Blog

5 Highlights From an Exceptional Year at Lacework

As the year comes to a close, it’s fitting to take time to reflect on the past twelve months and take stock of what we have accomplished at Lacework. It was undoubtedly an eventful year in the history of our company, which was validated by a major funding round, the doubling in size of our […]

Read More…

Cloud Security This Week – December 21, 2018

New from Lacework Kubernetes CVE-2018-1002105 Given the release of CVE-2018-1002105, visibility and threat detection for your Kubernetes cluster is paramount. Kubernetes clusters can become very complex very fast. It’s important to stay a step ahead and have the insights you need to protect your cluster. My Mom is Sick and Tired of Your Weak S3 […]

Read More…

Without Effective Security, Your Cloud Will be Giving AND Receiving This Holiday Season.

Is Your Cloud Giving or Receiving This Holiday Season?

From giving hackers easy access without enabling MFA, to improperly configured access control lists, here’s what your cloud will be giving and receiving this holiday season without effective security.          […]

Read More…

Blog | My Mom is Sick and Tired of Your Weak S3 Bucket Policies

My Mom is Sick and Tired of Your Weak S3 Bucket Policies

Cloud security has headlined so many stories over the past year that the term “leaky S3 bucket” even rolls off the tongue of my mother with ease and accuracy. Indeed, S3 bucket issues have become almost shorthand for the vulnerabilities that IT infrastructures face in the cloud, but they highlight just one problem among an […]

Read More…

Kubernetes CVE-2018-1002105

On December 3rd a critical Kubernetes vulnerability was announced under CVE-2018-1002105. This vulnerability scored a 9.8 out 10 on the Common Vulnerability Scoring System (CVSS). The vulnerability stems from an issue with Kubernetes API Server (kube-apiserver) handling proxy requests when upgrading to WebSockets. The vulnerability ultimately can allow authenticated and unauthenticated users to make API […]

Read More…

Cloud Security This Week – December 14, 2018

New from Lacework AWS Spot Instance and Cloud Security All cloud providers have some type of a compute product offering which lets the user bid for the resource they need to complete or for more tasks. Amazon web services has led the way, offering a low cost EC2 usage option called Spot Instance. The model […]

Read More…

Kubernetes

Lacework Announces Kubernetes Support in End-to-End Cloud Security Platform

Mountain View, Calif. – December 10, 2018 –  Lacework®, the industry’s first solution to bring automation, speed, and scale to cloud security, today announced support for Kubernetes container orchestration. With this update to the product, Lacework customers will now have comprehensive threat detection for Kubernetes dashboards, pods, management nodes, and clusters, in addition to end-to-end […]

Read More…