Lacework Achieves AWS Container Security Competency Status
April 22, 2021
Lacework is pleased to announce that we were recently awarded the AWS Container Security competency. This designation recognizes Lacework’s technical capabilities and proven success in helping companies detect and visualize threats in containerized environments.
As organizations continue to embrace containers, it is even more critical that they rigorously secure their containers as it is the rest of your environment, but their ephemeral nature presents unique challenges. Achieving the AWS Container Competency is an external validation of Lacework’s ability to solve the container security problem in a differentiated way. To receive the prestigious AWS Container Security Competency designation, partners must undergo a rigorous technical validation and introduce customers successfully leveraging this approach.
Visualize your containerized environments in real-time
Lacework has been resolving the container security gap for several years. In fact, the majority of our customers have embraced Lacework’s unique container security approach to:
- See which containers are running, the applications running w/in them, and the relationship of those applications with other applications and services
- Understand the container vulnerabilities that actually leave their organizations vulnerable – in real time
- Maintain a historical view of what has happened in their containers, even after they are long since removed
- Protect their containers in the same way you protect the rest of their cloud environment, with one platform and a single pane of glass
Proven experience to help you protect your containers with confidence
Customers like Pindrop, Poka and Marqueta are just a few examples of how Lacework has enabled organizations protect their containerized environments with ease. Let’s talk about how we can help you protect yours!
Interested in learning more about how Lacework can secure your containers? Watch the demo video, visit our container security web page, and download our “How to Accelerate Container Security Adoption” ebook.
For more information about the other AWS-related capabilities that Lacework recently announced, visit the blog “Lacework Expands Security, Visibility, and Automation Across AWS Environments”.
Following is a transcript of the embedded video “Protecting Your Containers with Lacework”
Lacework was recently awarded the AWS container competency. This designation recognizes Lacework’s technical capabilities and proven success helping companies detect and visualize threats in containerized environments.
I’d like to walk you through today some of the features and functions that Lacework provides, We are going to start with vulnerability scanning. Lacework integrates directly into the registries, utilizing common workflows used today in your pipelines to ensure that you can get the data, where it matters to you and your team. We provide you with a list of all the containers and what vulnerabilities they have.
If we dive in a little bit to a specific container. We will a list of all of the layers within the container, the package name, the current version, and if there’s a fixed version for it. We will also see what layer was introduced, and how it was introduced into the container.
Additionally, we make it easy to filter just by the most critical vulnerabilities. Lacework also highlights those things that you can actually do something about (i.e. show me the patches that have fixes available for them).
At Lacework, we really do believe in integrating into the workflows that you have in place today. While it’s great to have this visual representation of these vulnerabilities, Lacework also makes it easy to pull the same data through our API. You can also utilize the Lacework CLI interface to integrate within your pipelines.
Once you have this information, that’s really not enough. It’s great to know that you are vulnerable, but what are you actually going to do about it. As you can see, in this view, I can see, wow, I’ve got a lot of critical vulnerabilities, and I don’t know where I should start. At the top you can see that I’ve got 48 critical vulnerabilities with a ton of fixes that I could potentially do something about. Do I start there? Or maybe I start a little lower on the list where I’ve got less critical vulnerabilities. I’m just not really sure.
Well, with Lacework, because we integrate at both the build-time as well as run-time, realm to give you visibility and help you not just see your vulnerabilities, but prioritize them. So on the right here you’re starting to see some additional information. We have the number of containers that we actually see running and deployed within your environment. This can help you understand that, is this just a container that sitting somewhere and not really doing anything? Or is it actually a container that’s deployed, and something that I care about that I should probably fix?
This is where we start showing you how we go beyond just vulnerability scanning and give you true vulnerability management without you needing to spend a lot of time doing that data science connecting the runtime to that build time for your containers.
Let’s dive into the visibility that Lacework gives you. What we’re looking at here is the container dossier. This is going to give you a lot of high-level information about what’s deployed in your environment. But what I really want to start with here is what we refer to as a Polygraph. This is a visualization of all the actual application communication in your environment. From this view what we’re really looking at, is how your containers are talking with inbound connections as well as the outbound communications from them. It allows you to answer questions really easily, such as “do I have external connections coming into my environment, And if so, where are those coming into?” As you can see here, I’ve been able to identify exactly which containers are receiving those internal and external connections. This also helps me prioritize which containers have the most exposure and I need to pay the most attention to from a security perspective.
If we come down further, we also see a full list of active containers within my environment. This helps you answer the questions “do I care about patching this thing that has vulnerabilities, and what does this mean in context?” From this view, I now have a list of just the active things within my environment. I’m no longer stuck looking at a list of hundreds and thousands of containers within a vulnerability report and trying to figure out what matters. With Lacework, it’s all here for me directly and I can go back to that Polygraph and I can start searching and understanding the context of these containers within my environment.
However, it’s not just about seeing the container running. With Lacework, you can get that deep information into the container, all the way to the commands that were being run inside of it. You can see things like ports that are running.
This is a lot of data, and it could be a lot to deal with, so the other question that Lacework always focuses on is automation. We help you understand what is meant to be happening in your environment, what is normal for your environment, and take all this mess and turn it into meaningful activities. This is where Lacework’s machine learning comes into place. We have deep visibility and understanding of the containers, what they’re doing, and how they’re behaving. If something new gets introduced into the environment that potentially could be a risk. Lacework will automate the process and alert you that something happened. We provide the appropriate context within the container that allows you to understand what is happening and what you need to do next.