Fortinet, following its acquisition of Lacework earlier this year, has made generally available a version of the cloud-native application protection platform (CNAPP) it gained that is now integrated with the Fortinet Security Fabric, an orchestration framework the company developed to centralize the management of its cybersecurity portfolio.

Vince Hwang, senior director for cloud security and security operations for Fortinet, said with the addition of Lacework FortiCNAPP it is now possible to extend the reach of the Fortinet Security Fabric into cloud computing environments, including the underlying runtime environments.

Additionally, Lacework FortiCNAPP is now integrated with FortiGuard Outbreak Alerts to provide increased visibility and deeper insights into the latest threats and where the solution can disrupt potential attacks.

Lacework FortiCNAPP is based on a Polygraph engine that applies machine learning algorithms to identify potential attack paths and other related cybersecurity issues. The platform also included generative AI capabilities to make it easier to, for example, create reports and automate other tasks. There is also graph technology that is used to make it simpler to visually correlate threats.

It also includes a cloud infrastructure entitlement management (CIEM) framework that provides visibility into cloud identities and their permissions, along with automated remediation guidance for right-sizing permissions to ensure least-privileged access policies are enforced.

Collectively, these capabilities provide visibility from code to cloud in a way that compliments the existing Fortinet cybersecurity portfolio for protecting networks and on-premises IT environments, said Hwang. That’s especially critical at a time when more organizations are adopting best DevSecOps practices to secure hybrid IT environments where data is now being shared to, for example, drive artificial intelligence (AI) applications, he added.

That approach also provides the added benefit of being able to rely on a single vendor that provides an integrated portfolio versus requiring cybersecurity teams to provide that level of integration across tools and platforms from multiple vendors, noted Hwang.

It’s not clear at what rate organizations are embracing CNAPPs to secure better cloud computing environments. However, a decade after these platforms and services were first introduced organizations are still encountering security challenges. Many organizations are still struggling to navigate the nuances of the shared responsibility model for cloud security through which they are responsible for any software, and how the underlying infrastructure is configured.

Unfortunately, many cloud services are programmatically configured by application developers who don’t always have the greatest appreciation for best cybersecurity practices. The challenge, as always, is that securing additional platforms requires more investment. As the attack surface that needs to be defended continues to expand, business and IT leaders often need to be reminded that the cost of cybersecurity is only going to increase, even after some effort is made to consolidate the number of tools and platforms in use.

Despite those concerns, the rate at which application workloads are being deployed in the cloud is only going to increase. The challenge and the opportunity now is to find ways to secure them before cybercriminals inevitably discover some way to exploit them.