More flexibility and visibility with agentless coverage for workloads - Lacework

More flexibility and visibility with agentless coverage for workloads

Aditi Mukherjee Director, Product Marketing Management

June 2, 2022

More flexibility and visibility with agentless coverage for workloadsSpeed and agility are two primary benefits of cloud computing, but neither are possible without aligning security to those goals — something that’s easier said than done! 

The first step in securing anything is knowing what you have and where it lives. This is why securing dynamic cloud environments is a near-impossible task for security teams. Things are constantly changing and moving. Everything is in motion, all the time.

As one customer told us, “We have siloed teams using cloud accounts. We have no idea what’s in that environment and what needs to be secured. We don’t even have access to all the environments. I want an ‘easy button’ that shows me the abstract risk across my entire environment, even if I can’t remediate all the issues immediately.”

The challenge is real for organizations in all stages of cloud maturity, and it’s our goal to meet you where you’re at on your journey to secure your unique cloud environment. That said, a flexible approach is fundamentally required to provide the necessary visibility and control without disrupting the speed and agility of your business.

Agentless: One more way to get comprehensive visibility into your runtime environment

This morning we announced new agentless workload scanning capabilities, making it simple for your security teams to gain comprehensive visibility into your cloud workloads, without the use of agents. Just connect your cloud accounts to Lacework and… voila! You can scan and detect vulnerability risk across your entire runtime environment — all hosts, containers, and application language libraries — within a few minutes. 

Now consider how easy it is to operationalize security with this option. No need to get organizational buy-in. No need for anyone to install or maintain any additional resources or software. No deployment friction. 

With a quick setup, you can gain a clear understanding of what’s actively running in your cloud environment. Then security teams can easily prioritize the remediation of vulnerability work items and improve security posture for a faster time to value. 

Currently in Alpha, the solution supports vulnerability scanning on Linux workloads in AWS. Lacework will progressively extend agentless capabilities to deliver more security insights and support even more cloud environments.

It’s the ‘easy button,’ which can help you gain more coverage with minimal friction.

Agentless plus agent for a full view of the cloud

It’s simple — the more data you collect, the better visibility and coverage you gain. As we’ve always said, cloud security is fundamentally a data problem. 

But cloud-native environments are dynamic by nature, with constantly evolving technologies and ephemeral workloads. Your siloed teams could be creating hundreds of cloud accounts and be using many different cloud workloads without your security team’s awareness. Cloud vulnerabilities, both known and unknown, can exist anywhere. 

With agentless coverage for workloads, your teams have more flexibility in how they deploy and can combine different data collection mechanisms to meet their diverse security and business needs.  With Lacework, you can seamlessly combine agentless workload scanning with an agent-based approach —the approach which provides the best level of continuous monitoring and security — to get a full view of your cloud environment.

This means for some customers, agentless workload scanning is a great way to start building their cloud security foundation. For example, your security teams may, by default, want a comprehensive view of vulnerability risks when onboarding new cloud accounts. Then, they may choose to add agents on more sensitive or operationally mature environments for continuous monitoring and runtime detection of threats. 

For other customers, they may use an agentless solution to collect data from hard-to-reach places and augment their security with agent-based runtime insights for maximum value and deeper analysis. Whatever your situation, Lacework provides more flexibility and choice so you can make the best decision for your environment, based on your unique needs. 

More visibility and flexibility with Lacework

For years, Lacework has helped customers understand what’s happening in their cloud environments and prioritize issues through deep telemetry, machine learning, behavioral analytics, and anomaly detection. The Lacework platform automates cloud security with combined agentless and agent-based capabilities, providing complete security visibility across your entire cloud footprint. This way, you can focus on what matters most — reducing costs, eliminating risk, and scaling in the cloud.

Previously our platform included agentless capabilities that leverage cloud APIs and scanners directly integrated into Github and your container registries to collect data to identify misconfigurations, vulnerabilities, and compliance violations during the build process. Customers rely on these capabilities to automatically block the build or deployment of risky containers to stay secure and compliant as well as detect anomalous administrative activities in cloud environments by ingesting and analyzing cloud audit logs. For example, security teams can detect suspicious events, for example, when a new user tries to create or delete an EC2 or S3 instance, or when a user tries to change keys or policies on a cloud account or add new privileged users. 

Our new agentless capabilities now extend beyond the build phase and log analysis. Now, with agentless workload scanning, you can now get visibility into vulnerability risks across an entire AWS environment – including active hosts, containers, and application language libraries – with an easy, one-time deployment. Lacework will progressively extend agentless capabilities to deliver more security insights across more cloud environments.

Finally, the answer to “agent versus agentless”

If you have been around the security industry for any time at all, you’ve probably witnessed the endless “agent versus agentless” debate. Here’s the truth: most organizations need both to get a full view of your cloud environment. By combining different methods, they can have the flexibility to collect data about their environment in the most effective way possible. This approach gives maximum results. No more surprises. No more blindspots. No more guesswork. Read the whitepaper to learn how you can build an effective cloud security strategy with a layered approach.

There are many solutions on the market — all with their own strengths and weaknesses. But at the end of the day, choosing the “best solution” really comes to how you balance your specific needs for security and ease of use. Here’s our promise: with Lacework, you can find and focus on the cloud security issues that truly matter to your business — without worrying about the underlying architecture. 

So maybe your journey begins with our new agentless runtime scanner and eventually ventures into an agent-based approach? Or perhaps the other way around? Whichever way you choose, rest assured that your workloads will be protected by a tried and true platform.