In the years before the cloud revolution, the laws of software development were a settled matter. Big software dreams needed big developer teams. Updates were risky, so cautious coders trickled out new releases with great effort and trepidation. And security was an endless slugfest of attacks and patches, punches and counterpunches.
No more. Those once immutable laws of software have crumbled, replaced with new rules driven by the cloud. Small, hungry development teams roar and change the world. Code goes into production at white-knuckle speed. Everything is connected, everything is available, right now. Agile businesses rejoice and thrill to the power of velocity.
But security hasn’t come along for the ride. Traditional policy-centric detection and log-based investigations are a cloud professional’s nightmare. Continuous application delivery, sophisticated cyber attacks, and insider threats are a life sentence of rule development, event correlation, and catch up. Existing security tools and practices aren’t agile or effective, and they’re not right for today’s cloud environments.
Two years ago we saw the future and realized the cloud was going to need faster, more capable security. So we founded Lacework and started building it.
We attacked the cloud security problem from a completely new direction that wouldn’t slow things down with rules, policies, and log analysis. We started with the realization that every datacenter, every workload, every user, every container, and every process has its own truth. And any departure from that truth signals a potential attack. Inspired by this insight, we created Lacework Polygraph, a zero-touch solution for cloud workload security.
At Polygraph’s core you’ll find Lacework’s deep temporal baseline. The baseline uses big data analytics and machine learning to capture, correlate, and organize the hundreds or thousands of logins, connections, users, workloads, processes, and containers that make up a cloud operation. By comparing current operations to the baseline we can immediately spot security incidents in their infancy – even when entities are misconfigured or unpatched, and even when a privileged insider is behind the mischief.
Today our customers use Polygraph for breach detection, incident investigation, insider threat management, and DevSecOps insights on their public, private, and hybrid cloud workloads. Polygraph tells the story of every breach – when it happened, how it worked, and what was hit – so you can stop it, fix it, and move on. Now security professionals can rejoice too, and feel the thrill of velocity. Ask us for a demo or trial – we’re excited to share it with you.