Simplify Your Cloud Security
FortiCNP, Fortinet’s cloud-native protection solution, helps you quickly discover and prioritize your risk across your disparate security services. Sign up for a customized demo to discover how FortiCNP can boost your AWS Cloud security.
Fill out this form to get your personalized demo
Get Started
Proactively Manage Cloud Security Risk
FortiCNP can help eliminate alert fatigue and increase your security posture to keep business-critical workflows humming, all while saving you time and resources. It also:
- Provides comprehensive visibility and actionable insights
- Streamlines operations and tracks risk posture over time
- Maximizes ROI on your AWS service investments by bringing context to the streams of alerts
Easily Track Risk Management Over Time
FortiCNP, Fortinet’s cloud-native protection solution, simplifies risk management for your AWS workloads and accelerates the ROI of your AWS security services by analyzing risk outcomes to produce actionable insights. Unlike traditional CSPM and CWPP products that require agents, FortiCNP delivers zero-permission security coverage to efficiently and effectively secure cloud workloads.
- Caio Hyppolito, CTO at BK Bank.
Deep Integrations Offer You Powerful Insights
FortiCNP natively integrates with AWS security services, such as Amazon GuardDuty, Amazon Inspector, and AWS Security Hub, to provide broader context across your AWS workloads. For Fortinet customers, our cloud security products can further enhance your FortiCNP insights, enabling stop-gap remediations to block high impact threats.
Ready to get started?
Copyright © 2022 Fortinet, Inc. | All Rights Reserved
FortiCNP, Fortinet’s cloud-native protection solution, helps you quickly discover and prioritize your risk across your disparate security services. Sign up for a customized demo to discover how FortiCNP can boost your AWS Cloud security.
Deep Integrations Offer You Powerful Insights
Sign up for your demo and we will show you how you can simplify your cloud security and eliminate alert fatigue.
FortiCNP scans and monitors customer cloud configurations to evaluate best practices and detect misconfiguration risk.
Integrations: AWS Security Hub, Azure Security Center. GCP Security Health Analytics
FortiCNP analyzes the impact of vulnerabilities against your cloud resources to assess risk.
Integrations: Amazon Inspector Microsoft Defender for Cloud
FortiCNP ingests information from Cloud Native security services and Fortinet products for Workload and Network threat detection findings.
Integrations: Amazon GuardDuty, VPC Flow Logs, CloudTrail Microsoft Defender for Cloud, NSG Flow Logs CloudTrail, VPC Flow Logs
FortiCNP incorporates permission information to correlate the impact of risk across different resources.
FortiCNP scans for malware in data and utilizes data classification information from cloud native tools to evaluate the impact of security risk on or from your data.
Integrations: Amazon S3 Azure Blob GCP Cloud Storage
FortiCNP integrates with Kubernetes Environments to scan configuration and monitor traffic flows.
Integrations: Amazon EKS Azure AKS Google Kubernetes EngineSelf-Managed Kubernetes
FortiCNP Scans container registries for vulnerabilities allowing DevOps teams to pass or fail build pipelines based on scan results.
Integrations: Amazon ECR Azure Container Registry Google Container RegistryHarbor Container RegistryOpenShift Container RegistryDocker Hub
FortiCNP allows security analysts to interact with other teams in the ways that are most natural to the organization.
Integrations: JIRA ServiceNow Jenkins
FortiCNP provides point in time risk snapshot and compliance reports to non FortiCNP users. ServiceNow Jenkins
AWS SERVICE
The AWS Resource API is used to collect information regarding your cloud resources in a read-only manner.
AWS organizations are used to import environments that include more than a single AWS account and are organized using the AWS organizations feature.
FortiCNP ingests CloudTrail events to identify changes to your environment.
VPC Flow logs are used to establish traffic patterns in your environment as well as detect deviations from normal patterns.
AWS Security Hub is used to collect all security information from AWS services such as GuardDuty, Inspector and others. FortiCNP utilizes the finding normalization and aggregation capabilities of Security Hub. Security Hub Controls are not used by FortiCNP.
GuardDuty Threat Detection Service is used by FortiCNP to cross correlate risk with imminent threats and prioritize.
Inspector Vulnerabilities are used to establish package, library and network configuration vulnerability risk.
Azure Services
The Azure REST API is used to collect information regarding your cloud resources in a read-only manner.
Azure Log Analytics is used to collect information from the Azure platform and detect any changes to resource configurations.
NSG Flow Events are used to establish traffic patterns in your environment as well as detect deviations from normal patterns.
Azure Security Center provides FortiCNP with information from Microsoft Defender for detecting vulnerabilities and threats for cloud workloads.
GCP Services
The GCP API is used to collect information regarding your cloud resources in a read-only manner.
VPC Flow logs are used to establish traffic patterns in your environment as well as detect deviations from normal patterns.
Cloud Logs are used to collect information from GCP and detect any changes to resource configurations.
Is there a free trial or POC?
Yes. If you want to try FortiCNP today, you can sign up for a 14-day test drive through AWS Marketplace. Otherwise, if you sign up for a live demo and like what you see, you can be set up with a test drive at that time.
What are the available consumption models?
FortiCNP is available in monthly PAYG, annual, and multi-year subscriptions from AWS Marketplace. A 14-day test drive is available with the monthly PAYG subscription. Additionally, Private Offers are available.
How do you set up CNP?
You can watch the step-by-step tutorial here: https://www.youtube.com/watch?v=kzhNjTptUzY
What drives the insights?
FortiCNP’s has patented a new algorithm called Resource Risk Insights (RRI). This technology correlates and contextualizes security alerts and findings from security services and Fortinet solutions to produce an aggregated risk score. That risk score is then used to stack-rank, or prioritize, the workloads with the highest risk.
RRI also enables remediation workflows through FortiSOAR, or your solution of choice, to help security teams rationalize the risk and what to do to remediate the risk.
Do we have to enable VPC flow logs for FortiCNP to work?
VPC logs are not required for FortiCNP to work. However, enabling flow logs will allow FortiCNP to analyze traffic patterns within your cloud account and identify potentially malicious traffic. This information can lead to a better quantification of risks to your assets as well as the prioritization of security work.
Does FortiCNP auto-remediate?
No. We have found that most people we engage with ultimately want more control and visibility. However, there is a hook into FortiSoar which allows for remediation.