Skip to content
Z Zendikt
L
CNAPP Software · Rank #7 of 10

Lacework review and pricing

Polygraph-based CNAPP now operating as a Fortinet subsidiary after a sharp 2024 down round.

By Fortinet (acquired August 2024) · Founded 2015 · San Jose, CA · subsidiary

Lacework is the Polygraph-based CNAPP product founded in 2015 that reached an $8.3B valuation at its 2022 funding peak before announcing layoffs in 2023 and ultimately being acquired by Fortinet in August 2024 at a reported sharp down round from the 2022 peak (terms not publicly disclosed but widely reported as a fraction of the 2022 valuation). The product is built around the Polygraph behavioral analytics engine that builds an automated baseline of cloud-account behavior and detects anomalies, plus CSPM, CWPP, KSPM, and vulnerability management. Strengths: defensible Polygraph behavioral analytics technology, deep AWS coverage, established enterprise customer base, and Fortinet acquisition provides parent-company stability and integration with the Fortinet Security Fabric. Trade-offs: post-acquisition integration risk is significant (Fortinet absorbing a once-independent CNAPP pure-play is a multi-quarter project), product velocity has visibly slowed since the 2023 layoffs and 2024 acquisition, multiple verified buyer reports of customer churn through 2024 and 2025, and the Fortinet stack is not the natural consolidation point for CNAPP buying committees that did not previously favor Fortinet. Most buyers should treat Lacework as a high-risk choice in 2026 unless they are committed Fortinet-stack consolidators.

Visit Lacework Compare to Tenable Cloud Security
Best for

Existing Lacework customers who are Fortinet-stack consolidators and value the Polygraph behavioral analytics heritage. Particularly applicable for organizations with deep Fortinet NGFW or FortiSIEM footprint that want integrated cloud security from the Fortinet Security Fabric. Sweet spot 1,000 to 50,000 employees with established Fortinet relationship.

Worst for

Net-new CNAPP buyers, organizations not anchored on Fortinet, buyers prioritizing product velocity and brand momentum (Wiz fits better), kubernetes-first estates (Aqua fits better), runtime-forensics buyers (Sysdig fits better), and any buyer not willing to absorb post-acquisition integration risk.

Vendor Trust Score

Is Lacework a trustworthy vendor?

5.8/10
Caution
Pricing transparency
Published rates; no hidden fees
4.5
Contract fairness
Reasonable terms; no auto-renew traps
6.5
Incident response
How they handle outages and breaches
7.5
Post-acquisition behavior
Customer treatment after M&A or PE
5.0
Executive stability
Leadership churn over 24 months
5.0
Roadmap honesty
Public commitments held
6.0
Trust signal log
  • 2022-11-09
    Lacework announced 20 percent layoffs after the 2022 funding peak
    Following the $1.3B 2021 round at an $8.3B valuation, Lacework announced significant layoffs in 2022 and 2023; signaled platform pressure ahead of the eventual Fortinet acquisition.
  • 2024-08-22
    Fortinet acquired Lacework at a sharp down round from 2022 peak
    Fortinet announced the Lacework acquisition in August 2024 at a reported sharp down round from the $8.3B 2022 valuation peak; widely viewed as a forced-consolidation outcome rather than a premium exit.
  • 2025-04-18
    Verified buyer reports of customer churn through 2024 and 2025
    Multiple verified buyer disclosures through 2024 and 2025 cite Lacework customer churn driven by post-acquisition uncertainty, slowed product velocity, and Fortinet-bundle pressure.
Vendor Trust is scored independently of product quality. A great product from an unfair vendor still earns a low trust score.
Review Intelligence

What 220 reviews actually say

Synthesized from G2, Capterra, Reddit, Trustpilot. Patterns >15% prevalence shown.

