The major use case for Lacework FortiCNAPP is for security.
I'm using it for security internally for my company.
Fortinet Lacework FortiCNAPP
Fortinet Inc.External reviews
140 reviews
from
External reviews are not included in the AWS star rating for the product.
Improving security insights has been helpful but inconsistent vulnerability tracking needs attention
What is our primary use case?
What is most valuable?
The machine learning capability in Lacework FortiCNAPP is used for threat detection.
Automated policy recommendation helps to improve my security measures in general.
I usually use certain policies in my workspace, like if there are some alerts or something.
Continuous compliance and security monitoring are good, but they need more improvement in the vulnerabilities part.
What needs improvement?
The vulnerability part is not systematically organized; it is all clumsy in the web UI, and it is not user-friendly.
Regarding improvements, the vulnerability part, recent changes with user management, and Fortinet IM coming into place, which is not helpful at all because it cuts out the automation part, are the most important things.
Lacework FortiCNAPP should have a new clean UI and ease of access for the users as that should be the main concern.
There are limitations regarding the scalability of Lacework FortiCNAPP.
There are also more limitations with integrations like GitHub or any other pipeline, CI/CD, or ISD.
It is glitchy and works well only sometimes, and most of the time, the reports or other things are not properly calculated or circulated with the teams.
For how long have I used the solution?
I have been using Lacework FortiCNAPP for about two years.
What do I think about the stability of the solution?
The threat response time is good; we haven't faced any major threats as of now.
What do I think about the scalability of the solution?
There are limitations regarding the scalability of Lacework FortiCNAPP.
How are customer service and support?
Technical support from Fortinet is good; I get feedback and responses quickly.
How was the initial setup?
The installation of Lacework FortiCNAPP is quite complicated, especially regarding the settings.
We face some issues with troubleshooting the settings.
Which other solutions did I evaluate?
I see some big differences between Lacework FortiCNAPP and Microsoft.
The ease of access is better with Lacework FortiCNAPP, while Microsoft is more complex.
What other advice do I have?
I'm not aware of the pricing because I've seen it with my lead.
If I do these integrations, I see some impact on the DevSecOps workflow.
The integrations, like with GitHub, help with alerts directly over there.
The positive impacts I see from Lacework FortiCNAPP are majorly regarding security itself, but it has a long way to improve; there are many things to improve, and I have had many connects with the team to provide my feedback and requirements.
The review rating for Lacework FortiCNAPP is 6.
Kit's Review
What do you like best about the product?
I think that it is intuitive to use, easy to navigate, and has a clean look, design, and feel. The page isn't too scattered or busy, yet it has a lot of good content at the tip of your fingers.
What do you dislike about the product?
The only negative that I have is they syncing with Okta. I can find that to be rather cumbersome and slow at times.
What problems is the product solving and how is that benefiting you?
It's a one stop shop for all things compliance and security related. As a Renewals Manager, I work with a lot of clients to go over legal, security, RFP's, questionairres, etc. The ability to have everything in once place is a big time saver and one less headache to deal with.
SafeBase review
What do you like best about the product?
SafeBase provides a secure and compliant environment for storing and sharing sensitive data. Granular access controls - Admins can set precise permissions on who can access what data, preventing unauthorized access. Audit trails - A full audit log tracks all activity, so there's accountability for how data is accessed and used.
What do you dislike about the product?
It can be somewhat laborious creating new accounts and has limited functionality for sending links to mulitple requestsed documents.
What problems is the product solving and how is that benefiting you?
I can easily share sensitive information making security reviews a more seamless process.
Helps to scan all of IAC scripts and configurations across our AWS and GCP environments
What is our primary use case?
We use the tool for two main purposes: vulnerability management and monitoring. We utilize it to scan all of our IAC scripts and configurations across our AWS and GCP environments. Additionally, we employ its agent to scan our compute nodes. This covers three main areas: cloud configuration, host systems, and IAC code, all essential for vulnerability management. We primarily focus on monitoring AWS CloudTrail to detect anomalous activities and risky behavior.
What is most valuable?
