Lacework (now FortiCNAPP) Review 2026

Name: Lacework (now FortiCNAPP)
Brand: Lacework (now FortiCNAPP)
Rating: 4.6 (11 reviews)

Honest pros, cons, and verdict on this data & analytics tool

★★★★★

4.2/5

✅ Polygraph behavioral engine automatically baselines normal activity and surfaces anomalies without requiring teams to write and maintain detection rules, dramatically reducing tuning overhead

Starting Price

$50,000/year

Free Tier

What is Lacework (now FortiCNAPP)?

AI-powered cloud-native application protection platform providing behavioral threat detection, compliance monitoring, and vulnerability management across multi-cloud environments

Lacework, now rebranded as FortiCNAPP, is an enterprise-grade AI-powered Cloud-Native Application Protection Platform (CNAPP) in the cloud security category that provides behavioral threat detection, compliance automation, and vulnerability management, with custom pricing typically starting in the mid-five-figure annual range for mid-market deployments. Originally founded in 2015 and acquired by Fortinet in 2024 for an undisclosed sum following $1.3 billion in total venture funding, the platform pioneered the use of machine learning and behavioral analytics to automatically baseline normal cloud activity and detect anomalies indicative of threats. The Polygraph Data Platform ingests over 750 billion cloud events daily across customer environments, building behavioral models for every entity — users, processes, containers, and network flows — to surface deviations that rule-based systems miss entirely.

The platform consolidates five core cloud security disciplines into a single solution: Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWPP), Cloud Infrastructure Entitlement Management (CIEM), Kubernetes security, and vulnerability management. This unified approach replaces an average of 3–5 point security tools for enterprise customers, reducing tool sprawl and the associated licensing and integration overhead. FortiCNAPP supports over 150 prebuilt compliance frameworks and policy packs — including PCI DSS 4.0, HIPAA, SOC 2 Type II, NIST 800-53, and CIS Benchmarks — enabling continuous compliance evidence collection that organizations report cuts audit preparation effort by more than half compared to manual processes.

Key Features

✓Behavioral anomaly detection

✓Cloud security graph visualization

✓Automated incident response

✓Compliance dashboard and reporting

✓Threat intelligence integration

✓API-based security orchestration

Pricing Breakdown

Enterprise (Quote-based)

Custom

per month

✓Full CNAPP capabilities: CSPM, CWPP, container/Kubernetes security, IaC scanning, vulnerability management, and CIEM
✓Polygraph behavioral threat detection across users, workloads, and network
✓Multi-cloud coverage for AWS, Azure, GCP, and private cloud
✓Compliance reporting for major frameworks (CIS, PCI DSS, HIPAA, SOC 2, NIST, ISO 27001)
✓Integrations with CI/CD, ticketing, SIEM/SOAR, and the Fortinet Security Fabric

Pros & Cons

✅Pros

•Polygraph behavioral engine automatically baselines normal activity and surfaces anomalies without requiring teams to write and maintain detection rules, dramatically reducing tuning overhead
•Unified CNAPP consolidates CSPM, CWPP, CIEM, Kubernetes security, and vulnerability management into a single platform, replacing multiple point tools and their separate licenses
•Agentless cloud scanning provides rapid time-to-value across AWS, Azure, and GCP accounts, with deeper eBPF agent-based runtime protection available for critical workloads
•Strong attack path analysis correlates vulnerabilities, misconfigurations, and identity risks to prioritize the handful of exposures that actually create exploitable chains
•Post-acquisition integration with the Fortinet Security Fabric enables unified visibility between cloud workload telemetry and network/endpoint security data
•Continuous compliance automation with prebuilt policy packs for PCI DSS, HIPAA, SOC 2, NIST, and CIS saves significant audit preparation effort

❌Cons

•Enterprise-only pricing with no published tiers or self-serve options makes it inaccessible for smaller teams and creates friction for evaluation
•Brand transition from Lacework to FortiCNAPP has created documentation inconsistencies, confusion about product roadmap, and uncertainty for existing customers during integration
•Initial deployment and onboarding across multi-cloud environments can be complex, particularly when tuning Polygraph baselines for noisy or highly dynamic workloads
•Alert quality improves substantially after several weeks of behavioral learning, meaning early-stage detection can produce false positives before baselines stabilize
•UI and query experience, while improved, still lags behind more recent CNAPP entrants like Wiz in terms of intuitive navigation and graph exploration

Who Should Use Lacework (now FortiCNAPP)?

