Latest on critical Apache Log4j vulnerability   Read More >

Lacework Cloud Care

Whether you’re a Lacework customer or not, we’re here to help with our free Cloud Care, a Log4j rescue program. Get access to:

Simplify Audit Preparation and Evidence Collection

Watch Demo

Audit and Cloud Configuration Compliance for Multicloud Environments Made Easy

Audit all of your cloud platform configurations and activity in one place as you confidently address your risks by improving your security and compliance posture.

The Power of Polygraph® for Configuration Compliance

Lacework’s foundation is Polygraph, a deep temporal baseline built from collecting high fidelity machine,process, and user interactions over a period of time. The Polygraph is used to detect anomalies, generate appropriate alerts, and provide a tool for users to investigate and triage issues.

Fundamentally, Lacework’s Polygraph technology develops a dynamic behavioral and communication model of your services and unique infrastructure. The model understands natural hierarchies for processes, containers, pods, and machines and aggregates them to develop behavioral models. A behavioral model is, in some sense, the essence of how a customer’s infrastructure operates. With this model, Polygraph monitors your infrastructure for activities that fall outside the model. In addition, Polygraph continually updates its models as your data center behavior changes.

Spot IaaS account configurations that violate compliance and security best practices that could put your company at risk with Lacework’s comprehensive configuration compliance monitoring tools for enterprise DevOps teams.


FAQs About Lacework's Configuration Compliance Solution

Lacework uses best practice checks including CIS benchmarks to evaluate security relevant configurations in Amazon AWS, Google GCP, and Microsoft Azure.

Lacework has mappings to PCI, HIPAA, SOC 2, and NIST 800-54 Rev 4.

Lacework supports continuous monitoring of your configurations in your cloud accounts. As configurations drift from best practices, they are detected and an alert is generated. These alerts can be configured to be sent to many of the common alert tools such as Slack, Splunk, Pagerduty, etc.

Lacework has checks for AWS, Azure, and GCP. Lacework provides a single platform that can can support compliance efforts without the need for deploying multiple tools for each cloud provider.

Lacework performs configuration checks based on industry accepted best practices such as CIS. Lacework will then supply reports listing all resources that are in violation, which support remediation efforts. These reports can then be provided to auditors to act as evidence of meeting compliance requirements.