Fortinet FortiCNAPP
Fortinet Inc.External reviews
385 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Evolutive platform with great security insights
What do you like best about the product?
The capacity of the platform to evolve with it's customer needs.
Ease of use and ease of integration.
Alerts are not noisy but still you can have detailed insights of non critical events.
Custom policies are easy to create and to deploy.
Ease of use and ease of integration.
Alerts are not noisy but still you can have detailed insights of non critical events.
Custom policies are easy to create and to deploy.
What do you dislike about the product?
Containers security can be improved to show a follow up of remediated vulenrabilities detected by the platform.
What problems is the product solving and how is that benefiting you?
Lacework helped us ensure compliance of our AWS environments. Reports are easy to generate in a timely matter for compliance needs.
Lacework also helped us gain confidence of our containers security to have a detailed insights of our workloads security.
Lacework also helped us gain confidence of our containers security to have a detailed insights of our workloads security.
Very rich system for different views and analysis.
What do you like best about the product?
The depth and every increasing capabilities
What do you dislike about the product?
Really don't have a big gripe to add on that.
What problems is the product solving and how is that benefiting you?
Monitoring keeps us apprised of things entering the environment that need investigation. Good clear output that is quickly actionable.
Bolstering our small team with a whole new security function
What do you like best about the product?
We're a small team - I wish I had a massive security team to help me sleep at night. Deploying Lacework has helped me sleep more comfortably knowing we've got tooling pouring over our platform looking for unusual errors.
It's helped a ton with keeping an eye on the platform, going a lot deeper than tools like Guarduty which I found suspiciously quiet sometimes. I particularly like the agent running on our platform keeping a proactive monitor on the actual Linux hosts and what they're up to as well.
It's also helped a ton with audit - we've spotted unusual behaviours or unexpected configuration and has helped us keep things tighter.
It's helped a ton with keeping an eye on the platform, going a lot deeper than tools like Guarduty which I found suspiciously quiet sometimes. I particularly like the agent running on our platform keeping a proactive monitor on the actual Linux hosts and what they're up to as well.
It's also helped a ton with audit - we've spotted unusual behaviours or unexpected configuration and has helped us keep things tighter.
What do you dislike about the product?
I think sometimes the false positives can get a little irritating - we don't get many but sometimes we get a lot when we're making a lot of changes, or when connecting to known external sources for the first time.
I also think some of the UI could be improved a little - like on mobile it isn't great, and occasionally find myself tripping over trying to find the right bit. But I think in general the product is going in the right direction and I've enjoyed seeing the new features come out.
I also think some of the UI could be improved a little - like on mobile it isn't great, and occasionally find myself tripping over trying to find the right bit. But I think in general the product is going in the right direction and I've enjoyed seeing the new features come out.
What problems is the product solving and how is that benefiting you?
We wish we had a larger security team, and while we can do a lot to keep our platform secure, security will always be top of mind.
Lacework has helped us to get better visibility on what is actually happening in our platform and to alert us to unusual behaviours or actions proactively.
It hasn't "solved" security, but it's had a positive impact on the security posture of the platform as well as helping us to sleep easier at night.
Lacework has helped us to get better visibility on what is actually happening in our platform and to alert us to unusual behaviours or actions proactively.
It hasn't "solved" security, but it's had a positive impact on the security posture of the platform as well as helping us to sleep easier at night.
We can see it all
What do you like best about the product?
Whatever unusual things happen on our production infrastructure, Laceworks points this out so we can check it out.
What do you dislike about the product?
Login-process is uncomfortable, guess because we have not setup SSO.
What problems is the product solving and how is that benefiting you?
Lacework helps us to protect our production data from external and internal threads by continuously looking for suspicious activities.
The Lacework experience
What do you like best about the product?
its a great swiss knife tool combining vulnerabilities with attack paths and reporting based on various international standards like ISO27001.
What do you dislike about the product?
the attack path does not work for our infrastructure design unfortunately..or at least not completely
What problems is the product solving and how is that benefiting you?
We are actually solving quite a number of problems with Lacework.
1. to get a full visbility of our infrastructure to know what happens and why it happens.
2. To have a good anomaly detection in place.
3. To check for compliance in all of our cloud components.
1. to get a full visbility of our infrastructure to know what happens and why it happens.
2. To have a good anomaly detection in place.
3. To check for compliance in all of our cloud components.
Capable product with great potential
What do you like best about the product?
