Increasing multicloud visibility and enabling innovation, from gaming to healthtech - Lacework

Increasing multicloud visibility and enabling innovation, from gaming to healthtech

Lacework Editorial

July 14, 2022

More flexibility and visibility with agentless coverage for workloadsHow do Lacework customers solve crucial cloud security challenges with our Polygraph® Data Platform? Case studies give us the opportunity to share some of these stories in detail. Recapped below are the five most recent ones we’ve published. They span a range of industries (e.g., gaming, tech, healthcare) and speak to a variety of customer needs, from increasing visibility into cloud environments to strengthening compliance reporting. Check out the summaries to get a taste of how Lacework has maximized our customers’ safety and efficiency.

Pocket Gems seeks to build the greatest mobile games and interactive entertainment in the world, continually releasing new content for their storytelling network and platform. To protect player data and receive comprehensive visibility across their multicloud environments, they needed a platform that could provide end-to-end protection. “Our search for a robust cloud security platform was met by the ability for the Lacework agent to provide so much added detail,” explained Mike Booth, IT Systems Engineer. “Lacework quickly gave us the visibility that led to an immediate grasp on what we need to do to keep our players safe.” From revealing hidden cloud vulnerabilities to ranking issues by severity, Lacework facilitated decision-making among the Pocket Gems security team — and reinforced their commitment to protecting player security and data.

Snowplow provides a platform to enable any company to collect first-party granular behavioral data for themselves, in their own cloud account, so that data practitioners can free themselves from the constraints imposed by web analytics vendors. To support their organizational growth, Snowplow realized the value of a solution that could automate rule-writing and improve their information security position. So far, they have successfully used Lacework to secure their Amazon Web Services (AWS) and Google Cloud environments, and plan to implement it as they expand into Azure. Snowplow has also gained intrusion detection capabilities and brought both confidence and efficiency to their compliance process. “Going forward, we can show that we have not only certain policies, but also a report from Lacework that demonstrates to what extent we’re implementing those policies,” noted Steve Coppin-Smith, Vice President of Engineering. “We could proactively share Lacework screenshots and illustrate that we were compliant to relevant areas of the standard.”

ActivePipe is an innovative email marketing platform designed to solve the unique challenges of real estate and mortgage broking professionals. With a small engineering team, they sought a single solution to automate some of the work by providing visibility, vulnerability protection, and compliance across their cloud environments. “Being able to implement Lacework means we’re able to get that security coverage early on without having to build out an entire security team,” said Chief Technology Officer Michael Messig. “Lacework fits in perfectly for companies that care about security, but aren’t big enough to have a whole team.” Now, Messig’s team can work with greater safety and efficiency: they receive a handful of alerts each day, and can easily prioritize vulnerabilities by logging in to the platform. Increased visibility from Lacework also allows ActivePipe to respond swiftly to their own customers’ questions and concerns.  

By accelerating patient recruitment for clinical trials, Clariness brings new medicines and treatments to patients faster. Gopi Krishnamurthy, the Vice President of Product and Engineering, wanted to implement a shift-left security mindset. “I started looking into solutions that could scale, that could be intelligent, and that could provide insight into patterns so we could use machine power to augment human power,” shared Krishnamurthy. Clariness worked closely with Lacework Professional Services to conduct a cloud security assessment, creating a strategic plan to achieve their security posture and compliance goals. Since adopting Lacework, Clariness has embedded security into their process to establish a robust DevSecOps discipline. They have adopted best practices for compliance audits, including CIS Benchmarks and ISO 27001. And they have patched gaps resulting from years of work on their legacy infrastructure. “Thanks to actionable insights from Lacework, we fixed 20 critical vulnerabilities in the first week after the cloud security assessment,” Krishnamurthy stated. 

With the goal of protecting the world’s most sensitive data, Protegrity operates a platform that enables businesses to create better customer experiences and fuel innovation. They are a true multicloud organization, using AWS, Google Cloud, and Azure, in addition to Kubernetes. To increase visibility into these environments and strengthen their compliance reporting abilities, Protegrity turned to Lacework. Instantly, they discovered a platform that could help them achieve their compliance goals. “I was impressed that Lacework offered the entire CIS Benchmarks suite and also provided monitoring for ISO, HIPAA, PCI, NIST, and SOC controls,” said Goutam Chatterjee, Senior Application and Cloud Security Engineer. Scott Ingram, Director of Information Security, added, “Lacework identified major blind spots across our cloud environments, which is leading to Protegrity’s successful ISO 27001 certification.” With Lacework, the Protegrity team has also enjoyed a 10x drop in alerting from production areas, valuable file integrity monitoring (FIM) abilities, and the visibility they need to prevent breaches.

For more detail on how our single-platform solution helped Lacework customers meet and exceed their security goals, read the case studies in full