Blog

Secure DevOps with Datadog and Lacework

Secure DevOps with Datadog and Lacework

Last month I blogged about the need for a New Generation of Security and highlighted two critical shifts: the shift from conflict to collaboration and the shift from centralized to distributed. And today we are excited to announce that we have partnered with Datadog to enable our joint customers to level up their security and […]

Read More…

time-for-new-generation-security

It’s Time for a New Generation of Security

Today we announced a new series of funding from an incredible group of investors and entrepreneurs who have built companies like Snowflake Computing and Pure Storage from the ground up. Like both Snowflake and Pure, we have built a new modern platform that is purpose fit for a new IT trend, Security for the Cloud and […]

Read More…

Lacework Shifts Left

The Shift is On: Why Lacework is Extending Security From Run Time to Build Time

Software Requirements: FAST. GOOD. CHEAP. Choose any two… When I started my career as an engineer, that was a joke we used to kick around. That was at a time when development projects ran into multiple quarters and often relied on layers of project managers to keep other projects managers honest, so those project managers […]

Read More…

Lacework: Leading the Way From Product to Platforms

Lacework: Leading the Way From Product to Platforms

This has been a busy, and quite humbling week for me as I have accepted the position as CEO of Lacework. I already feel fortunate to work with this extraordinarily talented and energetic team, but now I’ll have the opportunity to help them execute a strategy to establish Lacework as the most innovative, customer-focused security […]

Read More…

Redis Compromise: Lacework Detection

Recently we published a blog on the internals of a Redis compromise with an infection on one of our external-facing honeypots and this is a follow up which demonstrates how the Lacework service would help identify the attack at a variety of stages in the attacker life-cycle. As I outlined in a previous blog about the […]

Read More…

Containers At-Risk: A Review of 21,000 Cloud Environments

Securing your workloads in public clouds requires a different approach than that used for traditional data centers. The need to operate security at cloud speed, respond to continuous change, adapt at scale, and operate with a new operating model all require a dramatic shift in the type of container security solution required by today’s operation. […]

Read More…

Timing Security Market Transitions

Timing Security Market Transitions

On the heels of the ZScaler IPO, the Phantom Cyber, and Evident.IO acquisitions, and the DUO unicorn round, I thought I would share some of my personal thoughts around market transitions in security. And, in particular how it pertains to cloud. Note: This is not a piece about why security startups fail. And, although missing a […]

Read More…

Refocus on What Matters: Risks vs Threats

After visiting the RSA Conference (yes I walked the infamous show floor) I decided to zoom out on what I saw and think about where we are spending our time, resources, and investments as an industry. The one thing that came to me is that we certainly spend a lot of time talking about threats. […]

Read More…

Driving Towards Least Privilege in AWS: A Baker’s Dozen 

I have learned a lot in the past few years about running and securing public cloud infrastructure and thought I would share some areas that I believe are important. This SlideShare presentation is meant to be a self-read narrative of 13 things to think about AWS security and the move towards least privileged systems. Enjoy, […]

Read More…

Visibility: A Technical Chauffeur of Data, Part III

This is part 3 of 4 in a blog series on key trends in securing the public cloud. Gaining visibility into the operational data you need is often underestimated when organizations deploy to the public cloud. It’s not like you can simply deploy a layer 2 span port and see all traffic in a single […]

Read More…

Together We Create

Bridging the Gap Between Security and DevOps, Part I

As we head into the New Year I’d like to share some trends I am noticing in the market around securing public clouds and decided to start a four-part series around it. Here in the Bay Area, we have several bridges that connect us. From the more well-known Golden Gate and Bay bridges to the lesser […]

Read More…

AWS re:Invent Recap: Is This the end of the Enterprise Security Market?

I just returned from AWS re:Invent in Las Vegas and thought I would share my thoughts on the conference and, as you will see, and much to my excitement, security was the main topic in many ways. Incredible Momentum As Andy Jassy pointed outlined in his keynote, AWS continues to have incredible momentum with greater […]

Read More…

The Breach: You Can’t Secure What You Can’t See

As I am sure you have read in the news, an AWS account was allegedly used as a means to access and exfiltrate data. Although I am not sure we will find out the real details, it looks like a relatively straightforward breach. On the surface it appears as though there was no malware installed, […]

Read More…

Why I joined Lacework: the opportunity to define a better approach to Securing the Cloud

Over the last two years I have spent a tremendous amount of time talking to top security executives, operators, and responders about their top concerns and projects they are looking to tackle. What I heard consistently is that securing the public cloud infrastructure was high, if not number one, on their list. For cloud-native companies, […]

Read More…