Blog

cloudsecuritythisweek

Cloud Security This Week – March 29, 2019

New From Lacework Security Relevance Can’t Be Bought Surprisingly, some security vendors see the confusion in the problem and apply confusion to the solution. Palo Alto Networks has taken the approach that variety and inconsistency make for a compelling security story.  Avoiding Limitations of Traditional Approaches to Security To get a better understanding of the […]

Read More…

There Are a Lot of Ways to Get Cloud Security Wrong

There Are a Lot of Ways to Get Cloud Security Wrong

In a previous blog on new approaches to security, we looked at how traditional data center defenses were designed to protect a defined perimeter by monitoring and controlling data that moves in and out of the network environment. Defending the perimeter requires a layered defense strategy that typically includes routers, firewalls, antivirus protection, and access/ID […]

Read More…

Lacework is purpose-built for cloud and container security; Palo Alto Networks is employing a duct tape strategy.

Security Relevance Can’t Be Bought

Lacework is purpose-built for cloud and container security; Palo Alto Networks is employing a duct tape strategy.   Those of us who sweat the details of things like configurations and file integrity monitoring know that complexity and imprecision are our constant enemies. Enterprise data lives and functions in a massively complex, continuously changing state that […]

Read More…

Cloud Security This Week – March 22, 2019

New from Lacework Integrating DevOps and Security While DevOps emphasizes speed, it has not always necessarily focused as much on security. Learn the three key practices that are critical to integrating the processes and mindsets of DevOps and SecOps. Triaging a CryptoSink Infection in 5 Minutes with Lacework When triaging an alert, a security analyst […]

Read More…

Integrating DevOps and Security

Integrating DevOps and Security

With the cloud, enterprises gain operational and management advantages of agility, scalability, and ease of use. The cloud also enables IT teams to apply continuous integration/continuous deployment (CI/CD) methods to deliver applications and functionality rapidly. To capitalize on the capabilities of the cloud, many organizations are turning to a development and delivery methodology known as […]

Read More…

Triaging a CryptoSink Infection in 5 Minutes with Lacework

Triaging a CryptoSink Infection in 5 Minutes with Lacework

In medical terms, triage is the assignment of degrees of urgency to wounds or illnesses to decide the order of treatment of a large number of patients or casualties. For security practitioners, triage is assigning priorities and order to security events. When triaging an alert, a security analyst needs to quickly and accurately determine if […]

Read More…

The Cloud’s Unique Security Challenges

The Cloud’s Unique Security Challenges

One of the greatest cloud security challenges comes from the fact that the cloud delivers its infrastructure components, things like gateways, servers, storage, compute, and all the resources and assets that make up the cloud platform environment, as virtual services. There is no traditional network or infrastructure architecture in the cloud. Deploying workloads into the […]

Read More…

Anomaly Detection vs. Rules: Better Security Insights, Designed for the Modern Enterprise

Anomaly Detection vs. Rules: Better Security Insights, Designed for the Modern Enterprise

Traditionally with monitoring tools – whether security, application, or infrastructure – it’s necessary to invest considerable time configuring the product and writing rules that are specific to your environment. This is done so your team gets the right alerts on issues that run counter to your requirements and environmental setup. With innovations in machine learning […]

Read More…

Container Security: A Popular Topic at BSidesSF ‘19

Container Security: A Popular Topic at BSidesSF ‘19

Before the masses assembled for RSAC, BSidesSF 2019 took place at the Metreon AMC 16 in San Francisco, CA. As it turns out, a movie theater is an amazing venue for a conference like BSides. Talks were held in the City View movie theaters and even the IMAX theater, which happens to be the 3rd […]

Read More…

CloudSecurityThisWeekLacework03012019

Cloud Security This Week – March 1, 2019

New from Lacework Lacework at RSA Lacework is going to rock RSA, and we want you to join us! Here’s a guide to all the Lacework parties, sessions, panels, and secrets to getting our sweet swag. Booth #4603 – we’ll be there with the volume cranked up to 11! Avoiding Container Vulnerabilities To get a […]

Read More…