Fortinet Enhances FortiCNAPP to Address Complex Cloud Risks and Improve Security Operations

Fortinet enhances FortiCNAPP, streamlining cloud risk management by integrating network and data security into a unified workflow.

Quiver AI Summary

Fortinet has announced enhancements to its FortiCNAPP solution, aimed at helping organizations assess and prioritize cloud security risks more effectively. By integrating various risk factors—such as cloud configurations, identity exposure, vulnerabilities, and data sensitivity—into a single workflow, FortiCNAPP enables security teams to manage cloud security complexities better, which have been exacerbated by tool sprawl and visibility gaps. This solution enhances decision-making and focuses remediation efforts on the most critical risks, thereby simplifying cloud security operations. Fortinet emphasizes that FortiCNAPP allows for a unified approach to risk management, facilitating faster response times and clearer risk visibility across hybrid and multi-cloud environments.

Potential Positives

Fortinet unveiled enhancements to FortiCNAPP that consolidate cloud risk management, improving organizations' ability to prioritize significant risks in complex cloud environments.
By integrating network protection context into workload risk assessments, FortiCNAPP offers a more accurate understanding of real exposure, distinguishing it from many competing CNAPP solutions.
The press release highlights that FortiCNAPP's capabilities directly address significant pain points for cloud security teams, such as tool sprawl and visibility gaps, facilitating faster remediation and more effective security operations.
Fortinet's commitment to enhancing cloud security is underscored by the positive customer feedback showcasing FortiCNAPP's ability to streamline visibility and reduce risks in cloud environments.

Potential Negatives

Despite the enhancements to FortiCNAPP, the press release highlights significant challenges in cloud security management, such as tool sprawl and visibility gaps affecting nearly 70% of organizations, suggesting broader industry issues that may reflect on Fortinet’s capabilities.
The mention of "alert overload" and the complexities faced by organizations may imply that Fortinet's existing solutions have not adequately addressed customer needs, raising concerns about the effectiveness of their prior offerings.
The reliance on the statement that security teams struggle due to "limited resources and skills gaps" suggests a potential vulnerability in the client base, indicating that Fortinet’s customers may lack the necessary resources and expertise to fully utilize their products.

FAQ

What enhancements have been made to FortiCNAPP?

FortiCNAPP now provides improved visibility into cloud risk by correlating cloud configuration, identity exposure, vulnerabilities, and more in a single workflow.

How does FortiCNAPP improve cloud security operations?

The platform unifies various risk signals, reducing alert overload and enabling security teams to focus on the most significant risks.

What benefits does network-aware risk scoring provide?

This feature offers a more accurate risk evaluation by incorporating existing network enforcement into workload risk assessments.

How does FortiCNAPP enhance data security posture management?

FortiCNAPP integrates data sensitivity and exposure assessments, enabling better prioritization of risks affecting sensitive data without data migration.

What challenges does FortiCNAPP address for security teams?

It reduces tool sprawl and visibility gaps, helping teams manage risks across complex hybrid and multi-cloud environments more effectively.

Disclaimer: This is an AI-generated summary of a press release distributed by GlobeNewswire. The model used to summarize this release may make mistakes. See the full release here.

$FTNT Insider Trading Activity

$FTNT insiders have traded $FTNT stock on the open market 14 times in the past 6 months. Of those trades, 0 have been purchases and 14 have been sales.

Here’s a breakdown of recent trading of $FTNT stock by insiders over the last 6 months:

MICHAEL XIE (VP, ENGINEERING & CTO) has made 0 purchases and 6 sales selling 480,142 shares for an estimated $47,242,867.
KEN XIE (PRESIDENT & CEO) has made 0 purchases and 6 sales selling 316,971 shares for an estimated $29,318,272.
CHRISTIANE OHLGART (Chief Financial Officer) has made 0 purchases and 2 sales selling 220 shares for an estimated $20,344.

To track insider transactions, check out Quiver Quantitative's insider trading dashboard.

$FTNT Revenue

$FTNT had revenues of $1.7B in Q3 2025. This is an increase of 14.38% from the same period in the prior year.

You can track FTNT financials on Quiver Quantitative's FTNT stock page.

$FTNT Congressional Stock Trading

Members of Congress have traded $FTNT stock 8 times in the past 6 months. Of those trades, 4 have been purchases and 4 have been sales.

Here’s a breakdown of recent trading of $FTNT stock by members of Congress over the last 6 months:

REPRESENTATIVE LISA C. MCCLAIN has traded it 4 times. They made 2 purchases worth up to $30,000 on 10/30, 08/13 and 2 sales worth up to $30,000 on 10/31, 10/30.
REPRESENTATIVE BYRON DONALDS has traded it 4 times. They made 2 purchases worth up to $30,000 on 10/09 and 2 sales worth up to $30,000 on 09/04.