I find the cloud configuration compliance scanning mature. It generates a lot of data and supports major frameworks like ISO 27001 or SOC 2, providing reports and datasets. Another feature I appreciate is setting custom alerts for specific events. Additionally, I value the agent-based monitoring and scanning for compute nodes. It gives us deeper insights into our workloads and helps identify vulnerabilities across our deployed assets.
One key aspect of the agent that stands out is its capability to distinguish between active and inactive packages on compute nodes. This feature reduces the number of actionable vulnerabilities by focusing on packages actively running in the environment rather than all installed packages.
I noticed that it was quite noisy, with many alerts about things I wasn't particularly concerned about. However, over time, Lacework's anomaly detection improved by establishing baselines of normal activity. It now alerts us only when there are deviations from these baselines. Integrating with Slack was especially beneficial—I set up a dedicated Slack channel just for Lacework alerts. This allowed me to focus on the alerts that required attention.
What needs improvement?
The solution lacks a cohesive data model, making extracting the necessary data from the platform challenging. It uses its own LQL query language, and each database across different layers and modules is structured differently, complicating correlation efforts. Consequently, I had to create extensive custom reports outside Lacework because their default dashboards didn't communicate risk metrics. They're addressing these issues by redesigning their tools, including introducing the dashboard, which is a step closer to actionable insights but still needs refinement.
Regarding reporting features, the ability to create granular custom alerts remains limited. For instance, I could only filter alerts by source or type rather than selecting alerts based on specific IDs. This lack of granularity in alert management and reporting customization is a notable drawback.
For how long have I used the solution?
I have been using the product for one and a half years.
What do I think about the scalability of the solution?
The solution is scalable. I rate it a nine out of ten.
How are customer service and support?
One thing I appreciated about Lacework was the support I received from their team. I regularly met with them to provide feedback on what worked well and what didn't in their modules. They took my feedback seriously, often implementing it into features, hotfixes, and interface changes. Part of the reason for this was my clear and detailed communication style.
While some customers might say, "This sucks," I made sure to explain exactly why and how I would suggest fixing it. This approach was well-received by their product managers, who valued my input. As a premium customer, I have access to account managers. Its support is very good.
Sometimes, the support process was quite slow. While they acknowledged my tickets promptly, resolving issues could take weeks as they liaised back and forth with engineering to diagnose and determine solutions. However, the support I received from my account management and technical account management teams was very good.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
Lacework's advantage is its ability to differentiate between active and inactive packages through the agent. Most other CNAPP solutions don't offer this capability, and competitors like Wiz don't implement it as effectively.
I've used several other platforms, such as Wiz and Prisma, and they all cover similar functionalities, such as scanning for misconfigurations in the cloud against compliance standards, monitoring IAM configurations for risks, logging and anomaly detection, host-based vulnerability scanning, and IAC code scanning. Wiz offers better reporting and ease of data extraction from datasets.
Lacework, on the other hand, is generally more cost-effective and becomes user-friendly once you're accustomed to its UI conventions. However, extracting specific data from Lacework can sometimes be challenging.
How was the initial setup?
The product is very straightforward to deploy across an entire AWS or GCP organization. They offer automation via Terraform and CloudFormation templates, which allow deployment across all accounts with the appropriate permissions. As for Azure, I'm unsure about its compatibility.
What was our ROI?
You can expect ROI from vulnerability management.
What's my experience with pricing, setup cost, and licensing?
My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz.
What other advice do I have?
I rate the overall product a seven out of ten.
Safebase Platform Review: Strengthening Security and Compliance Efforts
What do you like best about the product?
1.Robust Security and Compliance Management: Users often appreciate SafeBase for its strong focus on security and compliance. The platform provides a comprehensive solution for managing assessments, compliance checks, and risk mitigation, which is crucial in today's security-conscious environment.
2.User-Friendly Interface: SafeBase is known for its user-friendly and intuitive interface. Users find it easy to navigate the platform, which is essential for efficient security and compliance management.
Customization Options: Many users appreciate the ability to customize assessments and compliance processes to align with their organization's specific needs and requirements. This flexibility is valuable in adapting the platform to different industries and use cases.
3.Integration Capabilities: SafeBase's integration with various security tools, compliance frameworks, and third-party software is highly regarded. This integration streamlines workflows and makes it easier for organizations to maintain security and compliance standards.
