BMC Helix Cloud Security vs FortiCNAPP comparison

BMC Helix and Fortinet are both solutions in the Cloud Workload Protection Platforms (CWPP) category. BMC Helix is ranked #24, while Fortinet is ranked #17 with an average rating of 7.8. BMC Helix holds a 1.0% mindshare in CWPP, compared to Fortinet’s 3.8% mindshare. Additionally, 80% of BMC Helix users are willing to recommend the solution, compared to 85% of Fortinet users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Feb 22, 2026

BMC Helix Cloud Security and FortiCNAPP compete in cloud security solutions. FortiCNAPP seems to have the upper hand with stronger integrations and customization, but BMC Helix Cloud Security offers competitive pricing and superior support.

Features: BMC Helix Cloud Security excels in automated security compliance, operational efficiency, and robust reporting tools. Its automated remediation of cloud IaaS and PaaS misconfigurations is a notable feature, and it provides a unified view across multi-cloud environments. FortiCNAPP stands out for advanced threat detection and scalable integrations, offering enhanced threat intelligence and a unified view across multi-cloud setups.

Room for Improvement: BMC Helix Cloud Security could improve in offering more advanced threat detection and broader customization options. Its flexible deployment modes could be further refined for better user engagement. The tool could also benefit from more robust integrations with third-party solutions. FortiCNAPP could enhance ease of deployment and reduce the learning curve. Its offerings would benefit from improved vulnerabilities detection and addressing the need for more in-house expertise. More seamless support for initial deployment stages would enhance user experience.

Ease of Deployment and Customer Service: BMC Helix Cloud Security offers straightforward deployment and comprehensive customer support, minimizing downtime effectively. FortiCNAPP, while allowing for bespoke integrations, requires a steeper learning curve. Its deployment demands more in-house expertise, although customer service is efficient.

Pricing and ROI: BMC Helix Cloud Security provides competitive pricing aimed at maximizing ROI through cost-effective solutions and quality support, appealing to budget-conscious buyers. FortiCNAPP requires a higher initial investment but offers significant long-term ROI through advanced features and security intelligence, making it attractive for those prioritizing depth and integration in security solutions.

To learn more, read our detailed BMC Helix Cloud Security vs. FortiCNAPP Report (Updated: April 2026).

Buyer's Guide

BMC Helix Cloud Security vs. FortiCNAPP

April 2026

Download the complete report

Helped 893,221 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

SentinelOne Singularity Clo...

Mindshare comparison

As of May 2026, in the Cloud Workload Protection Platforms (CWPP) category, the mindshare of SentinelOne Singularity Cloud Security is 4.9%, up from 2.8% compared to the previous year. The mindshare of BMC Helix Cloud Security is 1.0%, up from 0.3% compared to the previous year. The mindshare of FortiCNAPP is 3.8%, up from 2.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Cloud Workload Protection Platforms (CWPP) Mindshare Distribution
Product	Mindshare (%)
SentinelOne Singularity Cloud Security	4.9%
FortiCNAPP	3.8%
BMC Helix Cloud Security	1.0%
Other	90.3%

Cloud Workload Protection Platforms (CWPP)

Featured Reviews

Sreeraj Mohandas

Security Engineer at HashXpert

Consolidated cloud security has reduced manual work and has automated vulnerability remediation

I elaborate on my rating of SentinelOne support by mentioning that there was some time where the troubleshooting took a longer time. In fact, there were many meetings going on. The availability of the document on the internet is on a lesser side because as an engineer, I would want to know about the troubleshooting aspects of this particular tool. When I am facing a customer, I do not prefer to bring the vendor to every call and try to resolve it, as it takes months and months. It would be better to have a training session with the engineer on site to explain and train properly. This is not the case with SentinelOne, so this is the only thing I have a complaint about. I do not have any other room for improvement to suggest within SentinelOne itself. However, I would really want the AI assistant for the threat hunting part to be more accessible. They have it, but they are making it licensed, so it is a bit on the higher end.

