← Cloud Security Posture ManagementLacework (Fortinet)

AdequateAdequateAdequateAdequate

4.3

Vendors › Cloud Security Posture Management › Lacework (Fortinet)

Lacework (Fortinet)

Name: Lacework (Fortinet)
Rating: 4.3 (305 reviews)
Author: Fortinet (acquired 2024)

Fortinet (acquired 2024)

Founded 2015·US·Private

4.3

Combined score

4.4210

Gartner

4.495

⚠

Security incident on record — Acquired by Fortinet 2024 — product direction uncertain

▪ Editorial verdict

Lacework built a genuinely innovative behavioural anomaly detection approach to cloud security, identifying threats by deviating from normal patterns rather than matching signatures. The technology is real and differentiated. The concern for buyers in 2025 is the Fortinet acquisition: roadmap investment, integration timeline, and product continuity are all questions that require direct answers before committing to a multi-year platform contract.

The capability itself is solid for multi-cloud environments and the compliance reporting covers major frameworks adequately. The concern is not the technology, it is the organisational uncertainty around where Lacework fits in the Fortinet portfolio long-term.

The verdict: Lacework is worth evaluating for organisations that value behavioural anomaly detection, but buyers should get specific answers from Fortinet about product investment and roadmap before committing. Organisations that cannot tolerate acquisition uncertainty should evaluate Wiz or Orca.

Last reviewed: May 2026

4.4210 reviews

Gartner

4.495 reviews

Gartner MQ: Visionary (CNAPP 2025)

Cloud Security Posture Management assessment

PROTECTIONAdequate

Cloud platform coverage

4 / 5

AWS, Azure, GCP with ML-powered behavioural anomaly detection. Scored 4 because coverage breadth is good but Fortinet acquisition (2024) has created roadmap uncertainty.

Sources: Lacework documentation, Fortinet acquisition announcement

Risk prioritisation

3 / 5

Polygraph data platform uses ML for behavioural anomaly detection — effective at finding unknown threats. Scored 3 because traditional rule-based compliance posture coverage is weaker.

Sources: Lacework documentation

OPERATIONSAdequate

Remediation workflows

3 / 5

Solid remediation guidance. Scored 3 because post-acquisition development pace has slowed.

Sources: Lacework documentation, G2 reviews

ANALYTICSAdequate

Compliance reporting

3 / 5

Scored 3 because compliance reporting depth is less than Wiz or Prisma Cloud.

Sources: Lacework documentation

TRUST & ECOSYSTEMAdequate

Multi-cloud scale

3 / 5

Handles enterprise multi-cloud well. Scored 3 because Fortinet acquisition creates scale and roadmap uncertainty.

Sources: Gartner CNAPP MQ 2025

Strongest: Cloud platform coverage

Watch out for: Multi-cloud scale

Strengths & limitations

Strengths

●Polygraph data platform — ML-powered behavioural anomaly detection

●Strong multi-cloud support with unified data ingestion

●Fortinet acquisition brings network security integration potential

Watch out for

●Acquired by Fortinet 2024 — roadmap uncertainty

●Customer support rated slow by some reviewers

●Less mature compliance reporting than Wiz

Best for

Teams wanting CSPM combined with behavioural anomaly detection — evaluate post-acquisition roadmap carefully.

Not suitable for: Buyers concerned about post-acquisition roadmap uncertainty

Compliance coverage

●SOC 2

●HIPAA

●NIST CSF

●PCI-DSS

●GDPR

●ISO 27001

●CIS Benchmarks

○Essential Eight

○AU Privacy Act

○CMMC

○NIS2

○DORA

Switching intelligence

Switching from

Common migration paths based on review data

Prisma Cloud (cost)

Also considering

Vendors typically shortlisted alongside

← Back to Cloud Security Posture Management Compare with other Cloud Security Posture Management vendors →

Quick facts

Pricing modelper-environment subscription

Pricing range$30,000-$150,000 annually

Free trialNo

Min seatsNo minimum

Deployment time1-2 weeks

Complexity2 / 5

Pricing transparency2 / 5

AU presenceNo

IRAP assessedNo

Open sourceProprietary

Deployment

ModelsSaaS

OS supportCloud-native + agent

CloudAWS, Azure, GCP

SupportEmail, Phone, Dedicated CSM

Data residencyUS, EU

Company

Fortinet (acquired 2024)

Founded 2015 · 500-800 employees · Private

HQ: US

$100M+ ARR est.

Certifications

SOC 2 Type II, ISO 27001

Integrations

SplunkJiraPagerDutySlackGitHubKubernetesFortinet FortiSIEM