✓Enterprises running large multi-cloud footprints across AWS, Azure, and GCP that need unified visibility and posture management without deploying and correlating multiple point tools
✓Security teams struggling with alert fatigue from rule-based detection who need behavioral anomaly detection to surface genuine threats without constant rule tuning
✓Kubernetes-heavy organizations that need deep container runtime visibility, image scanning, and Kubernetes configuration assessment in a single platform
✓Regulated industries such as financial services, healthcare, and SaaS that need continuous compliance evidence for PCI DSS, HIPAA, SOC 2, and similar frameworks
✓DevSecOps teams embedding security into CI/CD pipelines through IaC scanning, container image analysis, and shift-left vulnerability management
✓Existing Fortinet customers who want to extend their Security Fabric into cloud workloads and correlate cloud telemetry with network and endpoint signals

Who Should Skip Lacework (now FortiCNAPP)?

×You're concerned about enterprise-only pricing with no published tiers or self-serve options makes it inaccessible for smaller teams and creates friction for evaluation
×You're concerned about brand transition from lacework to forticnapp has created documentation inconsistencies, confusion about product roadmap, and uncertainty for existing customers during integration
×You need something simple and easy to use

Alternatives to Consider

Orca Security

AI-powered agentless cloud security platform that provides comprehensive vulnerability management and compliance monitoring across multi-cloud environments

Starting at Enterprise

Learn more →

Darktrace

Self-learning AI cybersecurity platform that creates an Enterprise Immune System, autonomously detecting and responding to sophisticated cyber threats without signatures or rules.

Starting at Enterprise

Learn more →

Our Verdict

✅

Lacework (now FortiCNAPP) is a solid choice

Lacework (now FortiCNAPP) delivers on its promises as a data & analytics tool. While it has some limitations, the benefits outweigh the drawbacks for most users in its target market.

Try Lacework (now FortiCNAPP) →Compare Alternatives →

Frequently Asked Questions

What is Lacework (now FortiCNAPP)?

AI-powered cloud-native application protection platform providing behavioral threat detection, compliance monitoring, and vulnerability management across multi-cloud environments

Is Lacework (now FortiCNAPP) good?

Yes, Lacework (now FortiCNAPP) is good for data & analytics work. Users particularly appreciate polygraph behavioral engine automatically baselines normal activity and surfaces anomalies without requiring teams to write and maintain detection rules, dramatically reducing tuning overhead. However, keep in mind enterprise-only pricing with no published tiers or self-serve options makes it inaccessible for smaller teams and creates friction for evaluation.

How much does Lacework (now FortiCNAPP) cost?

Lacework (now FortiCNAPP) starts at $50,000/year. Check their pricing page for the most current rates and features included in each plan.

Who should use Lacework (now FortiCNAPP)?

Lacework (now FortiCNAPP) is best for Enterprises running large multi-cloud footprints across AWS, Azure, and GCP that need unified visibility and posture management without deploying and correlating multiple point tools and Security teams struggling with alert fatigue from rule-based detection who need behavioral anomaly detection to surface genuine threats without constant rule tuning. It's particularly useful for data & analytics professionals who need behavioral anomaly detection.

What are the best Lacework (now FortiCNAPP) alternatives?

Popular Lacework (now FortiCNAPP) alternatives include Orca Security, Darktrace. Each has different strengths, so compare features and pricing to find the best fit.

More about Lacework (now FortiCNAPP)

Pricing Alternatives Free vs Paid Pros & Cons Worth It?Tutorial

📖 Lacework (now FortiCNAPP) Overview 💰 Lacework (now FortiCNAPP) Pricing 🆚 Free vs Paid 🤔 Is it Worth It?

Last verified March 2026

What is Lacework (now FortiCNAPP)?

