Cloud risk management made easy with Fortinet

News Desk -

Share

Fortinet, a global provider of broad, integrated, and automated cybersecurity solutions, has announced FortiCNP, a new built-in-the-cloud offering that correlates security findings from across an organization’s cloud footprint to facilitate friction-free cloud security operations.

FortiCNP’s patented Resource Risk Insights (RRI)TM technology generates context-rich, actionable insights that assist teams in prioritizing the remediation and mitigation of risks with the greatest potential impact on cloud workload security without slowing down the business.

Fortinet has also been named an Amazon Web Services (AWS) Launch Partner for Amazon GuardDuty Malware Protection, which provides agentless malware detection across AWS data stores, disk volumes, and workload images. FortiCNP supports Amazon GuardDuty Malware Protection, which provides near-real-time threat protection with zero-permission capabilities to actively scan running workloads with no impact or delays.

Because of the rapid adoption of cloud computing as part of a hybrid IT architecture, organizations can achieve faster time to market and greater responsiveness to customer needs. The cloud, on the other hand, can increase overall security risk, which is frequently addressed by integrating new security solutions into an organization’s existing infrastructure. Each of these solutions comes with a slew of alerts that frequently necessitate manual investigation and can quickly accumulate across an organization’s cloud deployment.

“Without the proper tools, security professionals must manually sift through hundreds, if not thousands, of security alerts on a daily basis,” said Doug Cahill, Vice President, Analyst Services and Senior Analyst at Enterprise Strategy Group (ESG). “Inundated with alerts, teams can face decreased productivity, inefficient workflows, and security risks accumulating faster than they can be addressed. FortiCNP helps cut through the noise, pointing teams to the security alerts that matter most.” 

Integration with AWS security products and services, as well as the Fortinet Security Fabric, is a distinguishing feature of FortiCNP, allowing organizations to more effectively secure their cloud environments and maximize their cloud security investments.

“At AWS, we provide our customers with smarter tools to easily take action and mitigate risk faster,” said Jon Ramsey, Vice President (VP) AWS Security. “Security Partners like Fortinet with their FortiCNP offering built on AWS and integrated with our security services like Amazon GuardDuty give customers a choice to simplify and accelerate their cloud journey with cloud-native security services.”

FortiCNP delivers the following features that allow security teams to effectively manage risk in the cloud:

  • FortiCNP Resource Risk Insights (RRI)TM uses a patented risk score algorithm to contextualize security findings from Fortinet Cloud Security solutions and AWS products and services, providing teams with prioritized, context-rich, and actionable insights about resources that are the most vulnerable and require immediate attention.
  • Customers maximize the value and benefit from the easy deployment capabilities offered by Amazon GuardDuty Malware Protection, Amazon Inspector, AWS Security Hub, AWS CloudTrail, and AWS Organizations by analyzing, correlating, and contextualizing security findings from AWS cloud security services with FortiCNP.
  • Amazon GuardDuty Malware Protection integrations use a zero-permission, agentless approach to detect malware throughout the data supply chain by scanning cloud data stores, disk volumes, and workload images.
  • Integrations with digital workflow solutions turn FortiCNP RRIs into intuitively actionable workflow tasks as part of the cloud infrastructure lifecycle. 
  • For customers utilizing Fortinet Cloud Security solutions such as FortiGate-VM and FortiWeb, RRIs will be able to trigger stop-gap remediations to block high-impact threats.  
  • FortiCNP continuously scans and monitors changes to cloud data using FortiGuard Labs’ industry-leading threat intelligence and content scanning.

FortiCNP will be continuously expanded to ingest more types of cloud security findings in order to provide broader context across a wider range of cloud workloads. Enabling consistent workflows that scale security across the public cloud enables teams to improve security coverage, productivity, and risk mitigation—all while operating at the speed of the cloud. Integrations that are cloud-native reduce friction from deployment to operations. Security teams will no longer be required to master the intricacies of each cloud platform’s security service operational model with consistent workflows utilizing cloud-native services across multiple clouds. This will assist security teams in increasing productivity by effectively working through the cloud security backlog, mitigating risk, and improving cloud security over time.

“FortiCNP is the latest example of Fortinet’s commitment to delivering Fabric solutions that extend enterprise security with cloud-native integrations,” said John Maddison, EVP of Products and CMO at Fortinet. “We’re pleased to continue to deliver solutions that allow security professionals to transition from time-consuming triage and manual analysis processes to proactively securing their cloud workloads and easily understand their cloud security risk.”

Today’s announcement expands on Fortinet and AWS’ collaboration to help customers accelerate their journey to AWS. FortiCNP is the latest example of Fortinet’s commitment to providing purpose-built cloud security solutions that integrate with AWS products and solutions.

Fortinet provides one of the most comprehensive sets of use cases for AWS workload security, including firewall, security gateway, intrusion prevention, and web application security. Customers can address a wide range of AWS security and procurement requirements by using flexible procurement options in AWS Marketplace, such as contract and consumption offerings, and a variety of available form factors, such as Software-as-a-Service (SaaS), virtual machine (VM), container, and application programming interface (API) based protection.