The amount of alerts is manageable, console is easy to get around, intuitive for beginners and feature-full for when advanced investigations are required.
Competition is messier, with way more noise
Competition is messier, with way more noise
What do you dislike about the product?
Missing windows vulnerability management. Resource groups can't be used for vulnerability management as well as for alerting. Have had issues with search functionality
What problems is the product solving and how is that benefiting you?
Vulnerability management, cloud posture and compliance management. Reduce time to investigate. Improves security visibility. Detects anomalies, monitors servers and users
Still young, but definitely capable product.
What do you like best about the product?
Visibility into the activities in the cloud and on the hosts. Malicious activity can quickly be traced to it's origin. A lot of useful data on the assets and relations.
What do you dislike about the product?
Vulnerabilities in containers and on host do not provide actionable remediation recommendations (eg. upgrading the base image), they provide a list of vulnerable binaries to be fixed manually.
Alerts generate a lot of false positives to the point that severities below high are not really worth looking into.
Alerts generate a lot of false positives to the point that severities below high are not really worth looking into.
What problems is the product solving and how is that benefiting you?
Post mortem analysis (parsing through cloudtrail logs is simple and effective). Visibility into the resources across the organization, anomaly detection and investigation.
Deep visbility into cloud and infrastructure resources.
What do you like best about the product?
Lacework is simple to deploy and provides integrated visibility and security into cloud and on-premises infrastructure. This includes File Integrity Monitoring, Host Intrusion Detection and Vulnerability Scanning.
What do you dislike about the product?
The Lacework team resolves some minor buggy issues quickly and consistently. Otherwise, there is not much to dislike about Lacework. I believe they are working on new features consistently, and the product will get better and better over time.
What problems is the product solving and how is that benefiting you?
Deep visibility into cloud infrastructure and easy to setup alerting and monitoring.
Helpful prompt alerts when needed
What do you like best about the product?
Since I have been using Laceworks its become a morning ritual to look for the alerts and confirm what activities occurred over the evening and night hours. Laceworks is also prompt in sending out alerts that are very helpful to know what is going on the infrastructure and environment.
What do you dislike about the product?
Hmm, so far I wouldn't say there is anything to dislike.
What problems is the product solving and how is that benefiting you?
Security posture and keeping us informed of any exceptions that would or could cause any security incidents proactively.
Helps cut through all the noise typical of monitoring systems.
What do you like best about the product?
* It cuts through the noise and helps me see what matters most, providing the information needed to assess risks and develop a mitigation plan easily. Information and links can be easily shared so others can see what I see.
* With a click, I can see if a resource is available online or is a well-protected back-end system.
* I can see if a program was used in normal daily duties or in a more malicious way.
* It simplifies understanding how my complex infrastructure is connected to determine what may be affected by an event or vulnerability.
* The UI is intuitive, and the time to implement is very low. The integration with our different services was very simple.
By simplifying and focusing on key issues, I can escalate them to the business and development teams in a palatable form that doesn't overwhelm them. Prioritization is built in, and I can clearly convey what items require immediate action versus those that can be worked into existing projects.
It saves me a lot of time and makes me more informed and prepared when presenting risk assessments and incident reports to executives. It helps me avoid missing a configuration on a cloud component or a forgotten resource. I can easily present a top-down view of potentially affected resources and the path information or a bad actor took during an event.
* With a click, I can see if a resource is available online or is a well-protected back-end system.
* I can see if a program was used in normal daily duties or in a more malicious way.
* It simplifies understanding how my complex infrastructure is connected to determine what may be affected by an event or vulnerability.
* The UI is intuitive, and the time to implement is very low. The integration with our different services was very simple.
By simplifying and focusing on key issues, I can escalate them to the business and development teams in a palatable form that doesn't overwhelm them. Prioritization is built in, and I can clearly convey what items require immediate action versus those that can be worked into existing projects.
It saves me a lot of time and makes me more informed and prepared when presenting risk assessments and incident reports to executives. It helps me avoid missing a configuration on a cloud component or a forgotten resource. I can easily present a top-down view of potentially affected resources and the path information or a bad actor took during an event.
What do you dislike about the product?
Nothing so far. I still haven't gotten my Lacework t-shirt, but I'm sure they're working on that:)
What problems is the product solving and how is that benefiting you?
I need to be able to see my environment and know what vulnerabilities matter and how they could affect the business.
showing 241 - 250