Fortinet FortiCNAPP
Fortinet Inc.External reviews
382 reviews
from
External reviews are not included in the AWS star rating for the product.
A comprehensive and robust view of security
What do you like best about the product?
I appreciate the comprehensive security monitoring that Lacework provides for AWS, GCP, and our own microservices architectures. The high signal-to-noise ratio allows security analysts to stay vigilant and investigate suspicious activity quickly. Continuous vulnerability management and compliance checks also help us effectively mitigate risk across all platforms. Deploying agents through code is a huge time saver, allowing security team members to spend more time analyzing rather than building systems from scratch.
What do you dislike about the product?
I do not like the fact that Lacework is more expensive compared to market alternatives.By having a more precise plan for resource allocation, it would be easier to manage expenses efficiently and ensure that costs cover the actual needs specified by customer requirements.
What problems is the product solving and how is that benefiting you?
Lacework helps me make sense of my security data. Without it, I would be overwhelmed trying to manually process all the information coming in from multiple sources
Efficient and effective cloud security threat visibility
What do you like best about the product?
Lacework provides great visibility into our cloud security visibility and monitoring. It can detect anomalies that have helped reduce any compromise in our environment.
What do you dislike about the product?
We have experienced a few false positive anomalies reported over the last year of using Lacework. However, the support team has assisted with fixing any known problems we have raised.
What problems is the product solving and how is that benefiting you?
Lacework has helped us with the overall visibility and monitoring of our AWS cloud environment. We have also identified vulnerabilities within our hosts through their agent and agentless capabilities.
Great tool for monitoring and providing insight for cloud environments
What do you like best about the product?
Relatively easy ramp-up that provides actionable and clear findings. Data is correlated and displays a timeline of associated events for potential issues. Very similar functionality to products such as Palo Alto Network's Cortex line of options
What do you dislike about the product?
Could use a better breadcrumb function allowing you to investigate issues then go back to previous screens when researching. It often takes you back to the main dashboard which isn't always helpful when you're trying to add context to a main alert while also working on that main alert screen.
What problems is the product solving and how is that benefiting you?
Visibility into our security posture for cloud environment. Alerting on any changes made and especially issues that have potential for vulnerability introductions or public exposure of assets.
Amazing customer support and good product, on the expensive side and lacks open security integration
What do you like best about the product?
The interaction with the customer success and product manager has been extremely open and positive.
They are putting development efforts into the product. They have also demonstrated commitment to the roadmaps they promised at the beginning of the contract, developing the agentless scanning capabilities, custom privacy features and expanding coverage of different Cloud Service Providers.
The product and the SaaS portal (with European hosting available) are easy to integrate and use; the agents are seamless, and agentless scanning is catching up regarding features with the agent-based capabilities.
When we acquired it, Lacework was the only security and compliance product that could meet all of our requirements regarding support for hybrid public/private deployments, completely private Cloud, containers' introspection, European legislation, and privacy.
Their customer support is excellent. We had access to continuous technical deployment support throughout the whole run of the contract.
Finally, compliance and security vulnerability scanning coverage is impressive and vastly superior to the standard CSP service offerings.
They are putting development efforts into the product. They have also demonstrated commitment to the roadmaps they promised at the beginning of the contract, developing the agentless scanning capabilities, custom privacy features and expanding coverage of different Cloud Service Providers.
The product and the SaaS portal (with European hosting available) are easy to integrate and use; the agents are seamless, and agentless scanning is catching up regarding features with the agent-based capabilities.
When we acquired it, Lacework was the only security and compliance product that could meet all of our requirements regarding support for hybrid public/private deployments, completely private Cloud, containers' introspection, European legislation, and privacy.
Their customer support is excellent. We had access to continuous technical deployment support throughout the whole run of the contract.
Finally, compliance and security vulnerability scanning coverage is impressive and vastly superior to the standard CSP service offerings.
What do you dislike about the product?
The product is expensive, especially considering that competitive offerings are now available, which were not a couple of years ago. Depending on your use case, Lacework may be overkill. A simpler, cheaper alternative could fit your niche better - especially if you do not need to support hybrid deployments and private Clouds. If you focus on public Cloud and agentless scanning, competitive products will likely serve you better and will probably be cheaper.
Lacework was subject to a series of layoffs at the beginning of 2023. We have not noticed slow-downs or impacts from that.