Read full review

Donna Geary

Portfolio Manager/ Helix Administrator at Frontier Communications

A highly scalable and straightforward solution with a knowledgeable support team

We work on a third-party shared environment. It wouldn’t have been feasible for a smaller company. My company was actually the first one to do it. Just like any cloud security, it pays to do your research and have complimentary security involved. The product can’t be the be-all and end-all tool for your security. Overall, I rate the solution a nine out of ten.

Read full review

Mark Freeborough

Client Manager at MLL Telecom Ltd

Network segmentation has strengthened access control and now streamlines automated threat response

The most valuable features in FortiCNAPP include robust network segmentation and restricting access to network assets. It also supports security measures by leveraging security fabrics for better enforcement and policy enforcement. FortiCNAPP integrates with SIEM solutions, and we offer different SIEM options that work with Fortinet and AlienVault, among others, providing multiple scenarios.FortiCNAPP's automated policy recommendations significantly help improve security measures as part of an overall service wrap. When deploying a Fortinet SD-WAN or network, these tools provide greater visibility to vulnerabilities and enhanced security on the network. It functions as a proactive tool, enabling me to identify threats quickly and automate responses.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"When creating cloud infrastructure, Cloud Native Security evaluates the cloud security parameters and how they will impact the organization's risk. It lets us know whether our security parameter conforms to international industry standards. It alerts us about anything that increases our risk, so we can address those vulnerabilities and prevent attacks."

"The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best features."

"SentinelOne Singularity Cloud Security offers three key features: vulnerability management notifications, cloud configuration assistance, and security scanning."

"SentinelOne Singularity Cloud Security can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub."

"Singularity Cloud's ability to create custom correlation searches and reduce noise is highly valuable."

"Singularity Cloud Native Security provides us with a platform to scan instances when they are getting created, and the dashboard helps us to identify the critical issues."

"Its performance impact on the systems is low, which means there is a minimal impact on system performance compared to traditional antivirus solutions."

"The key strength of Singularity Cloud Security lies in its ability to pinpoint vulnerabilities in our cloud accounts and identify suspicious activity that warrants further investigation."

More SentinelOne Singularity Cloud Security pros

"The most valuable aspects of BMC Helix Cloud Security are its security features and regulatory compliance capabilities."

"Using this solution is an eye-opener; having that holistic view is the biggest eye-opener because you understand, from any of your connected cloud accounts, what your vulnerabilities are with it."

"The features that I've found most valuable are its container security aspect. I also like its vulnerability management tools."

"Role-based security is a valuable feature."

"It is a good tool to make sure that your containers are safe and sound."

"With very minimal effort, you are able to have a cohesive view into your security posture on one or multiple cloud accounts, particularly if you are dealing with multicloud."

"The cool feature of Helix Cloud Security is that you can do all that — understand and remediate issues — in one dashboard, based on the different policies that are available for security, out-of-the-box."

"It's also multi-cloud. You can look at several cloud providers: AWS, Azure, or GCP."

More BMC Helix Cloud Security pros

"FortiCNAPP definitely brings time-saving benefits, and security is the main concern for the company."

"FortiCNAPP is a competitive and robust solution, the only one in the IT sphere that addresses all quadrants in the Gartner Quadrants."

"I find the cloud configuration compliance scanning mature. It generates a lot of data and supports major frameworks like ISO 27001 or SOC 2, providing reports and datasets. Another feature I appreciate is setting custom alerts for specific events. Additionally, I value the agent-based monitoring and scanning for compute nodes. It gives us deeper insights into our workloads and helps identify vulnerabilities across our deployed assets."

"The most valuable aspects are identifying vulnerabilities—things that are out there that we aren't aware of—as well as finding what path of access attackers could use, and being able to see open SSL or S3 buckets and the like."

"Lacework is helping a lot in reducing the noise of the alerts. Usually, whenever you have a tool in place, you have a lot of noise in terms of alerts, but the time for an engineer to look into those alerts is limited. Lacework is helping us to consolidate the information that we are getting from the agents and other sources. We are able to focus only on the things that matter, which is the most valuable thing for us. It saves time, and for investigations, we have the right context to take action."