To track congressional stock trading, check out Quiver Quantitative's congressional trading dashboard.

$FTNT Hedge Fund Activity

We have seen 580 institutional investors add shares of $FTNT stock to their portfolio, and 740 decrease their positions in their most recent quarter.

Here are some of the largest recent moves:

UBS AM, A DISTINCT BUSINESS UNIT OF UBS ASSET MANAGEMENT AMERICAS LLC added 5,579,744 shares (+78.1%) to their portfolio in Q3 2025, for an estimated $469,144,875
FMR LLC removed 4,189,312 shares (-52.1%) from their portfolio in Q3 2025, for an estimated $352,237,352
AQR CAPITAL MANAGEMENT LLC removed 3,721,768 shares (-61.5%) from their portfolio in Q3 2025, for an estimated $312,926,253
VANGUARD GROUP INC added 2,894,355 shares (+4.0%) to their portfolio in Q3 2025, for an estimated $243,357,368
ARROWSTREET CAPITAL, LIMITED PARTNERSHIP removed 2,557,941 shares (-35.5%) from their portfolio in Q3 2025, for an estimated $215,071,679
DSM CAPITAL PARTNERS LLC removed 2,528,477 shares (-100.0%) from their portfolio in Q3 2025, for an estimated $212,594,346
DZ BANK AG DEUTSCHE ZENTRAL GENOSSENSCHAFTS BANK, FRANKFURT AM MAIN removed 2,426,305 shares (-95.0%) from their portfolio in Q3 2025, for an estimated $204,003,724

To track hedge funds' stock portfolios, check out Quiver Quantitative's institutional holdings dashboard.

$FTNT Analyst Ratings

Wall Street analysts have issued reports on $FTNT in the last several months. We have seen 3 firms issue buy ratings on the stock, and 3 firms issue sell ratings.

Here are some recent analyst ratings:

Morgan Stanley issued a "Underweight" rating on 12/18/2025
JP Morgan issued a "Underweight" rating on 12/17/2025
Mizuho issued a "Underperform" rating on 11/06/2025
Scotiabank issued a "Sector Outperform" rating on 08/07/2025
Wedbush issued a "Outperform" rating on 08/07/2025
Truist Securities issued a "Buy" rating on 08/07/2025

To track analyst ratings and price targets for $FTNT, check out Quiver Quantitative's $FTNT forecast page.

$FTNT Price Targets

Multiple analysts have issued price targets for $FTNT recently. We have seen 20 analysts offer price targets for $FTNT in the last 6 months, with a median target of $85.0.

Here are some recent targets:

Shaul Eyal from TD Cowen set a target price of $100.0 on 01/23/2026
Fatima Boolani from Citigroup set a target price of $85.0 on 01/13/2026
Rob Owens from Piper Sandler set a target price of $90.0 on 01/05/2026
Meta Marshall from Morgan Stanley set a target price of $70.0 on 12/18/2025
Brian Essex from JP Morgan set a target price of $75.0 on 12/17/2025
Saket Kalia from Barclays set a target price of $88.0 on 11/06/2025
Catharine Trebnick from Rosenblatt set a target price of $85.0 on 11/06/2025

Full Release

SUNNYVALE, Calif., Jan. 27, 2026 (GLOBE NEWSWIRE) -- Fortinet ^® , the global cybersecurity leader driving the convergence of networking and security, today announced new enhancements to FortiCNAPP that help organizations better understand and prioritize cloud risk beyond what is possible with many CNAPP solutions today. By correlating cloud configuration, identity exposure, vulnerabilities, network enforcement, data sensitivity, and runtime behavior in a single workflow, FortiCNAPP enables security teams to focus on the risks that matter most.

“Cloud security teams aren’t struggling because they lack data. They’re struggling because growing complexity, limited resources, and skills gaps make it harder to manage risk across cloud environments,” said Nirav Shah, Senior Vice President, Products and Solutions at Fortinet. “By unifying network enforcement, data sensitivity, and runtime validation within FortiCNAPP, we’re enabling customers move from alert overload to clear, prioritized action based real-world exposure and business impact.”

As organizations expand across hybrid and multi-cloud environments, security teams are often forced to piece together risk signals from disconnected tools, resulting in fragmented visibility and slower response. According to the Fortinet 2026 Cloud Security Report , nearly 70% of organizations cite tool sprawl and visibility gaps as the top barriers to effective cloud security. FortiCNAPP addresses this challenge by adding protection where it matters most for cloud security teams—across the network, data, and runtime layers of cloud environments.

Factoring Network Security Posture into Cloud Workload Risk
FortiCNAPP incorporates network-level protection context directly into risk evaluation, providing a more accurate picture of real exposure that many CNAPP solutions lack.

