October 2025 Platform Releases

Generally Available

• AWS IAM policy aware configuration collection

  FortiCNAPP now allows you to customize your AWS configuration integration by allowing or denying access to specific regions or resources using IAM policies. For more information see Customizing your configuration integration in the FortiCNAPP Administration Guide.

• Upcoming change: Azure cloud activity alerts update

  As part of ongoing efforts to streamline alerting and reduce noise, we are retiring ten low-severity Azure cloud activity alerts. This change will be implemented on October 6 and rolled out in phases.

  If you currently receive these alerts, please be aware that they will no longer be delivered following this update. No action is required on your part, as the change will occur automatically.

  Should you wish to re-enable any of the retired alerts, please contact Support for assistance.

  The following are the rules affected by this change:

  • Network security group created or updated

  • Network security group deleted

  • Network security group rule created or updated

  • Network security group rule deleted

  • Policy assignment created

  • Security policy updated

  • Security solution created or updated

  • Security solution deleted

  • SQL server firewall rule created or updated

  • SQL server firewall rule deleted

  These rules have now been superseded by more relevant and actionable alerting capabilities in Anomaly alerts and Composite alerts. See Cloud Activity Anomaly Alerts and Potentially Compromised Azure in the FortiCNAPP Administration Guide.

• Agent dashboard health monitoring

  The Agents dashboard Agent inventory table shows agent health status. For more information, see Agent health monitoring in the FortiCNAPP Administration Guide.

• Google Cloud Terraform configuration module update: 3.2.5

  This update fixes a silent failure of folder inclusion and exclusion in the Terraform Google Cloud configuration module through the following changes:

  • Removes folders_to_include and folders_to_exclude.

  • Removes include_root_projects.

  • Adds an example of how to do integration on folder level.

  The Terraform Google Cloud configuration module now operates as follows:

  • An organization-level integration integrates all projects under the organization in one INTG_GUID.

  • A project-level integration integrates projects with one INTG_GUID for one project.

  • A folder-level integration integrates projects under the folders with one INTG_GUID for every project.

  To obtain this new version, see Terraform GCP Config module on the Terraform Registry.

• Identity-related alerts now available

  When enabled, Cloud infrastructure entitlement management (CIEM) policies can generate alerts for cloud identities that meet thresholds of inactivity or risk.

  The Alerts dashboard now includes filters for identity-related data.

  The Identities Overview now includes the following summary graphs for alerts related to identities:

  • Total alerts

  • Identities with alerts

  • Top 5 identities with most alerts

  • Top 5 policies with most alerts

  Explore: Identities adds the sortable Number of alerts column.

  Identity details now include the Alerts by severity graph.

  To enable these alerts, enable the appropriate CIEM policies in Governance > Policies. You may also create your own custom policies to generate identity alerts.

  For more information, see Identity alerts in the FortiCNAPP Administration Guide.

• Singapore (AS) region available

  The Singapore (AS) region is now available for tenant deployments.

• New Azure service coverage added

  The following Azure services and related datasources are now available:

  Data Bricks:

  • microsoft.databricks/workspaces/privateendpointconnections

  Operational Insights:

  • microsoft.operationalinsights/clusters

  For more information, see Datasource Metadata. Note that the introduction of new services may require you to modify the privileges of the FortiCNAPP user in your cloud accounts. For more information, see Maintain Cloud Integrations with Terraform.

Public Preview

• Pull request commenting

  When a pull request (PR) in a repository is submitted, Lacework FortiCNAPP runs scans on both the source and target branches. It compares the results to identify any issues or vulnerabilities which will be introduced into the target branch. If a potential violation is identified, Lacework FortiCNAPP will return comments to explain the violation and provide a warning. See Pull request commenting.

• Vulnerable components view

  The Vulnerable Components view in Code security > Applications > Components shows all vulnerabilities found in a repository, grouped by the direct dependencies that introduce them. See Components.

• Cloud identity security support for Azure

  Identity security now supports Azure, providing unified visibility and deeper insights into your cloud identity security. To take full advantage of this feature, please ensure you have an Azure configuration integration enabled.

  With identity security, you can gain insights into your Azure identity posture through the following features:

  • Cloud provider filter option for Azure on all identity pages

  • New Azure-based Overview charts and Identity Explorer Overview page

  • Top Identity Risks page for Azure identities

  • Identity entitlement-based risks for Entra users, groups, and service principals

  • Support for net effective permissions:

    • Direct role assignment based permissions

    • 1-hop permissions via group membership

    • Deny Assignments

    • Permission inheritance (child resources inherit parent resource permissions)

  • Support for remediations, including excessive privileges analysis

  Please note that Azure activity log integration and Azure agentless workload scanning are recommended to take full advantage of these features.

  For more information, see Integrate Azure Identity in the FortiCNAPP Administration Guide.