"The best feature, in my opinion, is the ease of use, as well as some levels of machine learning anomaly detection that they have that can detect pivotal anomalies faster."

"The best feature, in my opinion, is the ease of use."

"There are many valuable features that I use in my daily work. The first are alerts and the event dossier that it generates, based on the severity. That is very insightful and helps me to have a security cap in our infrastructure. The second thing I like is the agent-based vulnerability management, which is the most accurate information."

More FortiCNAPP pros

Cons

"The area of improvement is the cost, which is high compared to other traditional endpoint protections."

"While SentinelOne offers robust security features, its higher cost may present a challenge for budget-conscious organizations."

"A few YouTube videos could be helpful. There isn't a lot of information out there to look at."

"The cloud-based operations might pose challenges in areas with limited or unavailable internet connectivity."

"Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email."

"There's room for improvement in the graphic explorer."

"The Singularity Cloud Security console is experiencing delays in clearing resolved issues, which can take over an hour to be removed from the display."

"They need more experienced support personnel."

More SentinelOne Singularity Cloud Security cons

"I want the role-based security feature to be improved."

"I think its TOA interfaces are still not that comfortable. The UI could be more user-friendly, easier to use."

"We've had some issues with connectors; the connectors have seemed to cause a little bit of trouble, perhaps with the APIs trying to scan the environment."

"The UI could be more user-friendly."

"The biggest challenge now, which is a good problem to have, with BMC Helix is content."

"We've had some with issues connectors. The connectors have seemed to have caused a little bit of trouble, perhaps with the APIs trying to scan the environment. The only time I've had to reach out to tech support was for that. It seems it may not have been scanning correctly or I wasn't seeing data within a specific time. But we've set up a couple of connectors in the past couple of weeks and they actually scanned the AWS environment and we had data within about 10 minutes. It's working a lot faster and I think they're making improvements as they go."

"BMC Helix Cloud Security has room for improvement in terms of integrating its various features."

"Every organization out there doesn't rely on just one control body. They use FISMA control. They may use HIPAA, CIS, PCI, or SOX, then blend them. One of the things that is now in big demand for BMC Helix Cloud Security is content. That's the next journey in its lifespan, making it easier for the community to share and collaborate on content for security controls that can be measured and remediated."

"In general, I would not recommend Lacework right now. There are more mature solutions that would be a better fit."

"Lacework has not reduced the number of alerts we get. We've actually had to add resources as a result of using it because the application requires a lot of people to understand it to get the value out of it properly."

"The vulnerability part is not systematically organized; it is all clumsy in the web UI, and it is not user-friendly."

"Its integrations with third-party SIEMs can be better. That is one of the things that we discussed with them."

"A feature that I have requested from them is the ability to sort alerts and policies based on a security framework. Right now, when you go into alerts, you have hundreds and hundreds of them that you have to manually pick. It would be useful to have categories for CIS Benchmark or SOC 2 and be able to display all the alerts and policies for one security framework."

"However, the solution could be more user-friendly and intuitive."

"Policy implementation is quite complex, and the stability will take more time for the solutions."

"There are a couple of the difficulties we encounter in the realm of cybersecurity, or security as a whole, that relate to potentially limited clarity. Having the capacity to perceive the configuration aspect and having the ability to contribute to it holds substantial advantages, in my view. It ranks high, primarily due to its role in guaranteeing compliance and the potential to uncover vulnerabilities, which could infiltrate the system and introduce potential risks. I had been exploring a specific feature that captured my interest. However, just yesterday, I participated in a product update session that announced the imminent arrival of this feature. The feature involves real-time alerting. This was something I had been anticipating, and it seems that this capability is now being integrated, possibly as part of threat intelligence. While anomaly events consistently and promptly appear in the console, certain alerts tend to experience delays before being displayed. Yet, with the recent product update, this issue is expected to be resolved. Currently, a comprehensive view of all policies is available within the console. However, I want a more tailored display of my compliance posture, focusing specifically on policies relevant to me. For instance, if I'm not subject to HIPAA regulations, I'd prefer not to see the HIPAA compliance details. It's worth noting that even with this request, there exists a filtering mechanism to control the type of compliance information visible. This flexibility provides a workaround to my preference, which is why it's challenging for me to definitively state my exact request."

