Watch on YouTube
Watch on Vimeo
As cloud adoption accelerates, security teams struggle to keep pace with emerging risks and active threats. Fortinet’s FortiCNAP (Cloud Native Application Protection Platform) provides deep visibility into cloud environments, proactively identifying vulnerabilities and detecting real-time threats to enhance cloud security and compliance. The platform addresses cloud security as a big data problem, ingesting data from various cloud sources and performing hourly analysis to establish a baseline of normal activity. FortiCNAP then focuses on highlighting only anomalous activities, such as unusual geolocation logins or unexpected outbound network connections, reducing alert fatigue and prioritizing critical security events.
FortiCNAP achieves this visibility through a combination of agentless and agent-based approaches. Agentless capabilities integrate directly with cloud providers using infrastructure-as-code, pulling in activity logs, configurations, and permissions data for analysis. Agent-based capabilities, requiring some developer involvement for deployment, offer real-time telemetry, including network monitoring, file change detection, and limited vulnerability scanning. Crucially, the agent’s functionality is designed to be performant and avoid impacting the underlying system resources. Furthermore, FortiCNAP integrates with code repositories like GitHub, Bitbucket, and GitLab to enable code security scanning and identify vulnerabilities before they reach production.
All these features are unified under a single platform, although different pricing tiers might be available depending on the included features. Customers can choose to leverage only the components relevant to their needs, such as opting out of the code scanning functionality if they already have a suitable solution in place. The presentation demonstrated FortiCNAP’s capabilities through a live scenario, showcasing its ability to detect and analyze various attack vectors, including cryptojacking, compromised Kubernetes clusters, and reverse shells. The platform’s ability to correlate multiple events into composite alerts and provide detailed root cause analysis, coupled with its integration with existing developer workflows via Terraform modules, GitHub integration, and VS Code plugins, positions FortiCNAP as a comprehensive solution for improving cloud security posture and reducing the burden on both security and development teams.
Personnel: Derrick Gooch, Gabriel O’Brien
Thank you for being part of the Tech Field Day community! Our mailing list is a great way to stay up to date on our events and technical content, and we appreciate your signup.
We promise that we’ll never spam you, send ads, or sell your information. This list will only be used to communicate with our community about our events and content. And we’ll limit it to no more than one message per week.
Although we only need your email address, it would be nice if you provided a little more information to help us get to know you better!