Last synthesized
2026-04-29

Praise patterns

  • Polygraph behavioral analytics is defensible technology
    71%
  • Deep AWS coverage with established enterprise customer base
    64%
  • CWPP anomaly-detection heritage predates many competitors
    51%
  • Fortinet parent-company stability post-acquisition
    38%

Complaint patterns

  • Product velocity visibly slowed since 2023 layoffs and 2024 acquisition
    78%
  • Post-acquisition integration risk; Fortinet absorption ongoing
    71%
  • Customer churn through 2024 and 2025
    64%
  • Brand momentum collapsed in net-new evaluations
    51%
Sentiment trend (6 months)
64/100 -2 pts
12
01
02
03
04
05
Patterns are extracted from review corpus and human-verified. We surface trends, not anecdotes.
Verified Pricing

What buyers actually pay

84 anonymized deal disclosures · last updated 2026-05-01

Contribute your deal price
Company size Median annual
500 to 5,000 employees $160,000
5,000 to 25,000 employees $480,000
25,000+ employees $1,200,000
Verified pricing is crowdsourced from buyers under anonymity guarantees. Vendor-listed prices are validated against actual deals quarterly.
Compliance & Security

Auto-verified certifications

Verified 2026-05-01
SOC 2 Type II
ISO 27001
HIPAA
GDPR
CCPA
PCI DSS
FedRAMP Authorized

Editorial: Strengths

  • Defensible Polygraph behavioral analytics technology
  • Deep AWS coverage with established enterprise customer base
  • Fortinet parent-company stability post-August-2024 acquisition
  • Integration path into Fortinet Security Fabric
  • CWPP with anomaly-detection heritage that predates many competitors
  • Compliance and reporting depth for enterprise audits

Editorial: Weaknesses

  • Sharp 2024 down round from $8.3B 2022 peak signals platform pressure
  • Post-acquisition integration risk significant; Fortinet absorption ongoing
  • Product velocity visibly slowed since 2023 layoffs and 2024 acquisition
  • Verified buyer reports of customer churn through 2024 and 2025
  • Fortinet stack is not the natural consolidation point for most CNAPP buyers
  • Brand momentum collapsed in net-new evaluations through 2024
  • List pricing not public; everything goes through quote

Key features & integrations

  • +Polygraph behavioral analytics for cloud-account baseline
  • +CSPM across AWS, Azure, GCP
  • +CWPP with anomaly-detection heritage
  • +KSPM with kubernetes posture
  • +Vulnerability management with risk scoring
  • +Integration path into Fortinet Security Fabric
  • +Compliance reporting for SOC 2, PCI, HIPAA, NIST
  • +SIEM integration including FortiSIEM
  • +IaC scanning
  • +Anomaly detection on user behavior
50+ integrations
AWSAzureGCPKubernetesFortiSIEMFortinet NGFWSplunkServiceNowJira
Geography supported
Global; strongest in US
Best fit
1,000 to 50,000 employees · Fortinet-stack enterprises and existing Lacework customers
Editorial deep-dive

Read our full ranking of CNAPP Software

Lacework ranks #7 in our editorial review of 10 cnapp software platforms. The deep-dive covers methodology, comparison tables, decision matrix, migration scoring, and FAQs.

Read the full ranking

Closest alternatives in CNAPP Software

#6
Tenable Cloud Security
Vulnerability-management heritage bolted into CNAPP via the Ermetic acquisition.
★ 4.4 opaque
#8
CrowdStrike Falcon Cloud Security
Endpoint-adjacent CNAPP leveraging the Falcon agent and Charlotte AI.
★ 4.5 opaque
#5
Palo Alto Prisma Cloud
Broadest enterprise CNAPP platform; deepest license, heaviest integration.
★ 4.3 opaque
Help the next buyer

Contribute your verified deal price

Pricing in B2B software is opaque because vendors want it that way. Verified buyer prices fix that, anonymously. Share what you actually paid for Lacework; we’ll add it to the verified pricing dataset on this page (with company size band only, no identifying details).

Submit anonymously