Lacework leverages Amazon GuardDuty and AWS built-in for advanced cloud detection and response

New Lacework integrations debuting at AWS re:Inforce 2023

Erin K. BanksJune 13, 20233 min read

If you’re a cybersecurity professional, you’ve probably read these stats from the 2022 IBM Cost of Breach report: in 2022, it took an average of 277 days — about 9 months — to identify and contain a breach. Reducing the time it takes to identify and contain a data breach to 200 days or less can save an average of $1.12 million.  

If you are trying to reduce this average time, then Lacework® has some amazing news for you. Today, Lacework is thrilled to announce joint solutions with Amazon Web Services (AWS) that can not only automate the accurate deployment of multiple product integrations, but also shorten that window where bad actors might do damage — effectively reducing the time it takes to investigate potential threats and speeding remediation. 

Lacework launches new composite alert featuring Amazon GuardDuty detections

Earlier this year, we announced the creation of Lacework composite alerts. As an essential component of cloud detection and response (CDR), Lacework composite alerts detect active cloud attacks earlier by automatically correlating disparate alerts, including lower severity security events that otherwise go unnoticed by security teams. 

Lacework has now added a powerful new integration that enriches Lacework threat investigations with findings from Amazon GuardDuty. By combining Amazon GuardDuty findings with the Lacework insights from our composite alerts, you have an enhanced layer of security insights and context in a single location, no longer needing to correlate data across multiple products to build an understanding of what was compromised. Relevant Amazon GuardDuty findings are displayed directly within the composite alerts under the Lacework alerts tab. The result is both known and unknown threats are surfaced faster, reducing false positives and investigation time — and guarding against potentially costly breaches.

We invite you to see it for yourself with this short, guided tour.

Automatic deployment with AWS built-in

Configuring multiple solutions can take time and cause frustration. With the Lacework and AWS built-in package, you now have the ability to integrate Lacework with AWS Control Tower, AWS CloudTrail, Amazon GuardDuty, AWS Security Hub, and other Amazon security services using a CloudFormation template without any additional manual configuration. It’s truly your deployment “easy button.” When a new AWS account is added to your organization, Lacework’s Control Tower integration ensures Amazon GuardDuty monitoring is automatically applied to the new account. And, as part of the new GuardDuty integration, findings from the new account are automatically delivered to Lacework via Security Hub.

Why is this important? By streamlining the deployment process, organizations can reduce manual effort, optimize efficiency, and maximize the value derived from their cloud security investments. This approach not only enhances security posture but also empowers you and your teams to achieve your goals effectively and efficiently in your dynamic cloud environment.

Go further, faster with Lacework and AWS

We are delighted to be a Platinum sponsor at AWS re:Inforce, and we look forward to discussing your cloud security needs in-person. Come see us in booth #634 or in the AWS Security & MSSP Partner Theater (booth 200) on June 13 where we will be showcasing these new integrations. You can always learn more about how Lacework works with AWS by visiting

Suggested for you