Fortinet Empowers Teams to Proactively Manage Cloud Risk with New Cloud-native Protection Offering, Available Now on AWS
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity solutions, today announced FortiCNP, a new built-in-the-cloud offering that correlates security findings from across an organization’s cloud footprint to facilitate friction-free cloud security operations. FortiCNP’s patented Resource Risk Insights (RRI)TM technology produces context-rich, actionable insights that help teams prioritize the remediation and mitigation of risks with the highest potential impact on cloud workload security without slowing down the business.
Also announced today, Fortinet is an Amazon Web Services (AWS) Launch Partner for Amazon GuardDuty Malware Protection, which provides agentless malware detection capabilities across AWS data stores, disk volumes, and workload images. FortiCNP supports Amazon GuardDuty Malware Protection, delivering near-real-time threat protection with zero-permission capabilities to actively scan running workloads with no impact or delays to operations.
The rapid pace of cloud adoption as part of a hybrid IT architecture allows organizations to achieve faster time to market and increased responsiveness to customer needs. However, the cloud can increase overall security risk, which is often addressed by adding new security solutions to an organization’s existing infrastructure. Each of these solutions comes with a litany of alerts that often require manual analysis and can quickly compound across an organization’s cloud deployment.
“Without the proper tools, security professionals must manually sift through hundreds, if not thousands, of security alerts on a daily basis,” said Doug Cahill, Vice President, Analyst Services and Senior Analyst at Enterprise Strategy Group (ESG). “Inundated with alerts, teams can face decreased productivity, inefficient workflows, and security risks accumulating faster than they can be addressed. FortiCNP helps cut through the noise, pointing teams to the security alerts that matter most.”
Customers are already experiencing the benefits of FortiCNP’s approach to cloud-native risk management:
“FortiCNP gives us comprehensive cloud visibility with an intuitive dashboard that allows us to easily track risk management over time,” said Caio Hyppolito, Chief Technology Officer (CTO) at BK Bank. “Most importantly, it enables our team to focus on securing high-priority resources instead of spending time working through long lists of security findings. Integrations with the products we already have allow us to get even more value out of our deployment and allow broader visibility and easier, more proactive cloud security management.”
Partners are also leveraging FortiCNP to enhance their offerings:
“As an AWS Level 1 MSSP Competency Partner, Observian is dedicated to ensuring our service offerings support customers in building scalable, secure cloud deployments. Observian is thrilled to deliver a new service featuring Fortinet’s new Cloud-Native Protection solution, FortiCNP, with Observian’s trusted and proven managed detection and response services,” said Scott Plamondon, Co-Founder and VP of Architecture at Observian. “FortiCNP allows customers to easily integrate, more quickly operationalize, and immediately benefit from AWS’s native-cloud security services with more targeted and actionable alerts tuned to their needs and less noise. Our customers that rely on Observian’s Security Operations team will benefit from our ability to even better triage and report on those alerts 24/7.”
A defining feature of FortiCNP is integration with AWS security products and services, and the Fortinet Security Fabric, which helps organizations more effectively secure their cloud environments and maximize their cloud security investments.
"At AWS, we provide our customers with smarter tools to easily take action and mitigate risk faster,” said Jon Ramsey, Vice President (VP) AWS Security. "Security Partners like Fortinet with their FortiCNP offering built on AWS and integrated with our security services like Amazon GuardDuty give customers a choice to simplify and accelerate their cloud journey with cloud-native security services."
FortiCNP delivers the following features that allow security teams to effectively manage risk in the cloud:
- FortiCNP Resource Risk Insights (RRI)TM leverages a patented risk score algorithm to contextualize security findings from Fortinet Cloud Security solutions and AWS products and services to provide teams with prioritized, context-rich, and actionable insights about resources that present the highest risk and need immediate attention.
- By analyzing, correlating, and contextualizing security findings from AWS cloud security services with FortiCNP, customers maximize the value and benefit from easy deployment capabilities offered by Amazon GuardDuty Malware Protection, Amazon Inspector, AWS Security Hub, AWS CloudTrail, and AWS Organizations.
- Integrations with Amazon GuardDuty Malware Protection leverage a zero-permission, agentless approach for detecting malware throughout the data supply chain by scanning cloud data stores, disk volumes, and workload images.
- Integrations with digital workflow solutions turn FortiCNP RRIs into intuitively actionable workflow tasks as part of the cloud infrastructure lifecycle.
- For customers utilizing Fortinet Cloud Security solutions such as FortiGate-VM and FortiWeb, RRIs will be able to trigger stop-gap remediations to block high-impact threats.
