Skip to content
    Back to Security Operations (SecOps)
    Security Operations (SecOps)StartupCloud CNAPP

    Lacework

    Data-driven cloud-native CNAPP acquired by Fortinet in June 2024 — anomaly-based detection and compliance integrated into Fortinet's security fabric

    Mkt Cap / ValAcq. by Fortinet
    RevenueEst. $100M ARR
    Growth+30% YoY
    Lacework's Polygraph behavioral analysis engine learns the normal behavior of every cloud workload and automatically surfaces anomalies — delivering cloud threat detection that adapts to unique environments without requiring custom rules, making it the platform for DevSecOps teams that need cloud security to work like intelligent infrastructure, not a manual rulebook.
    Analyst take · Competitive edge

    SWOT Analysis

    Strengths
    • Polygraph behavioral anomaly detection adapts to each environment without manual rule authoring
    • Unified coverage across cloud accounts, containers, Kubernetes, and data plane in one platform
    • CSPM + CWPP + vulnerability management + compliance in a single cloud-native platform
    • Infrastructure-as-code security scanning integrates cloud security into developer pipelines
    • Fortinet acquisition provides distribution leverage through the Fortinet partner ecosystem
    Opportunities
    • Fortinet customer base expansion as cross-sell from Fortinet network security customers
    • DevSecOps platform for engineering-driven organizations building cloud security into pipelines
    • Container and Kubernetes security expansion as workload density in clusters increases
    • Compliance automation expansion covering new regulatory frameworks without manual mapping
    Weaknesses
    • Brand recognition below Wiz and Prisma Cloud in large enterprise cloud security evaluations
    • Polygraph machine learning tuning period delays time-to-value for initial deployments
    • Fortinet acquisition integration risk may slow product roadmap innovation
    • Sales and marketing investment below Wiz following Fortinet acquisition
    Threats
    • Wiz (Google) and Orca Security dominant in agentless CNAPP market segment
    • Palo Alto Prisma Cloud and CrowdStrike Falcon Cloud Security at large enterprise accounts
    • Sysdig and Aqua Security competing in cloud-native container and Kubernetes security
    • Fortinet integration creating platform coherence questions for non-Fortinet customers

    User Sentiment

    Synthesized from G2, Gartner Peer Insights, and analyst review data.

    What users love
    • Polygraph anomaly detection finds cloud threats that rule-based tools miss in complex environments
    • IaC scanning integration into Terraform and CloudFormation pipelines surfaces misconfigurations pre-deploy
    • Unified platform eliminates the multi-tool complexity of separate CSPM, CWPP, and container security
    • Behavioral detection requires minimal tuning vs. signature-based alert tools
    Common complaints
    • Initial Polygraph learning period creates delayed time-to-value compared to signature-based tools
    • Fortinet acquisition has created roadmap uncertainty for cloud-native customers
    • Alert prioritization needs improvement — high signal environments generate too many low-priority findings

    Pricing & TCO

    Analyst-synthesized pricing signals — directional only, contact vendor for current terms.

    ConsumptionMedium TCOContact Sales Free Trial / Tier

    Typical ACV (Mid-Enterprise)

    $75K–$500K

    Market Segments

    EnterpriseMid-Market

    Deployment

    SaaS

    Key Cost Drivers

    • Cloud resource count and workload telemetry volume
    • Container and Kubernetes cluster count for CWPP coverage
    • IaC scanning pipeline volume for developer security features

    Lacework's consumption model is competitive with Orca and Wiz — Fortinet partnership may offer bundled pricing advantages for Fortinet customers, reducing total cost vs. standalone CNAPP procurement.

    Full comparison

    Customer Profile

    Who buys this

    Typical segments

    EnterpriseMid-Market

    Typical buyer

    DevSecOps Lead or Cloud Security Architect at an engineering-driven organization running cloud-native infrastructure

    Top use cases
    1. 1Cloud threat detection using behavioral anomaly analysis across workloads and containers
    2. 2IaC security scanning catching cloud misconfigurations in CI/CD pipelines before deployment
    3. 3Kubernetes and container security monitoring across production cluster workloads

    Future Focus Areas

    1

    Fortinet Security Fabric integration creating combined network + cloud security intelligence

    2

    AI workload security extending Polygraph behavioral detection to AI model runtime environments

    3

    Developer security expansion with pre-commit hooks and real-time IaC feedback in IDEs

    4

    Autonomous remediation AI closing cloud security gaps without human intervention