ORDERING GUIDE

Lacework FortiCNAPP
Lacework FortiCNAPP is the most comprehensive unified data-driven cloud-native application protection
platform (CNAPP) that empowers organizations to easily secure everything from code to cloud. Using agent
and agentless technologies to continuously collect, correlate, and analyze a broad range of data, it allows
security teams to gain unparalleled context to fix security issues more quickly.

Lacework FortiCNAPP offers the following tiers:

• Standard: start protecting what you build and run in the cloud

• Professional: gain advanced functionality to prioritize risks and detect threats

• Enterprise: unlock the full breadth of capabilities to prioritize risks, prove compliance, find threats, and
operationalize security across clouds

Lacework FortiCNAPP also offers the following:

• Code Security: secure the code for all of your cloud-native applications and reduce your risk footprint

The following table summarizes the features included for each tier. All features are SaaS. You can deploy
agents to on-premise workloads:
STANDARD PROFESSIONAL ENTERPRISE
Features

Vulnerability Assessment Standard risk score Advanced with custom risk score Advanced with custom risk score

Security Posture Management ⃝✓ ⃝✓ ⃝✓

Cloud detection and response (cloud account Cloud detection and response (cloud account
Cloud detection and response (cloud account audit log monitoring, Kubernetes (K8s) audit audit log monitoring, Kubernetes (K8s) audit
Threat Detection
audit log monitoring) log monitoring, Amazon Elastic K8s Service log monitoring, Amazon EKS, GKE, workoad
(Amazon EKS), Google K8s Engine (GKE) security for VMs, containers, and K8s
Enforcement for Vulnerable Images ⃝✓ ⃝✓
Cloud Infrastructure Entitlement
⃝✓ ⃝✓
Management
File Integrity Monitoring ⃝✓

The following table summarizes the features included for Code Security:

CODE SECURITY
Features
Software Composition Analysis ⃝✓
Static Application Security Testing (SAST) ⃝✓
Infrastructure as Code Security ⃝✓
Secrets ⃝✓
License Compliance ⃝✓
Software Bill of Materials ⃝✓

ORDER INFORMATION
SOLUTION DESCRIPTION SKU MOQ
Lacework FortiCNAPP Standard Standard tier. Entitlement per vCPU, including FortiCare Premium. FC1-10-LACWK-1063-02-DD 500 vCPUs
Lacework FortiCNAPP Professional Professional tier. Entitlement per vCPU, including FortiCare Premium. FC1-10-LACWK-1064-02-DD 375 vCPUs
Lacework FortiCNAPP Enterprise Enterprise tier. Entitlement per vCPU, including FortiCare Premium. FC1-10-LACWK-1065-02-DD 250 vCPUs
Lacework FortiCNAPP Code Security Lacework FortiCNAPP Code Security for one code-contributing developer FC-10-LACEWK-1088-02-DD 20

1
ORDERING GUIDE | Lacework FortiCNAPP

PRODUCT OFFERINGS - DEPLOYMENT SERVICES

FORTICNAPP QUICKSTART STANDARD

Quick FortiCNAPP implementation and onboarding with guidance from expert FortiCNAPP architects
• Kick off, up to eight interactive workshops, and a review session to guide and support the customer with recommended next
steps
• Customers receive one tailored Getting Started Plan document and a summary readout of activities performed and a review
of the project

FORTICNAPP QUICKSTART ENTERPRISE

Thorough FortiCNAPP implementation and onboarding with high-touch guidance from expert FortiCNAPP architects
• Kick off, up to 16 interactive workshops, and a review session to guide and support the customer with recommended next
steps
• Customers receive a summary readout of activities performed and review of the project, a Technical Deployment Plan, up to
two (2) customer-tailored Compliance Burndown report and a FortiCNAPP adoption and value summary report

FORTICNAPP ONDEMAND SERVICES FLEX

Flexible blocks of days with a designated CNAPP architect providing high-touch assistance to boost product adoption and
accelerate ROI and value realization with Lacework FortiCNAPP
• Examples of assistance: Onboarding, implementation and tuning integrations, training on new and advanced features,
customized solutions including scripts and automation, delivering templates, documentation and runbooks, and more
• Perform any number of workshops or working sessions to operationalize Lacework FortiCNAPP in any supported
environment

PRODUCT OFFERINGS - CLOUD CONSULTING SERVICES

To ensure a successful outcome, adding one of the following two service packages is highly recommended, especially when the
customer already has or is considering other Fortinet cloud Security Fabric products, such as FortiGate-VM.