AI-powered cloud-native application protection platform providing behavioral threat detection, compliance monitoring, and vulnerability management across multi-cloud environments

Pricing Breakdown

Enterprise (Quote-based)

Custom

per month

✓Full CNAPP capabilities: CSPM, CWPP, container/Kubernetes security, IaC scanning, vulnerability management, and CIEM
✓Polygraph behavioral threat detection across users, workloads, and network
✓Multi-cloud coverage for AWS, Azure, GCP, and private cloud
✓Compliance reporting for major frameworks (CIS, PCI DSS, HIPAA, SOC 2, NIST, ISO 27001)
✓Integrations with CI/CD, ticketing, SIEM/SOAR, and the Fortinet Security Fabric

Pros & Cons

✅Pros

•Polygraph behavioral engine automatically baselines normal activity and surfaces anomalies without requiring teams to write and maintain detection rules, dramatically reducing tuning overhead
•Unified CNAPP consolidates CSPM, CWPP, CIEM, Kubernetes security, and vulnerability management into a single platform, replacing multiple point tools and their separate licenses
•Agentless cloud scanning provides rapid time-to-value across AWS, Azure, and GCP accounts, with deeper eBPF agent-based runtime protection available for critical workloads
•Strong attack path analysis correlates vulnerabilities, misconfigurations, and identity risks to prioritize the handful of exposures that actually create exploitable chains
•Post-acquisition integration with the Fortinet Security Fabric enables unified visibility between cloud workload telemetry and network/endpoint security data
•Continuous compliance automation with prebuilt policy packs for PCI DSS, HIPAA, SOC 2, NIST, and CIS saves significant audit preparation effort

❌Cons

•Enterprise-only pricing with no published tiers or self-serve options makes it inaccessible for smaller teams and creates friction for evaluation
•Brand transition from Lacework to FortiCNAPP has created documentation inconsistencies, confusion about product roadmap, and uncertainty for existing customers during integration
•Initial deployment and onboarding across multi-cloud environments can be complex, particularly when tuning Polygraph baselines for noisy or highly dynamic workloads
•Alert quality improves substantially after several weeks of behavioral learning, meaning early-stage detection can produce false positives before baselines stabilize
•UI and query experience, while improved, still lags behind more recent CNAPP entrants like Wiz in terms of intuitive navigation and graph exploration

Who Should Use Lacework (now FortiCNAPP)?

✓Enterprises running large multi-cloud footprints across AWS, Azure, and GCP that need unified visibility and posture management without deploying and correlating multiple point tools
✓Security teams struggling with alert fatigue from rule-based detection who need behavioral anomaly detection to surface genuine threats without constant rule tuning
✓Kubernetes-heavy organizations that need deep container runtime visibility, image scanning, and Kubernetes configuration assessment in a single platform
✓Regulated industries such as financial services, healthcare, and SaaS that need continuous compliance evidence for PCI DSS, HIPAA, SOC 2, and similar frameworks
✓DevSecOps teams embedding security into CI/CD pipelines through IaC scanning, container image analysis, and shift-left vulnerability management
✓Existing Fortinet customers who want to extend their Security Fabric into cloud workloads and correlate cloud telemetry with network and endpoint signals

Who Should Skip Lacework (now FortiCNAPP)?

×You're concerned about enterprise-only pricing with no published tiers or self-serve options makes it inaccessible for smaller teams and creates friction for evaluation
×You're concerned about brand transition from lacework to forticnapp has created documentation inconsistencies, confusion about product roadmap, and uncertainty for existing customers during integration
×You need something simple and easy to use

Alternatives to Consider

Orca Security

AI-powered agentless cloud security platform that provides comprehensive vulnerability management and compliance monitoring across multi-cloud environments

Starting at Enterprise

Learn more →

Darktrace

Self-learning AI cybersecurity platform that creates an Enterprise Immune System, autonomously detecting and responding to sophisticated cyber threats without signatures or rules.

Starting at Enterprise

Learn more →

Frequently Asked Questions

What is Lacework (now FortiCNAPP)?

AI-powered cloud-native application protection platform providing behavioral threat detection, compliance monitoring, and vulnerability management across multi-cloud environments

Is Lacework (now FortiCNAPP) good?

How much does Lacework (now FortiCNAPP) cost?

Lacework (now FortiCNAPP) starts at $50,000/year. Check their pricing page for the most current rates and features included in each plan.

Who should use Lacework (now FortiCNAPP)?

What are the best Lacework (now FortiCNAPP) alternatives?

Popular Lacework (now FortiCNAPP) alternatives include Orca Security, Darktrace. Each has different strengths, so compare features and pricing to find the best fit.