- FortiCNP continuously scans and monitors changes to cloud data with industry-leading threat intelligence and content scanning powered by FortiGuard Labs.
FortiCNP will be continually expanded to ingest more types of cloud security findings to provide broader context across more cloud workloads. Enabling consistent workflows that scale security across the public cloud helps teams improve security coverage, productivity, and risk mitigation—at the speed of the cloud. Cloud-native integrations facilitate reduced friction from deployment through operations. With consistent workflows utilizing cloud-native services across multiple clouds, security teams will no longer be required to master the intricacies of each cloud platform’s security service operational model. This will help security teams increase productivity by effectively working through cloud security backlog, mitigating risk, and quantifiably improving cloud security over time.
“FortiCNP is the latest example of Fortinet’s commitment to delivering Fabric solutions that extend enterprise security with cloud-native integrations,” said John Maddison, EVP of Products and CMO at Fortinet. “We’re pleased to continue to deliver solutions that allow security professionals to transition from time-consuming triage and manual analysis processes to proactively securing their cloud workloads and easily understand their cloud security risk.”
Today’s announcement builds on Fortinet and AWS’ relationship to support customers in accelerating their journey to AWS. Fortinet has also been named an AWS Security Competency Partner, with FortiCNP serving as the latest example of Fortinet’s commitment to delivering purpose-built cloud security solutions that integrate with AWS products and solutions. Fortinet delivers one of the broadest sets of use cases with comprehensive security for AWS workloads including firewall, security gateway, intrusion prevention, and web application security. With flexible procurement options in AWS Marketplace, including contract and consumption offerings, and a range of available form factors, including Software-as-a-Service (SaaS), virtual machine (VM), container, and application programming interface (API) based protection, customers can address a broad variety of AWS security and procurement requirements to protect their AWS workloads.
- Read the blog to learn more about how FortiCNP helps build consistent visibility and control across your multi-cloud network.
- Watch the executive interview to learn more about FortiCNP from Jon Ramsey of AWS and John Maddison of Fortinet.
- Watch the animated video to learn more about proactively managing cloud risk with FortiCNP
- Learn more about Fortinet Cloud Security for AWS.
- Learn more about how the Fortinet Security Fabric delivers broad, integrated, and automated protection across an organization’s entire digital infrastructure.
- Learn more about FortiGuard Labs threat intelligence and research or Fortinet’s AI-powered FortiGuard Security Services portfolio.
- Learn more about Fortinet’s free cybersecurity training, which includes broad cyber awareness and product training. As part of the Fortinet Training Advancement Agenda (TAA), the Fortinet Training Institute also provides training and certification through the Network Security Expert (NSE) Certification, Academic Partner, and Education Outreach programs.
- Read more about how Fortinet customers are securing their organizations.
- Engage in the Fortinet User Community (Fuse). Share ideas and feedback, learn more about our products and technology, and connect with peers.
- Follow Fortinet on Twitter, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on YouTube.
Fortinet (NASDAQ: FTNT) makes possible a digital world that we can always trust through its mission to protect people, devices, and data everywhere. This is why the world’s largest enterprises, service providers, and government organizations choose Fortinet to securely accelerate their digital journey. The Fortinet Security Fabric platform delivers broad, integrated, and automated protections across the entire digital attack surface, securing critical devices, data, applications, and connections from the data center to the cloud to the home office. Ranking #1 in the most security appliances shipped worldwide, more than 580,000 customers trust Fortinet to protect their businesses. And the Fortinet NSE Training Institute, an initiative of Fortinet’s Training Advancement Agenda (TAA), provides one of the largest and broadest training programs in the industry to make cyber training and new career opportunities available to everyone. Learn more at https://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.
Copyright © 2022 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiCare, FortiManager, FortiAnalyzer, FortiOS, FortiADC, FortiAP, FortiAppMonitor, FortiASIC, FortiAuthenticator, FortiBridge, FortiCache, FortiCamera, FortiCASB, FortiClient, FortiCloud, FortiConnect, FortiController, FortiConverter, FortiDB, FortiDDoS, FortiExplorer, FortiExtender, FortiFone, FortiCarrier, FortiHypervisor, FortiIsolator, FortiMail, FortiMonitor, FortiNAC, FortiPlanner, FortiPortal, FortiPresence , FortiProxy, FortiRecorder, FortiSandbox, FortiSIEM, FortiSwitch, FortiTester, FortiToken, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLCOS and FortiWLM.
Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments. This news release may contain forward-looking statements that involve uncertainties and assumptions, such as statements regarding technology releases among others. Changes of circumstances, product release delays, or other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this press release. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and expressly disclaims any obligation to update these forward-looking statements.