More FortiCNAPP cons

Pricing and Cost Advice

"SentinelOne provided competitive pricing compared to other vendors, and we are satisfied with the deal."

"The price depends on the extension of the solution that you want to buy. If you want to buy just EDR, the price is less. XDR is a little bit more expensive. There are going to be different add-ons for Singularity."

"Singularity Cloud Workload Security's licensing and price were cheaper than the other solutions we looked at."

"SentinelOne is quite costly compared to other security platforms."

"For pricing, it currently seems to be in line with market rates."

"The cost for PingSafe is average when compared to other CSPM tools."

"PingSafe's pricing is good because it provides us with a solution."

"SentinelOne is relatively cheap. If ten is the most expensive, I would rate it a seven."

More SentinelOne Singularity Cloud Security pricing and cost advice

"It is a subscription model with term licensing that is usually yearly. This includes, not only the product, but support and maintenance. It is based on cloud assets. Therefore, if you have 100 cloud assets, those cloud assets are measured based on evaluation or transactions. For example, if I'm evaluating that cloud asset for CIS compliance, PCI compliance, and AWS best practices, that asset gets evaluated three times, as those are three transactions. However, the license model is based on peak asset usage. So, over a year, if you deploy 100, 1000, 500, and then 2000 assets, you will be charged for the 2000 peak of assets managed by Helix Cloud Security."

"The pricing is based on an annual subscription, upfront, and it's based on cloud assets. Whether your assets are in Azure and AWS combined, the tool tells you how many assets are being scanned and that's the number used for pricing."

"The pricing has gotten better. That scenario was somewhat unstable. They have a rather interesting licensing structure. I believe you get 200 resources per "Lacework unit." It was difficult, in the beginning, to figure out exactly what a "resource" was... That was a problem until about a year or so ago. They have improved it and it has stabilized quite a bit."

"It is slightly expensive. It depends on how big your environment is, but it is expensive. Right now, we are spending a lot of money. We have covered all of the cloud providers and most of our colocation facilities as well, so we cannot complain, but it is slightly expensive. It is not super expensive."

"The licensing fee was approximately $80,000 USD, per year."

"My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz."

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.

See recommendations

893,221 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

14%

Computer Software Company

11%

Manufacturing Company

Government

Construction Company

16%

Comms Service Provider

12%

Performing Arts

Financial Services Firm

11%

Computer Software Company

Manufacturing Company

Construction Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	52
Midsize Enterprise	23
Large Enterprise	58

No data available

By reviewers
Company Size	Count
Small Business	6
Midsize Enterprise	4
Large Enterprise	4

Questions from the Community

What do you like most about PingSafe?

The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...

See all answers

What is your experience regarding pricing and costs for PingSafe?

My experience with the pricing, setup costs, and licensing of SentinelOne Singularity Cloud Security is that the pric...

See all answers

What needs improvement with PingSafe?

Integration could be improved because not all solutions can be integrated with SentinelOne Singularity Cloud Security...

See all answers

Ask a question

Earn 20 points

What is your experience regarding pricing and costs for Lacework?

The pricing is a mediator compared to other products; it is not that much higher and not much lower than other produc...

See all answers

What needs improvement with Lacework?

Policy implementation is quite complex, and the stability will take more time for the solutions. There is definitely ...

See all answers

What is your primary use case for Lacework?

FortiCNAPP is mainly used from a security point of view. Some VPNs charge for their solutions, but Fortinet provides ...

