Fortinet empowers teams to proactively manage cloud risk with new cloud-native protection offering, available now on AWS

News summary

Fortinet (NASDAQ: FTNT), a global leader in broad, integrated and automated cyber security solutions, today announced FortiCNP, a new built-in-the-cloud offering that correlates security findings from across an organisation’s cloud footprint to facilitate friction-free cloud security operations. FortiCNP’s patented Resource Risk Insights (RRI) technology produces context-rich, actionable insights that help teams prioritise the remediation and mitigation of risks with the highest potential impact on cloud workload security without slowing down the business.

Also announced today, Fortinet is an Amazon Web Services (AWS) launch partner for Amazon GuardDuty Malware Protection, which provides agentless malware detection capabilities across AWS data stores, disk volumes and workload images. FortiCNP supports Amazon GuardDuty Malware Protection, delivering near real-time threat protection with zero-permission capabilities to actively scan running workloads with no impact or delays to operations.

The rapid pace of cloud adoption as part of a hybrid IT architecture allows organisations to achieve faster time to market and increased responsiveness to customer needs. However, the cloud can increase overall security risk, which is often addressed by adding new security solutions to an organisation’s existing infrastructure. Each of these solutions comes with a litany of alerts that often require manual analysis and can quickly compound across an organisation’s cloud deployment.

“Without the proper tools, security professionals must manually sift through hundreds, if not thousands, of security alerts on a daily basis,” said Doug Cahill, Vice-President, Analyst Services and Senior Analyst at Enterprise Strategy Group (ESG). “Inundated with alerts, teams can face decreased productivity, inefficient workflows and security risks accumulating faster than they can be addressed. FortiCNP helps cut through the noise, pointing teams to the security alerts that matter most.”

Customers are already experiencing the benefits of FortiCNP’s approach to cloud-native risk management: “FortiCNP gives us comprehensive cloud visibility with an intuitive dashboard that allows us to easily track risk management over time,” said Caio Hyppolito, Chief Technology Officer (CTO) at BK Bank. “Most importantly, it enables our team to focus on securing high-priority resources instead of spending time working through long lists of security findings. Integrations with the products we already have allow us to get even more value out of our deployment and allow broader visibility and easier, more proactive cloud security management.”

Partners are also leveraging FortiCNP to enhance their offerings:

“As an AWS Level 1 MSSP Competency Partner, Observian is dedicated to ensuring our service offerings support customers in building scalable, secure cloud deployments. Observian is thrilled to deliver a new service featuring Fortinet’s new Cloud-Native Protection solution, FortiCNP, with Observian’s trusted and proven managed detection and response services,” said Scott Plamondon, Co-Founder and VP of Architecture at Observian. “FortiCNP allows customers to easily integrate, more quickly operationalise and immediately benefit from AWS’s native-cloud security services with more targeted and actionable alerts tuned to their needs and less noise. Our customers that rely on Observian’s Security Operations team will benefit from our ability to even better triage and report on those alerts 24/7.”

A defining feature of FortiCNP is integration with AWS security products and services, and the Fortinet Security Fabric, which helps organisations more effectively secure their cloud environments and maximise their cloud security investments.

"At AWS, we provide our customers with smarter tools to easily take action and mitigate risk faster,” said Jon Ramsey, Vice-President (VP) AWS Security. "Security partners like Fortinet with their FortiCNP offering built on AWS and integrated with our security services like Amazon GuardDuty give customers a choice to simplify and accelerate their cloud journey with cloud-native security services."

FortiCNP delivers the following features that allow security teams to effectively manage risk in the cloud:

• FortiCNP Resource Risk Insights (RRI) leverages a patented risk score algorithm to contextualise security findings from Fortinet Cloud Security solutions and AWS products and services to provide teams with prioritised, context-rich and actionable insights about resources that present the highest risk and need immediate attention.
• By analysing, correlating and contextualising security findings from AWS cloud security services with FortiCNP, customers maximise the value and benefit from easy deployment capabilities offered by Amazon GuardDuty Malware Protection, Amazon Inspector, AWS Security Hub, AWS CloudTrail and AWS Organizations.
• Integrations with Amazon GuardDuty Malware Protection leverage a zero-permission, agentless approach for detecting malware throughout the data supply chain by scanning cloud data stores, disk volumes and workload images.
• Integrations with digital workflow solutions turn FortiCNP RRIs into intuitively actionable workflow tasks as part of the cloud infrastructure life cycle.
• For customers utilising Fortinet Cloud Security solutions such as FortiGate-VM and FortiWeb, RRIs will be able to trigger stop-gap remediations to block high-impact threats.
• FortiCNP continuously scans and monitors changes to cloud data with industry-leading threat intelligence and content scanning powered by FortiGuard Labs.

FortiCNP will be continually expanded to ingest more types of cloud security findings to provide broader context across more cloud workloads. Enabling consistent workflows that scale security across the public cloud helps teams improve security coverage, productivity and risk mitigation – at the speed of the cloud. Cloud-native integrations facilitate reduced friction from deployment through operations. With consistent workflows utilising cloud-native services across multiple clouds, security teams will no longer be required to master the intricacies of each cloud platform’s security service operational model. This will help security teams increase productivity by effectively working through cloud security backlog, mitigating risk and quantifiably improving cloud security over time.

“FortiCNP is the latest example of Fortinet’s commitment to delivering Fabric solutions that extend enterprise security with cloud-native integrations,” said John Maddison, EVP of Products and CMO at Fortinet. “We’re pleased to continue to deliver solutions that allow security professionals to transition from time-consuming triage and manual analysis processes to proactively securing their cloud workloads and easily understand their cloud security risk.”

Today’s announcement builds on Fortinet and AWS’s relationship to support customers in accelerating their journey to AWS. Fortinet has also been named an AWS Security Competency Partner, with FortiCNP serving as the latest example of Fortinet’s commitment to delivering purpose-built cloud security solutions that integrate with AWS products and solutions. Fortinet delivers one of the broadest sets of use cases with comprehensive security for AWS workloads including firewall, security gateway, intrusion prevention and web application security. With flexible procurement options in AWS Marketplace, including contract and consumption offerings and a range of available form factors, including software as a service (SaaS), virtual machine (VM), container and application programming interface (API) based protection, customers can address a broad variety of AWS security and procurement requirements to protect their AWS workloads.

Get a free trial of FortiCNP at AWS Marketplace: https://www.forticnp-aws.com

Additional resources

• Read the blog to learn more about how FortiCNP helps build consistent visibility and control across your multicloud network.
• Watch the executive interview to learn more about FortiCNP from Jon Ramsey of AWS and John Maddison of Fortinet.
• Watch the animated video to learn more about proactively managing cloud risk with FortiCNP.
• Learn more about Fortinet Cloud Security for AWS.
• Learn more about how the Fortinet Security Fabric delivers broad, integrated and automated protection across an organisation’s entire digital infrastructure.
• Learn more about FortiGuard Labs threat intelligence and research or Fortinet’s AI-powered FortiGuard Security Services portfolio.
• Learn more about Fortinet’s free cyber security training, which includes broad cyber awareness and product training. As part of the Fortinet Training Advancement Agenda (TAA), the Fortinet Training Institute also provides training and certification through the Network Security Expert (NSE) Certification, Academic Partner and Education Outreach programmes.
• Read more about how Fortinet customers are securing their organisations.
• Engage in the Fortinet User Community (Fuse). Share ideas and feedback, learn more about our products and technology and connect with peers.
• Follow Fortinet on Twitter, LinkedIn, Facebook and Instagram. Subscribe to Fortinet on YouTube.