4.Comprehensive Reporting and Analytics: The platform offers in-depth reporting and analytics tools, allowing users to gain valuable insights into their security and compliance performance. This data-driven approach is crucial for making informed decisions and improvements.
5.Ongoing Support and Updates: SafeBase often receives positive feedback for its commitment to providing ongoing support, updates, and resources. Users appreciate having access to a knowledge base or learning hub to stay informed about the latest security and compliance trends and best practices.
2.User-Friendly Interface: SafeBase is known for its user-friendly and intuitive interface. Users find it easy to navigate the platform, which is essential for efficient security and compliance management.
Customization Options: Many users appreciate the ability to customize assessments and compliance processes to align with their organization's specific needs and requirements. This flexibility is valuable in adapting the platform to different industries and use cases.
3.Integration Capabilities: SafeBase's integration with various security tools, compliance frameworks, and third-party software is highly regarded. This integration streamlines workflows and makes it easier for organizations to maintain security and compliance standards.
4.Comprehensive Reporting and Analytics: The platform offers in-depth reporting and analytics tools, allowing users to gain valuable insights into their security and compliance performance. This data-driven approach is crucial for making informed decisions and improvements.
5.Ongoing Support and Updates: SafeBase often receives positive feedback for its commitment to providing ongoing support, updates, and resources. Users appreciate having access to a knowledge base or learning hub to stay informed about the latest security and compliance trends and best practices.
What do you dislike about the product?
1.Initial Learning Curve: While the platform is generally considered user-friendly, some users, particularly those new to security and compliance management, may experience a learning curve when getting started. More comprehensive onboarding resources could help address this issue.
2.Limited Customization: While SafeBase does offer customization options, some users may desire even greater flexibility in tailoring assessments and compliance processes to their unique needs. This can be a point of frustration for organizations with highly specific requirements.
2.Limited Customization: While SafeBase does offer customization options, some users may desire even greater flexibility in tailoring assessments and compliance processes to their unique needs. This can be a point of frustration for organizations with highly specific requirements.
What problems is the product solving and how is that benefiting you?
Efficiency: The platform enhances the efficiency of security and compliance operations by automating repetitive tasks, providing predefined assessment templates, and offering customizable workflows. This efficiency reduces the time and effort required to maintain security standards.
Great place for information to be consolidated - one stop spot for clients
What do you like best about the product?
The one stop spot for clients - ease of use
What do you dislike about the product?
Make clients a little nervous having to submit an email but totally explainable
What problems is the product solving and how is that benefiting you?
Using it to review It compliance with our SaaS clients
DD REview
What do you like best about the product?
The ease of use and ability to find documents and generate needed info quick, and clearly. My biggest isu\sue is when you don't know how to find this info anywhere.
What do you dislike about the product?
I think the need for it to be a bit more complicated, and maybe a dumbed down version would be fun / easy for light users like myself to get in and get out of the system
What problems is the product solving and how is that benefiting you?
DPA, NDA and all sorts of documentation. I don't use it as much as others but I think this is somethnig I plan to lean into for the next year of my sales journey
Good repository; not easy to navigate
What do you like best about the product?
SafeBase is easy to search for items you need; however, getting to exactly what you hope for is sometimes challenging due to poor design/search capabilities within the platform.
What do you dislike about the product?
The search and flow of the site are less than ideal and could use some improvement so the version control of different documents you'd like access to can be found.
What problems is the product solving and how is that benefiting you?
There are a lot of tools out there that I've utilized previously to access documents related to privacy, security, etc. SafeBase is definitely easier to share a link to customers externally with than others to maintain better access/version controls of pertinent documents.
Care agent
What do you like best about the product?
I like using safe base because it improves the way I do my job. I like the security measure of safebase. I created my own profile with safebase and I believe that it is #1 in its competitors
What do you dislike about the product?
For eh most part, I find that safe base is easy to use however I would like more security. I feel like this would be a better product if you could fix it. I would like to see improvements on how fast it is.
What problems is the product solving and how is that benefiting you?
Sometimes with safebase, it'll freeze or not give me the right information. I feel like I am more productive with this product. My business performance has increased.
showing 1 - 9