
No
No
Customer reviews
4
4 ratings
4 AWS reviews
|
382 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Computer Software
All-in-One Platform That Simplifies Cloud Security and Compliance
Reviewed on Nov 16, 2025
Review provided by G2
What do you like best about the product?
It is an amazing platform as how it pulls everything together in one place. We don't need to juggling separate tools for cloud security, workload monitoring and compliance, it helped us in giving us single view that actually make sense.
What do you dislike about the product?
Overall it's an amazing platform but one thing that i didn't like much about is that some part of it feels a bit heavy and slow to move through and it happens when particularly you are trying to drill down into specific thing.
What problems is the product solving and how is that benefiting you?
It has helped us in many ways and specific if i would say then it has cut through a lot of guesswork that comes with cloud security. Now no need of bouncing between different tools to understand what's going on as it helps in giving clear picture of workloads, configurations and potential risks all in one place.
Karan B.
Effortless Setup with Stellar Features
Reviewed on Oct 29, 2025
Review provided by G2
What do you like best about the product?
I found Lacework FortiCNAPP incredibly smooth to set up, which was neither tricky nor difficult at all. This ease of installation was something I deeply appreciated. During my hackathon experience, it effectively helped me in publishing my app and mimicking a production-level scenario for my project. This showed me its potential to be a great tool for application development and project presentation. I also loved the peer review feature, which provided authentic previews that were immensely helpful in decision-making. The platform’s associations with reputed partners like G2, HubSpot, and Salesforce highlighted its well-established and trustworthy nature. Additionally, I remember the features like vulnerability management and the alerting and prioritizing capabilities as excellent facets of Lacework FortiCNAPP. The single entity dashboard offering comprehensive visibility across multi-cloud environments, including AWS, Azure, and Kubernetes, was remarkable, helping greatly in monitoring the security posture. These aspects were impressive and beneficial, making it easy to use and efficient for its purposes.
What do you dislike about the product?
{"I find that the integration experience with Lacework FortiCNAPP could be enhanced. The process of linking it up with specific software tools like Terraform, remediation code, or a normal CI/CD system could feel more comprehensive and streamlined. Improving this aspect could make these integrations more efficient and less cumbersome."}
What problems is the product solving and how is that benefiting you?
Lacework FortiCNAPP helped me with app deployment and mimicking production scenarios during a hackathon, facilitating authentic peer reviews and decision-making.
Sai Tharun Kumar
Improving security insights has been helpful but inconsistent vulnerability tracking needs attention
Reviewed on Oct 29, 2025
Review from a verified AWS customer
What is our primary use case?
The major use case for Lacework FortiCNAPPÂ is for security.
I'm using it for security internally for my company.
What is most valuable?
The machine learning capability in Lacework FortiCNAPPÂ is used for threat detection.
Automated policy recommendation helps to improve my security measures in general.
I usually use certain policies in my workspace, like if there are some alerts or something.
Continuous compliance and security monitoring are good, but they need more improvement in the vulnerabilities part.
What needs improvement?
The vulnerability part is not systematically organized; it is all clumsy in the web UI, and it is not user-friendly.
Regarding improvements, the vulnerability part, recent changes with user management, and Fortinet IMÂ coming into place, which is not helpful at all because it cuts out the automation part, are the most important things.
Lacework FortiCNAPP should have a new clean UI and ease of access for the users as that should be the main concern.
There are limitations regarding the scalability of Lacework FortiCNAPP.
There are also more limitations with integrations like GitHub or any other pipeline, CI/CD, or ISD.
It is glitchy and works well only sometimes, and most of the time, the reports or other things are not properly calculated or circulated with the teams.
For how long have I used the solution?
I have been using Lacework FortiCNAPP for about two years.
What do I think about the stability of the solution?
The threat response time is good; we haven't faced any major threats as of now.
What do I think about the scalability of the solution?
There are limitations regarding the scalability of Lacework FortiCNAPP.
How are customer service and support?
Technical support from Fortinet is good; I get feedback and responses quickly.
How was the initial setup?
The installation of Lacework FortiCNAPP is quite complicated, especially regarding the settings.
We face some issues with troubleshooting the settings.
Which other solutions did I evaluate?
I see some big differences between Lacework FortiCNAPP and Microsoft.
The ease of access is better with Lacework FortiCNAPP, while Microsoft is more complex.
What other advice do I have?
I'm not aware of the pricing because I've seen it with my lead.
If I do these integrations, I see some impact on the DevSecOps workflow.
The integrations, like with GitHub , help with alerts directly over there.
The positive impacts I see from Lacework FortiCNAPP are majorly regarding security itself, but it has a long way to improve; there are many things to improve, and I have had many connects with the team to provide my feedback and requirements.
The review rating for Lacework FortiCNAPP is 6.
Computer Software
Useful Data and Easy Navigation, but Setup Can Be Tedious
Reviewed on Oct 14, 2025
Review provided by G2
What do you like best about the product?
The provided data is very useful, and the GUI is easy to navigate. Another great feature is the monitoring system, which enables quick detection of issues.
What do you dislike about the product?
The initial setup process requires some time and effort which can be tedious. Additionally l, the large volume of data presented at the start might seem overwhelming for new users.
What problems is the product solving and how is that benefiting you?
It really helped in maintaining the alerts for security issues and provides a secured platform.
omar s.
Excellent security solution for the cloud
Reviewed on Mar 10, 2025
Review provided by G2
What do you like best about the product?
Lacework offers complete visibility over our entire cloud infrastructure, thus facilitating threat detection and compliance with security standards.
What do you dislike about the product?
The initial setup can be a bit complex for new users, but once in place, the platform works perfectly.
What problems is the product solving and how is that benefiting you?
Lacework helps us solve visibility and compliance issues in our cloud and container environments. Thanks to its automated threat detection, we can quickly identify vulnerabilities and ensure that our infrastructure is always secure, allowing us to reduce the risk of cyberattacks while adhering to compliance standards.