FORTICNAPP CLOUD CONSULTING SERVICE ESSENTIAL

This 3-day FortiCNAPP consulting service focused on quick onboarding of FortiCNAPP and integration with the rest of the
Fortinet security fabric as appropriate

• Onboard public cloud accounts in any of AWS, Azure, GCP and OCI environments for both agentless and agent-based
scanning

• Configuration of CSP-native services for smooth integration with FortiCNAPP; training and enablement on the FortiCNAPP
platform

2
 ORDERING GUIDE | Lacework FortiCNAPP

PRODUCT OFFERINGS - CLOUD CONSULTING SERVICES

FORTICNAPP CLOUD CONSULTING SERVICE PREFERRED

This 5-day advanced consulting service ensures the successful onboarding of FortiCNAPP, integration with CI/CD tools and
Fortinet security fabric. This offering expands upon the Essential service package by including:
• Advanced cloud integration assistance (such as Control Tower, EKS, and Terraform)
• SECOPS / CI/CD integration assistance and platform extension via automation scripts
• Design and integration documentation for thorough Transfer of Information (TOI)
Note: we understand some projects may require a bespoke engagement. Please reach out directly for any custom scoping.

CLOUD SECURITY POSTURE ASSESSMENT (4 DAYS)

This assessment aims to prevent financial losses, brand damage, and productivity decline by guiding customers towards better
security practices and ongoing compliance. More on CSPA Service.

APPLICATION SECURITY POSTURE ASSESSMENT (3 DAYS)

This assessment offers short- and medium-term steps to assess web applications by performing multiple application security
testing scans at different stages of the software development life cycle. More on ASPA Service.

ORDER INFORMATION - SERVICES

DEPLOYMENT SERVICES DESCRIPTION SKU MOQ

FortiCNAPP QuickStart Standard Quick FortiCNAPP implementation and onboarding with guidance from expert FortiCNAPP architects FP-10-QSCNAPP-DP1-00-02 2 days

Thorough FortiCNAPP implementation and onboarding with high-touch guidance from expert
FortiCNAPP QuickStart Enterprise FP-10-QSCNAPP-DP3-00-03 5 days
FortiCNAPP architects
FortiCNAPP OnDemand Services Flexible blocks of days with a designated CNAPP architect providing high-touch assistance to boost
FP-10-CNAPP-ODSF 6 days
Flex product adoption and accelerate ROI and value realization with Lacework FortiCNAPP

CLOUD CONSULTING
DESCRIPTION SKU MOQ
SERVICES
FortiCNAPP Cloud Consulting FortiCNAPP standard service to onboard and integrate with cloud native services and Fortinet security
FP-10-PS001-831-01-01 3 days
Service – Essential fabric
FortiCNAPP Cloud Consulting FortiCNAPP advanced service to onboard and integrate with cloud native services and Fortinet FP-10-PS001-831-01-01
5 days
Service – Preferred security fabric including platform extension and automation and advanced CNAPP constructs
2 days per
Part Time Designated Cloud Cloud engineer to assist with all Fortinet cloud security fabric products including FortiCNAPP as well
FP2-10-PS001-832-02-12 week for 1
Engineer as cloud security best practices
year
Cloud Security Posture
Vendor-agnostic cloud security posture assessment service 4 days
Assessment (CSPA)
FP-10-PS001-831-01-01
Application Security Posture
Vendor-agnostic application security posture assessment service 3 days
Assessment (ASPA)

Visit www.fortinet.com for more details

Copyright © 2024 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or
company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other condi-
tions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s SVP Legal and above, with a purchaser
that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any
such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise
revise this publication without notice, and the most current version of the publication shall be applicable.

FCNAPP-OG-R3-20241017