Blog

Cloud Security This Week - October 12, 2018

Cloud Security This Week – October 12, 2018

  New from Lacework Network Security Vendors Are Trying to Buy Their Way Into Relevance Consolidation, investment, and acquisition in the security market is a great validation that demand for the cloud continues at a breakneck pace. But it’s not necessarily making customers safer.   Inside Lacework: Set Up Lacework with AWS We cover how […]

Read More…

History is repeating itself with cybersecurity acquisitions. It’s NOT making organizations safer.

The New Security Stack: While old school security vendors are trying to buy their way into relevance, it’s still not making organizations any safer

Photo by Jacek Dylag on Unsplash We’ve heard it a million times: those who don’t learn from history are doomed to repeat it. Some of us take heed, while most figure we can beat history on our own terms. What we can’t beat, however is evolution. Evolution has brought us, both from a technology and […]

Read More…

Cybersecurity is Everyone’s Business, All the Time

Cybersecurity is Everyone’s Business, All the Time

Photo by Dianor S on Unsplash This week begins the Department of Homeland Security’s National Cyber Security Awareness Month which promotes awareness and best practices for how citizens should think about security and how it relates to their data, their organizations, and ultimately, our nation. Just as Smokey the Bear was created in the 1940’s […]

Read More…

Cloud Security This Week

Cloud Security This Week – September 28, 2018

  New from Lacework Cybersecurity in the News…Again…And Again A roundup of three major cybersecurity breaches. This is becoming common, and not just for people who live the world of cybersecurity. It’s a harbinger of our connected world, and one that keeps delivering headlines.   Secure Your AWS Cloud with Lacework Webcast replay that explains […]

Read More…

In the news - cyberattacks or the discovery of a breach of sensitive data.

I Read the News Today, Oh Boy

Photo by Flemming Fuchs on Unsplash Every morning, I begin my day with the same routine I’ve had for many years. You and I aren’t that close yet, so I won’t go into the specifics of my dawn activities, but I can safely divulge that it involves fleece, coffee, and a quick scan of the […]

Read More…

Privilege Escalation and a Proposal for Acceptable Exclusion

Privilege Escalation and a Proposal for Acceptable Exclusion

Photo by Annie Sowards on Unsplash “I’d never join a club that would allow a person like me to become a member.” — Woody Allen Social concepts about exclusivity and inclusion have changed over the last 50 years. It used to be common for social and professional clubs to aggressively seek homogeneity among their membership and exclude […]

Read More…

Lacework Supports PCI Compliance with FIM Solution

Lacework Supports PCI Compliance with FIM Solution

Photo by Samuel Zeller on Unsplash If you wanted to name a technology product category so it got beat up in the schoolyard, you might call it File Integrity Monitoring. Like a lot of products in the security space, File Integrity Monitoring (FIM) as a moniker accurately explains what the solution provides, but it’s about […]

Read More…

Lacework Kubernetes Meetup

Kubernetes, Pizza, and Learning From Our Community

  Yesterday was a big day for Lacework. We announced a $24 million series B round of funding which will help us continue our momentum in building the market’s most comprehensive cloud security solution. Even in today’s funding environment, that’s a significant amount, and we already have plans to invest heavily (and wisely) in product development, […]

Read More…

Using the Cloud to Secure the Cloud: Lacework and the New Era of Cloud Security

Using the Cloud to Secure the Cloud: Lacework and the New Era of Cloud Security

Today, we announced a great milestone for Lacework — the closing of a $24 million Series B round of funding from a stellar group of investors that includes Sutter Hill, Liberty Global Ventures, Spike Ventures and the Web Investment Network (WIN). This is a massive opportunity, and not just because we have capital to continue […]

Read More…

PCI Compliance for cloud environments: Tackle FIM and other requirements with a host-based approach

PCI Compliance for Cloud Environments: Tackle FIM and Other Requirements With a Host-Based Approach

Photo by Hannes Egler on Unsplash Compliance frameworks and security standards are necessary, but they can be a burden on IT and security teams. They provide structure, process, and management guidelines that enable businesses to serve customers and interoperate with other organizations, all according to accepted guidelines that facilitate a better experience for end users. […]

Read More…

We just looked at 2 billion #cloud events

I Just Looked at 2 Billion Cloud Events. Here’s What I Found.

Photo by Jase Ess on Unsplash Our relationship with Lacework customers usually starts with a 30-day trial of our solution. Going in to it, they typically acknowledge lack of necessary visibility into their cloud environment. They also, however, tend to massively discount the reality of threats and risks to which they’re exposing their users and data. It’s not […]

Read More…

Security Can’t Start Until Multi-Factor Authentication is Turned On

Passwords have long been a target for cybercriminals since they became necessary for switching between users on computers, validating a simple but important security layer. Passwords are typically weak enough to be susceptible to brute force attacks, or too complex to easily remember. Even password generators and password management tools like LastPass have not been […]

Read More…

How Ronaldo’s Hair Explains Cybersecurity

Security tools abound that promise to protect you from the looming threat of hackers everywhere. Many of them look great, but their value is dubious. They might perform some specific task like packet inspection at the perimeter or bot detection, but aren’t actually doing the complex work required to inspect the millions (and in some […]

