Introduction
FortiCWP is Fortinet's cloud-native Cloud Workload Protect (CWP) service. FortiCWP continuously monitors and tracks all security components, including configurations, user activity, traffic flow log, and data storage in public cloud environments. Equipped with predefined security policies out-of-the-box, FortiCWP monitors for security risks such as:
- Malicious traffic
- Suspicious user activity
- Vulnerable configuration
- Sensitive data leak and malware
FortiCWP provides contextual information to respond to identified threats. FortiCWP also supports automated incident response through integration with cloud services such as AWS SQS and SNS workflow, streamlining DevOps.
- Central Visibility - Visibility is one of the most important aspects of cloud security. FortiCWP provides users central visibility for multi-cloud environments in a single pane glass view. With Resource list, users are able to quickly locate a resource, identify its highlighted attribute, such as "internet-facing" instance, "malware" bucket, and view the resource profile to understand the resource life cycle as well as tracking configuration changes. Resource map provides a graphical view of relationships among different resources which gives security admin the clearest way to understand how the cloud infrastructure is configured.
- Risk Assessment – FortiCWP’s deep risk assessment and continuous analysis solution enables security teams to focus on the highest priority issues, take quick remediation as well as utilizing auto fixing option to effectively manage and address risk. Actionable alerts enable organizations to prioritize response based on the severity of issues.
- Traffic Analysis and Investigation - FortiCWP continuously monitors and analyzes traffic flow, integrates with FortiGaurd IOC and Anti Botnet databases to detect compromised instances and malicious incoming traffic. In return it provides traffic flow in graphical view for quick investigation on network attack and analyzes traffic flow overtime.
- Data Security - FortiCWP not only provides comprehensive configuration assessment to ensure security of data storage, but it also analyzes documents inside the storage to identify and monitor sensitive data and malware. Security admins can monitor and analyze sensitive data activity by drilling down document profiles from generated alerts to investigate data leakage in the environment.
- Threat Protection and Response - FortiCWP uses User Entity Behavior Analytics to look for suspicious or irregular user behavior. It also sends out alerts for malicious behavior.
- Compliance - For organization operating in a highly regulated industry, FortiCWP provides out-of-the-box policies for standards such as PCI, HIPPA, SOX, GDPR, ISO 27001, and NIST which allows organizations to generate compliance reports instantly for auditing teams, so policy violations can be identified quickly and take necessary remedial actions.