For a long time, the major turn-off from Lacework was their inability to work in real-time unless you are investing into (or already have available) a Snowflake data lake. Logs and events are processed into 24-hour batches, and you receive daily email notifications of non-conformity or security issues. This behavior is sufficient for compliance but clearly unacceptable for security purposes. Although they integrate now with New Relics and Splunk, they can still not offer an open integration with other tools unless the events are channeled through a Splunk collector.
We have noticed that other security tools could leverage the information Lacework collects (or Lacework could introduce monitoring for such security events). For instance, they see all the web URLs accessed by a specific Cloud instance or container but do not act on them. They will identify whether a malicious IP is connected, but not in case of a malicious URL, although the information is present. Third-party tools could leverage this if integration were possible.
Lacework was subject to a series of layoffs at the beginning of 2023. We have not noticed slow-downs or impacts from that.
For a long time, the major turn-off from Lacework was their inability to work in real-time unless you are investing into (or already have available) a Snowflake data lake. Logs and events are processed into 24-hour batches, and you receive daily email notifications of non-conformity or security issues. This behavior is sufficient for compliance but clearly unacceptable for security purposes. Although they integrate now with New Relics and Splunk, they can still not offer an open integration with other tools unless the events are channeled through a Splunk collector.
We have noticed that other security tools could leverage the information Lacework collects (or Lacework could introduce monitoring for such security events). For instance, they see all the web URLs accessed by a specific Cloud instance or container but do not act on them. They will identify whether a malicious IP is connected, but not in case of a malicious URL, although the information is present. Third-party tools could leverage this if integration were possible.
What problems is the product solving and how is that benefiting you?
Monitor multi-Cloud Service Providers respecting privacy legislation and compliance.
Extremely Helpful In Terms Of Security And Notification
What do you like best about the product?
- Its usability. - Email notification and integration with Slack. - Easy set-up.
What do you dislike about the product?
Nothing that I have found so far. I have used it already for 2 months or so.
What problems is the product solving and how is that benefiting you?
It is mostly solving security-related issue that we were unaware of before and also compliance-related stuff that we were not bothered at all.
Powerful, comprehensive visibility for your resources at AWS.
What do you like best about the product?
Sometimes we have resources created to solve a specific issue at AWS. Those resources are forgotten and pose a threat. No more forgotten vulnerabilities. It's all right there for you to see with recommendations on mitigation or best practices. Integration with Slack lets us see threats in near real time.
What do you dislike about the product?
Lacework collects so much data that it's sometimes hard to present in a way that is easy to understand or research possible implications. I'm not sure this is an easily solvable problem. I guess I'd rather have the data than not.
What problems is the product solving and how is that benefiting you?
We see resources that are out of compliance with best practices and are able to see preferred approaches to solving problems in AWS. Seeing the vulnerabilities on all of our hosts in one place is also a huge benefit.
Best tool to get detailed container vulnerability report
What do you like best about the product?
A detailed description of the vulnerabilities in criticality, introduced layer, and fixed versions. Helps to mitigate the security risks with ease based on the generated report
What do you dislike about the product?
Nothing much to dislike. UI could have been improved. Always it's hard to set the required filters among the results, and configuring the filter was too overwhelming.
What problems is the product solving and how is that benefiting you?
Lacework helps in mitigating security risks with the help of periodic scans and generating the scan report. This allows us to deliver images with free of potential CVEs
Great cloud monitoring
What do you like best about the product?
- accurate monitoring of our AWS cloud environment
What do you dislike about the product?
- many follow-up tasks that need to be taken care of
What problems is the product solving and how is that benefiting you?
For ISO27001 and other IT Security related certifications we need a proper monitoring
Lacework is a great product
What do you like best about the product?
Lacework provide indepth asset invetory of cloud resource. You can protect only if you know what you have.
What do you dislike about the product?
K8s detection needs more improvement. I think lacework team is working on it to improve it
What problems is the product solving and how is that benefiting you?
cloud posture management, vulnerability management
A useful tool for security alerts
What do you like best about the product?
I really like how it can give you a bird's eye view of potential intrusions in the systems.
What do you dislike about the product?
I found the UI a bit much in the beginning, when I got thrown a link to a specific alert; there's a lot of stuff to pay attention to.
What problems is the product solving and how is that benefiting you?
I need to know when people are trying to do bad things to our network endpoints
showing 111 - 120