See all answers

Comparisons

Wiz vs SentinelOne Singularity Cloud Security

Compared 8% of the time

Prisma Cloud by Palo Alto Networks vs SentinelOne Singularity Cloud Security

Compared 7% of the time

Microsoft Defender for Cloud vs SentinelOne Singularity Cloud Security

Compared 6% of the time

CrowdStrike Falcon Cloud Security vs SentinelOne Singularity Cloud Security

Compared 5% of the time

AWS GuardDuty vs SentinelOne Singularity Cloud Security

Compared 3% of the time

More SentinelOne Singularity Cloud Security Competitors

Zscaler Internet Access vs BMC Helix Cloud Security

Compared 9% of the time

Check Point CloudGuard CNAPP vs BMC Helix Cloud Security

Compared 8% of the time

Cisco Secure Workload vs BMC Helix Cloud Security

Compared 8% of the time

BMC Cloud Lifecycle Management vs BMC Helix Cloud Security

Compared 6% of the time

Snyk vs BMC Helix Cloud Security

Compared 4% of the time

More BMC Helix Cloud Security Competitors

Wiz vs FortiCNAPP

Compared 5% of the time

Prisma Cloud by Palo Alto Networks vs FortiCNAPP

Compared 5% of the time

Native vs FortiCNAPP

Compared 3% of the time

Tenable Cloud Security vs FortiCNAPP

Compared 3% of the time

AWS GuardDuty vs FortiCNAPP

Compared 2% of the time

More FortiCNAPP Competitors

Product Reports

Buyer's Guide

SentinelOne Singularity Cloud Security

April 2026

SentinelOne Singularity Cloud Security report

Download SentinelOne Singularity Cloud Security product report

Buyer's Guide

BMC Helix Cloud Security

May 2026

Download BMC Helix Cloud Security product report

Buyer's Guide

FortiCNAPP

May 2026

Download FortiCNAPP product report

Also Known As

PingSafe

TrueSight Cloud Security, SecOps Policy Service

Polygraph, FortiCNP, Lacework

Overview

SentinelOne Singularity Cloud Security offers a streamlined approach to cloud security with intuitive operation and strong integration capabilities for heightened threat detection and remediation efficiency.

Singularity Cloud Security stands out for its real-time detection and response, effectively minimizing detection and remediation timelines. Its automated remediation integrates smoothly with third-party tools enhancing operational efficiency. The comprehensive console ensures visibility and support for forensic investigations. Seamless platform integration and robust support for innovation are notable advantages. Areas for development include improved search functionality, affordability, better firewall capabilities for remote users, stable agents, comprehensive reporting, and efficient third-party integrations. Clarity in the interface, responsive support, and real-time alerting need enhancement, with a call for more automation and customization. Better scalability and cost-effective integration without compromising capabilities are desired.

What are SentinelOne Singularity Cloud Security's standout features?

Ease of Use: Intuitive operation simplifies navigation across platforms.
Real-Time Detection: Quick identification and response to threats.
Automated Remediation: Streamlines recovery processes with integration capabilities.
Forensic Visibility: Aids in thorough threat analysis and prevention strategies.
Comprehensive Console: Offers full visibility and historical data tracking.
Platform Integration: Supports seamless operation across cloud and hybrid environments.

What benefits should users expect from SentinelOne Singularity Cloud Security?

Enhanced Efficiency: Automation and third-party integration improve threat response.
Improved Detection: Reduces mean time to detect and respond to threats.
Operational Support: Comprehensive visibility and forensic tools aid operational decisions.
Cost Efficiency: Affordable integration with scaling capabilities without high overhead.

SentinelOne Singularity Cloud Security is deployed in industries needing robust cloud security posture management, endpoint protection, and threat hunting. Utilized frequently across AWS and Azure, it assists in monitoring, threat detection, and maintaining compliance in diverse environments while providing real-time alerts and recommendations for proactive threat management.

SentinelOne

BMC Helix Cloud Security offers a unified view for managing multicloud environments, ensuring compliance and enhancing security across AWS, Azure, and GCP through automated remediation and role-based security.

BMC Helix Cloud Security provides comprehensive multicloud security management, featuring automated remediation and support for regulatory compliance like GDPR and ISO 27001. Its intuitive dashboard allows users to identify vulnerabilities quickly and take action. With automated or manual control over security maintenance, it aligns with diverse organizational approaches. However, areas for improvement include content availability, integration enhancements, and clearer vulnerability reporting.