Network-aware risk scoring: FortiCNAPP detects FortiGate solutions deployed along the internet-accessible path to cloud workloads and incorporates that protection directly into workload risk assessments, ensuring exposure is evaluated in the context of existing network enforcement.
Reduced false urgency: Persistent protection context provides a more realistic view of risk and enables security and network teams to operate from a shared, consistent understanding of exposure.

Native Data Security Posture Management (DSPM) Adds Data Risk Context
FortiCNAPP enhances risk prioritization by directly incorporating data sensitivity and exposure, without requiring customers to move or export their data.

In-place data risk visibility: Built-in DSPM identifies sensitive data, access patterns, and potential malware, while supporting privacy and data governance requirements.
Business impact-driven prioritization: Risks affecting sensitive data are automatically elevated, helping teams focus remediation efforts on issues with the greatest potential impact.

Bringing Risk Signals together into a Unified Workflow
FortiCNAPP simplifies cloud risk operations by consolidating often siloed security signals into a single, actionable workflow.

Unified risk management: Insights from cloud posture, infrastructure entitlement, vulnerabilities, DSPM, and network security posture into a single view.
Runtime-informed prioritization: Validation of vulnerable code paths helps teams distinguish theoretical findings from active, exploitable risk.
Faster remediation: Correlated context around configuration issues, identity exposure, vulnerabilities, network reachability, data sensitivity, and runtime behavior enables faster response with fewer tools.

Enabling More Context-Driven Cloud Security Operations
As cloud environments grow more complex, effective risk management requires understanding not just what is misconfigured or vulnerable, but whether protections are in place, what data is involved and the likelihood of real-world impact. With these enhancements, FortiCNAPP helps organizations reduce noise, improve decision-making, and align security efforts with actual exposure and available resources.

How Organizations Are Prioritizing Real-World Cloud Risk
Organizations are using FortiCNAPP to simplify cloud security operations and gain clearer visibility into risk across complex cloud environments by unifying network, data, and runtime context within a single platform.

“FortiCNAPP gives us visibility across identities, workloads, and vulnerabilities so we know exactly where risk exists and how to address it,” said Huy Ly, Head of Global IT Security & Infrastructure at Monolithic Power Systems. “It acts like a continuous auditor, helping us assess the health of our cloud environment at a glance, even without deep, hands-on cloud expertise. Combined with the Fortinet Security Fabric, FortiCNAPP helps us proactively reduce risk across our cloud operations.”

Additional Resources

Read more about FortiCNAPP .
Read more about the Fortinet Security Fabric .
Learn more about the Fortinet Open Ecosystem .
Visit fortinet.com/trust to learn about Fortinet innovation, collaboration partners, product security processes, and enterprise-grade products.
Read about how Fortinet customers are securing their organizations.
Learn about Fortinet’s commitment to product security and integrity , including its responsible product development and vulnerability disclosure approach and policies.
Follow Fortinet on X , LinkedIn, Facebook , and Instagram . Subscribe to Fortinet on our blog or YouTube .

About Fortinet
Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute , one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. Collaboration with esteemed organizations from both the public and private sectors, including CERTs, government entities, and academia, is a fundamental aspect of Fortinet’s commitment to enhance cyber resilience globally. FortiGuard Labs , Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com , the Fortinet Blog , and FortiGuard Labs .

Copyright © 2026 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet’s trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiOS, FortiGuard, FortiCare, FortiAnalyzer, FortiManager, FortiASIC, FortiClient, FortiCloud, FortiMail, FortiSandbox, FortiADC, FortiAI, FortiAIOps, FortiAgent, FortiAntenna, FortiAP, FortiAPCam, FortiAuthenticator, FortiCache, FortiCall, FortiCam, FortiCamera, FortiCarrier, FortiCASB, FortiCentral, FortiCNP, FortiConnect, FortiController, FortiConverter, FortiCSPM, FortiCWP, FortiDAST, FortiDB, FortiDDoS, FortiDeceptor, FortiDeploy, FortiDevSec, FortiDLP, FortiEdge, FortiEDR, FortiExplorer, FortiExtender, FortiFirewall, FortiFlex FortiFone, FortiGSLB, FortiGuest, FortiHypervisor, FortiInsight, FortiIsolator, FortiLAN, FortiLink, FortiMonitor, FortiNAC, FortiNDR, FortiPAM, FortiPenTest, FortiPhish, FortiPoint, FortiPolicy, FortiPortal, FortiPresence, FortiProxy, FortiRecon, FortiRecorder, FortiSASE, FortiScanner, FortiSDNConnector, FortiSIEM, FortiSMS, FortiSOAR, FortiSRA, FortiStack, FortiSwitch, FortiTester, FortiToken, FortiTrust, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLM, FortiXDR and Lacework FortiCNAPP.

Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments.