Combining Lacework's leading cloud-native application protection platform with the Fortinet Security Fabric delivers unmatched visibility and protection across multi-cloud environments
SUNNYVALE, Calif., Oct. 08, 2024 (GLOBE NEWSWIRE) -- News Summary
Fortinet (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced the general availability of Lacework FortiCNAPP, a single unified, AI-driven platform to secure everything from code to cloud all from a single vendor.
"Lacework FortiCNAPP is based on Lacework's proven cloud-native application protection platform with tight integration with the Fortinet Security Fabric," said John Maddison, Chief Marketing Officer at Fortinet. "We're pleased to expand our cloud-native security offerings and provide the industry's most comprehensive, full-stack cloud security platform that empowers teams to seamlessly eliminate risk across their multi-cloud environments."
The introduction of Lacework FortiCNAPP offers additional benefits that extend beyond Lacework's leading offering, such as automated remediation and blocking of active runtime threats, as well as enhanced visibility into FortiGuard Outbreak Alerts, which provide key information about new and emerging threats and the risk they pose within an organization's environment.
Challenges Disrupting Cloud Adoption
As customers continue to adopt cloud infrastructure and services, they are quickly realizing that traditional security tools simply lack the native capabilities required to address the scale, velocity, and dynamic nature of the cloud. Security teams are fundamentally challenged by the lack of time to address cloud security at scale due to limited cloud security knowledge, a proliferation of cloud security products that do little to help customers resolve issues, and an overwhelming number of security and compliance alerts.
Fortinet Helps Accelerate Customers' Cloud Journeys
With Lacework FortiCNAPP, Fortinet simplifies and strengthens cloud security with a unified platform from a single vendor that brings together multiple tools to significantly cut down the time to detect, prioritize, investigate, and respond to cloud-native threats. Lacework FortiCNAPP introduces a unique AI approach that never stops learning, maximizing cloud security with minimal time and effort for development, operations, and security teams by automatically connecting risk insights with runtime threat data, and ensuring that the most critical issues are prioritized and addressed.
Fortinet enables customers to address all their cloud security needs by delivering key features such as:
A unified platform: Fragmented tools create complex, expensive, and limited protection. As a platform, Lacework FortiCNAPP provides full visibility from code to cloud and correlates build and runtime risk and threat data to prioritize what matters most.
AI-based anomaly detection: Given that cloud threats evolve as quickly as the cloud itself, creating rules for every potential attack scenario is nearly impossible. Lacework FortiCNAPP's AI-based anomaly detection allows security analysts to detect previously undefined attack patterns that traditional rules-based systems cannot accomplish.
Integrated code security: Code security integrated with cloud security empowers teams to address issues at the earliest and most cost-effective stage in the application life cycle. By offering code security as an integral capability within the platform, customers can save time and money by fixing security issues, and reduce the risk of vulnerable applications and infrastructure while maintaining developer productivity and innovation velocity.
Composite alerts: Lacework FortiCNAPP is unique in detecting early signs of active attacks by automatically correlating various signals into a single, high-confidence composite alert. The platform uses behavioral analytics, anomaly detection, in-house threat intelligence, and insights from cloud service provider activity logs and threat services to identify active attacks, including compromised credentials, ransomware, and cryptojacking.
Integrations with the Fortinet Security Fabric: Integrations with Fortinet solutions such as FortiSOAR enable customers to streamline their response to active runtime threats, such as compromised hosts and compromised access keys, through automated remediation playbooks. Additionally, its integration with FortiGuard Outbreak Alerts helps teams understand how Lacework FortiCNAPP delivers enhanced visibility and deeper insights into the latest threats and where the solution can disrupt potential attacks.
Cloud Infrastructure Entitlement Management (CIEM): Lacework FortiCNAPP provides CIEM for complete visibility into cloud identities and their permissions. It automatically discovers identities, assesses net-effective permissions, and highlights excessive ones by comparing granted versus used permissions. Each identity is assigned a risk score based on more than 30 factors, helping prioritize high-risk identities. Lacework FortiCNAPP also offers automated remediation guidance for right-sizing permissions, ensuring least-privileged access.
Third-Party Validation
Lacework FortiCNAPP is based on the industry-recognized technology from Lacework, which is consistently recognized as a leader and Representative Vendor in CNAPP and Cloud Workload Security by leading analyst firms, including Frost and Sullivan, Gartner, GigaOm, and KuppingerCole.
Supporting Quotes
"Lacework FortiCNAPP helped us deal with the massive amount of information that we were getting out of all the different systems, from the native security tools and logging and alerting tools that came from cloud providers to third-party tools that we had purchased to help solve these problems."
- John Turner, Senior Security Architect, LendingTree
"Lacework FortiCNAPP automatically discovers and catalogs users, services, security groups, and secrets that are active within LawnStarter's AWS environment and compares them against industry frameworks and compliance requirements. LawnStarter can quickly pull customized reports created by Lacework FortiCNAPP to see which resources are compliant. As a result, LawnStarter has seen a 75% decrease in compliance violations over the past year, saving the company significant time and money. LawnStarter now has a robust compliance practice that is essential to earning and maintaining trust with customers, providers, investors, and advisors."
- Alberto Silveira, Head of Engineering, LawnStarter
Additional Resources
Learn more about Lacework FortiCNAPP.
Learn about Fortinet's free cybersecurity training, which includes broad cyber awareness and product training. As part of the Fortinet Training Advancement Agenda (TAA), the Fortinet Training Institute also provides training and certification through the Network Security Expert (NSE) Certification, Academic Partner, and Education Outreach programs.
Learn more about FortiGuard Labs threat intelligence and research and Outbreak Alerts, which provide timely steps to mitigate breaking cybersecurity attacks.
Read about how Fortinet customers are securing their organizations.
Follow Fortinet on X, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube.
*Gartner, Gartner Market Guide for Cloud-Native Application Protection Platforms, Dale Koeppen, Charlie Winckless, Neil MacDonald, Esraa ElTahawy, 22 July 2024
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About Fortinet
Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. Collaboration with esteemed organizations from both the public and private sectors, including CERTs, government entities, and academia, is a fundamental aspect of Fortinet's commitment to enhance cyber resilience globally. FortiGuard Labs, Fortinet's elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at , the Fortinet Blog, and FortiGuard Labs.
将Lacework领先的云原生应用保护平台与Fortinet安全布局相结合,为多云环境提供无与伦比的可见性和保护
加利福尼亚州圣尼韦尔,2024年10月08日(GLOBE NEWSWIRE) -- 新闻概要
推动网络与安全融合的全球网络安全领导者 Fortinet(纳斯达克股票代码:FTNT)今天宣布全面推出 Lacework FortiCNAPP,这是一个统一的人工智能驱动平台,可确保从代码到云的所有安全。
"Lacework FortiCNAPP基于Lacework的经过验证的云原生应用保护平台,与Fortinet安全布局紧密集成,"Fortinet首席市场官John Maddison说。"我们很高兴扩展我们的云原生安全产品,并提供行业内最全面、全方位的云安全平台,使团队能够轻松消除多云环境中的风险。"
Lacework FortiCNAPP的推出提供了额外的好处,超越了Lacework领先的产品,例如自动化补救和阻止活动时态威胁,以及增强了对FortiGuard爆发警报的可见性,提供有关新兴威胁及其在组织环境中所造成风险的关键信息。
挑战打破了云采用
随着客户继续采用云基础设施和服务,他们很快意识到传统安全工具简单缺乏应对云的规模、速度和动态特性所需的本机能力。安全团队在基本上面临着缺乏时间以规模化解决云安全的挑战,原因是缺乏云安全知识,大量的云安全产品未帮助客户解决问题,以及压倒性数量的安全和合规性警报。
飞塔信息帮助加速客户的云之旅
借助Lacework FortiCNAPP,飞塔信息通过来自单一供应商的统一平台简化和加强了云安全,汇集了多个工具,大大缩短了检测、优先处理、调查和应对云原生威胁所需的时间。Lacework FortiCNAPP引入了一种独特的人工智能方法,永不停止学习,在开发、运营和安全团队投入最少的时间和精力,通过自动将风险洞察连接到时态威胁数据,确保最关键的问题得到优先处理和解决。
飞塔信息通过提供关键功能,使客户能够满足其所有云安全需求,包括:
统一平台:破碎的工具会导致复杂、昂贵和有限的保护。作为一个平台,Lacework FortiCNAPP从代码到云端提供全面的可见性,并将构建和运行时风险和威胁数据进行相关,以优先处理最重要的事项。
基于人工智能的异常检测:考虑到云端威胁的演变速度与云本身一样迅速,为每个潜在攻击方案制定规则几乎是不可能的。Lacework FortiCNAPP的基于人工智能的异常检测使安全分析师能够检测到传统基于规则的系统无法完成的先前未定义的攻击模式。
集成的代码安全性:与云安全性集成的代码安全性使团队能够在应用程序生命周期的最早和成本效益最大的阶段解决问题。通过在平台内提供代码安全性作为一个积极的功能,客户可以节省时间和金钱,修复安全问题,减少易受攻击的应用程序和基础架构的风险,同时保持开发人员的生产力和创新速度。
合成警报:Lacework FortiCNAPP独特之处在于通过自动将各种信号相关联到一个高置信度的合成警报,以侦测主动攻击的早期迹象。该平台利用行为分析、异常检测、内部威胁情报以及云服务提供商活动日志和威胁服务的见解来识别主动攻击,包括被妥协的凭证、勒索软件和加密货币挖矿。
与飞塔信息安全体系的集成:与飞塔信息解决方案(如FortiSOAR)的集成使客户能够通过自动化修复 playbooks 来简化应对主动运行时威胁(如被妥协的主机和被妥协的访问密钥)。此外,与FortiGuard爆发警报的集成帮助团队了解Lacework FortiCNAPP如何提供增强的可见性和对最新威胁的更深入了解,以及该解决方案可以破坏潜在攻击的地方。
云基础建设授权管理(CIEM):Lacework FortiCNAPP提供CIEm,完全可见云身份及其权限。 它会自动发现身份,评估净有效权限,并通过比较授予与使用的权限来突出过多的权限。 每个身份都基于30多个因素被分配一个风险评分,帮助优先考虑高风险身份。 Lacework FortiCNAPP还提供自动化的修复指南来调整权限大小,确保最小特权访问。
第三方验证
Lacework FortiCNAPP基于Lacework的行业公认技术,Lacework一直被Gartner、GigaOm和KuppingerCole等领先的分析公司确认为CNAPP和云工作负载安全方面的领导者和代表性供应商。
"我们很高兴能继续与CrowdStrike合作,为我们的保单持有人提供各种安全解决方案的扩展组合。保单持有人现在有了各种各样的选择,从为小企业提供非常实惠的端点保护到为大型企业提供可定制的产品和解决方案,"Berkley网络风险解决方案首席承保官史蒂夫·克鲁斯科(Steve Krusko)说。"Berkley Cyber Risk Solutions的所有保单持有人都可以使用工具来减轻对其IT系统最相关的威胁。"
“Lacework FortiCNAPP帮助我们处理了我们从所有不同系统中获取的大量信息,从原生安全工具和云服务提供商提供的日志和警报工具,到我们购买的第三方工具,帮助解决这些问题。”
- 约翰·特纳,lendingtree 高级安全架构师
"Lacework 飞塔信息自动发现和编目了 LawnStarter 的 AWS 环境中活跃的用户、服务、安全组和秘钥,并将其与行业框架和合规要求进行比较。LawnStarter 可以快速提取由 Lacework 飞塔信息创建的定制报告,查看哪些资源符合要求。因此,LawnStarter 在过去一年中合规性违规减少了 75%,为公司节省了大量时间和金钱。LawnStarter 现在拥有一个强大的合规实践,这对赢得和保持与客户、供应商、投资者和顾问的信任至关重要。"
- 阿尔贝托·席尔维拉,LawnStarter 工程主管
了解飞塔信息的免费网络安全培训,其中包括广泛的网络安全意识和产品培训。作为飞塔培训促进议程的一部分,飞塔培训学院通过网络安全专家(NSE)认证、学术合作伙伴和教育外展计划提供培训和认证。
了解更多关于 Lacework 飞塔信息的信息。
学习有关Fortinet免费网络安全培训的信息,其中包括广泛的网络安全意识和产品培训。作为Fortinet培训推进议程(TAA)的一部分,Fortinet培训学院还提供网络安全专家(NSE)认证的培训和认证。,访问fortinet.com/trust了解有关飞塔信息创新、合作伙伴、产品安全流程和企业级产品的更多信息,为您提供可靠的网络安全保障。,了解飞塔信息对产品安全和完整性的承诺,包括其负责任的产品开发、漏洞披露方法和政策。
区间
阅读有关飞塔信息客户如何保护其组织的内容。
在X、LinkedIn、Facebook和Instagram上关注飞塔信息。订阅我们的博客或YouTube频道。
*加特纳,加特纳云原生应用保护平台市场指南,戴尔·库本,查理·温克利斯,尼尔·麦克唐纳德,埃斯拉·埃尔塔霍维,2024年7月22日
GARTNER是Gartner公司及其在美国和国际上的附属公司的注册商标和服务标记。保留所有权利。
加特纳不认可其研究出版物中描述的任何供应商、产品或服务,并不建议科技用户仅选择那些评级最高或其他指定的供应商。加特纳研究出版物包括加特纳研究机构的意见,不应被视为事实陈述。加特纳不对此研究的任何保证作出明示或暗示的声明,包括任何适销性或适用于特定用途的保证。
关于Fortinet FortinetFTNT,-0.33%保护全球最大的企业,服务提供商和政府机构。 Fortinet赋予客户跨越扩展攻击面的智能,无缝保护和具有扩展性对抗无边界网络的不断增长的性能需求-- 今天和将来。 唯一Fortinet Security Fabric架构可以在网络,应用程序,云或移动环境中提供不妥协的安全性,以应对最重要的安全性挑战。 Fortinet在世界范围内销售的安全设备数量最多,超过400,000家客户信任Fortinet保护他们的业务。 在http://www.fortinet.com,Fortinet Blog或FortiGuard Labs了解更多信息。
飞塔信息(纳斯达克股票代码:FTNT)是网络安全概念和网络和安全融合发展的推动力。我们的使命是在您需要的任何地方保护人员、设备和数据,如今,我们通过50多种企业级产品的最大集成组合,为您提供所需的网络安全。超过50万客户信赖飞塔信息的解决方案,这些解决方案在行业中部署最多,专利最多,并得到最多验证。飞塔信息培训学院是行业中最大、最广泛的培训项目之一,致力于为每个人提供网络安全培训和新的职业机会。与来自公共和私营部门的尊敬机构(包括CERT、政府实体和学术界)合作,是飞塔信息致力于全球增强网络韧性的基本方面。飞塔信息的研究部门FortiGuard Labs,利用最先进的机器学习和人工智能技术,为客户提供及时且一直排名靠前的保护和可行的威胁情报。了解更多信息,请访问《飞塔信息》博客和FortiGuard Labs。