What are the key features of BMC Helix Cloud Security?

Automated Remediation: Streamline responses to detected threats automatically.
Role-Based Security: Offers granular security control tailored to user roles.
Container Security: Protects containerized environments effectively.
Regulatory Compliance: Aligns with standards such as GDPR and ISO 27001.
User-Friendly Dashboard: Simplifies vulnerability identification and action.

What benefits can users anticipate when reviewing BMC Helix Cloud Security?

Enhanced Security Posture: Improves threat detection and response speed.
Simplified Compliance: Eases adherence to industry standards.
Operational Efficiency: Automates routine checks and remediation, saving time.
Scalability: Supports diverse multicloud environments effortlessly.

BMC Helix Cloud Security is implemented to align cloud workloads with regulatory controls, mitigate security risks, and ensure adherence to CIS Controls. It supports IT operations integration and automates security measures, offering insights valuable for both internal processes and customer-facing deployments, particularly in industries utilizing AWS and Azure.

BMC Helix

FortiCNAPP is a comprehensive cloud security platform focusing on ease of use and machine learning-driven anomaly detection. It offers robust compliance reporting, seamless integration, and continuous monitoring, making it an essential tool for organizations managing multi-cloud environments and security configurations.

FortiCNAPP provides significant capabilities in cloud security, compliance, and vulnerability management. Designed for organizations needing efficient monitoring, it enables detection of anomalies across cloud infrastructures while optimizing security posture and ensuring compliance with environments like AWS and GCP. The platform offers in-depth insights through scanning of IAC scripts, host systems, and cloud configurations. Recognized for effectively managing security posture, it safeguards Kubernetes and container environments, providing comprehensive threat detection and response. However, some areas like visibility, IAM security controls, and compliance metrics need improvement. Users face challenges with alert setup and lack intuitive design, alongside issues like FedRAMP authorization absence and complexity in the data model.

What are the key features of FortiCNAPP?

Ease of Use: FortiCNAPP simplifies security management for cloud environments.
Machine Learning Anomaly Detection: Automatically identifies and prioritizes threats.
Compliance Reporting: Streamlines compliance procedures and reporting.
Seamless Integration: Ensures smooth operation across multi-cloud environments.
Continuous Monitoring: Provides ongoing oversight of security vulnerabilities.
Multi-Cloud Integration: Enables swift response to misconfigurations and vulnerabilities.

What benefits should users expect when evaluating FortiCNAPP?

Time Efficiency: Reduces time spent on compliance and threat management.
Improved Security Posture: Enhances protection for cloud and container environments.
Valuable Security Insights: Provides in-depth analysis for proactive threat response.
Noise Reduction: Distills security logs to minimize alert fatigue.
Operational Effectiveness: Facilitates seamless multi-cloud security management.

FortiCNAPP is implemented extensively by industries needing reliable cloud security, such as finance, healthcare, and technology sectors. It supports organizations in enhancing cloud infrastructure protection, ensuring compliance, and strengthening vulnerability management. By integrating with platforms like AWS and GCP, businesses can optimize security posture in their cloud deployments.

Fortinet

Sample Customers

Information Not Available

NHS, Vodafone, Kansas City Life, SKY Italia, Cybera

J.Crew, AdRoll, Snowflake, VMWare, Iterable, Pure Storage, TrueCar, NerdWallet, and more.

Buyer's Guide

BMC Helix Cloud Security vs. FortiCNAPP

April 2026

Free Report: BMC Helix Cloud Security vs. FortiCNAPP

Find out what your peers are saying about BMC Helix Cloud Security vs. FortiCNAPP and other solutions. Updated: April 2026.

DOWNLOAD NOW

893,221 professionals have used our research since 2012.

See our BMC Helix Cloud Security vs. FortiCNAPP report.

See our list of best Cloud Workload Protection Platforms (CWPP) vendors and best Cloud Security Posture Management (CSPM) vendors.

We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.