Master Lacework (now FortiCNAPP) with our step-by-step tutorial, detailed feature walkthrough, and expert tips.
Contact Fortinet sales to request a 2–4 week proof
value engagement for your cloud environment Complete cloud environment assessment and integration planning with Fortinet engineers Deploy FortiCNAPP using agentless cloud API integrations across target AWS, Azure, or GCP accounts Configure behavioral baselines and compliance policies during initial 30
day onboarding period Train security team on platform features and integrate with existing security operations workflows
💡 Quick Start: Follow these 3 steps in order to get up and running with Lacework (now FortiCNAPP) quickly.
Explore the key features that make Lacework (now FortiCNAPP) powerful for data & analytics workflows.
Advanced machine learning algorithms create dynamic baselines for cloud workloads and automatically detect anomalous behaviors that indicate potential security threats, including zero-day attacks and insider threats
Essential for detecting sophisticated attacks that bypass traditional signature-based security tools, particularly useful for identifying lateral movement and data exfiltration attempts
Automatically discovers and maps all cloud resources, containers, and their interconnections across multi-cloud environments to provide comprehensive visibility and context for security events
Perfect for organizations with complex cloud architectures needing to understand attack paths and blast radius of potential security incidents
Provides comprehensive threat detection and compliance monitoring without requiring agent installation, using cloud-native APIs and integrations for minimal performance impact
Ideal for organizations seeking rapid deployment and broad coverage across dynamic cloud environments without operational overhead
Continuous assessment of cloud configurations against major compliance frameworks with automated report generation and remediation guidance
Critical for enterprises needing to maintain compliance with SOC 2, PCI DSS, HIPAA, and other regulatory requirements while scaling cloud operations
Lacework was acquired by Fortinet in 2024 and has been rebranded as FortiCNAPP. The underlying Polygraph Data Platform technology remains intact and continues to be developed, but it is now part of Fortinet's Security Fabric portfolio and is being integrated with other Fortinet products such as FortiGate, FortiEDR, and FortiAnalyzer.
Traditional tools rely on predefined rules and signatures that must be written and maintained by security teams. Lacework's Polygraph engine uses machine learning to automatically build behavioral baselines of every entity in your cloud — users, processes, containers, network flows — and detects deviations as potential threats. This catches zero-day attacks and insider threats that rule-based systems miss.
FortiCNAPP supports AWS, Microsoft Azure, Google Cloud Platform, and Oracle Cloud Infrastructure for cloud account scanning. For workloads, it protects Linux and Windows servers, Docker containers, Kubernetes clusters (including EKS, AKS, GKE, and self-managed), serverless functions, and IaC templates including Terraform, CloudFormation, and Kubernetes manifests.
Pricing is enterprise-only and quoted based on factors including cloud account count, workload volume (typically measured in monthly active resources or vCPUs), modules enabled, and contract length. There is no published price list or self-service tier. Most mid-market deployments start in the $50,000–$150,000 annual range, while large enterprise contracts with hundreds of cloud accounts and full module coverage typically reach $250,000–$500,000+ annually. Contact Fortinet sales for a custom quote and to request a proof-of-value engagement.
FortiCNAPP is not a replacement for a SIEM or traditional EDR. It is a cloud-focused CNAPP that covers cloud posture, workload, identity, and Kubernetes security. It complements SIEM platforms by forwarding high-fidelity cloud alerts, and under Fortinet it integrates tightly with FortiEDR for endpoint coverage and FortiAnalyzer for SIEM-like correlation across cloud and network data.
FortiCNAPP does not offer a self-service free trial. However, Fortinet sales teams can arrange a proof-of-value (POV) engagement, typically lasting 2–4 weeks, where the platform is deployed in your environment with guided onboarding. This allows teams to evaluate behavioral detection quality and compliance coverage against their specific cloud infrastructure before committing to a contract.
Now that you know how to use Lacework (now FortiCNAPP), it's time to put this knowledge into practice.
Sign up and follow the tutorial steps
Check pros, cons, and user feedback
See how it stacks against alternatives
Follow our tutorial and master this powerful data & analytics tool in minutes.
Tutorial updated March 2026