Read More…

Containers At-Risk: A Review of 21,000 Cloud Environments

Securing your workloads in public clouds requires a different approach than that used for traditional data centers. The need to operate security at cloud speed, respond to continuous change, adapt at scale, and operate with a new operating model all require a dramatic shift in the type of container security solution required by today’s operation. […]

Read More…

Timing Security Market Transitions

Timing Security Market Transitions

On the heals of the ZScaler IPO, the Phantom Cyber, and Evident.IO acquisitions, and the DUO unicorn round, I thought I would share some of my personal thoughts around market transitions in security. And, in particular how it pertains to cloud. Note: This is not a piece about why security startups fail. And, although missing a […]

Read More…

Refocus on What Matters: Risks vs Threats

After visiting the RSA Conference (yes I walked the infamous show floor) I decided to zoom out on what I saw and think about where we are spending our time, resources, and investments as an industry. The one thing that came to me is that we certainly spend a lot of time talking about threats. […]

Read More…

Containers in the Cloud: From Top Hazards to First-Class Cloud Security Citizen

Originally published in TechSpective on April 24, 2018. Microservices have been touted as a revolutionary way of building applications in the cloud which in turn is fueling the demand for containers. This symbiotic relationship between application portability and containers for delivering a single function makes for an ideal platform. At scale, this distribution of discrete jobs, when […]

Read More…

Avoiding Holes in Your AWS Buckets

Originally published in InfoSec Island on April 12, 2018.  Enterprises are moving to the cloud at a breathtaking pace, and they’re taking valuable data with them. Hackers are right behind them, hot on the trail of as much data as they can steal. The cloud upends traditional notions of networks and hosts, and it topples […]

Read More…

GOING TO RSA? HERE’S YOUR PRE-SHOW CHECKLIST (FOR AWS SECURITY)!

First, develop a clear picture of what you have – and don’t have – for AWS security today. The NIST Cybersecurity Framework is a good way to think this through: Identify: Do you have a clear picture of what your organization has deployed on AWS? Do you know how many AWS Accounts are active at your […]

Read More…

Host-Based IDS

Why Use a Host-Based IDS in AWS  

Does this image look familiar to you?  You’ve probably seen the AWS Shared Security Responsibility model over and over in conferences, tech talks, white papers, and AWS Summits, making it clear that Amazon only protects the infrastructure layer. Your data running in the application layer is your responsibility to secure. This sounds easy to implement […]

Read More…

Driving Towards Least Privilege in AWS: A Baker’s Dozen 

I have learned a lot in the past few years about running and securing public cloud infrastructure and thought I would share some areas that I believe are important. This SlideShare presentation is meant to be a self-read narrative of 13 things to think about AWS security and the move towards least privileged systems. Enjoy, […]

Read More…

Survey Highlights Top Four Trends in Cloud Security Adoption

  Lacework worked with Hurwitz and Associates to survey the market and learn about the current state of cloud security, challenges and learnings from early adopters of the cloud. The results (and Hurwitz’s expert analysis) paint a picture of an industry that’s rapidly moving beyond its initial growing pains – even if there are still […]

Read More…

AWS Misconfiguration

5 Steps to Eliminate AWS Misconfigurations and Open S3 Buckets

I’m an ardent consumer of security news. Sure, it’s part of my job, but reading these stories can still be a real eye-opener. Take, for example, the on-going news about S3 bucket misconfigurations. Cyber criminals have taken notice that buckets configured to allow “All Authorized AWS Users” would, well, allow all authorized AWS users. Not […]

Read More…

Together We Create

Bridging the Gap Between Security and DevOps, Part I

As we head into the New Year I’d like to share some trends I am noticing in the market around securing public clouds and decided to start a four-part series around it. Here in the Bay Area, we have several bridges that connect us. From the more well-known Golden Gate and Bay bridges to the lesser […]

Read More…

The Breach: You Can’t Secure What You Can’t See

As I am sure you have read in the news, an AWS account was allegedly used as a means to access and exfiltrate data. Although I am not sure we will find out the real details, it looks like a relatively straightforward breach. On the surface it appears as though there was no malware installed, […]

Read More…

One employee gets the blame at Equifax. Fair?

In late August, Richard Smith, former CEO of Equifax, gave a speech that included this line: “There’s those companies that have been breached and know it, and there are those companies that have been breached and don’t know it.” (As Fortune notes, at the time of the speech Equifax was breached and they knew it). […]

Read More…

Build the Foundation for Faster cloud compliance with cloud Visibility

2017 has been a tough year for data breaches and privacy violations. Government regulations (HIPAA for healthcare, NERC-CIP for energy, EU GDPR, etc) and industry standards (PCI) have tried to reverse this alarming trend, with more restrictive mandates and financial penalties that can no longer be classified as “the cost of doing business”. […]

Read More…

Another Multi-Billion Dollar Cybersecurity Catastrophe at Equifax

Last week Equifax reported what is possibly the most significant cyber security breach in history – and they are now paying for it. According to MarketWatch, the company’s value plunged more than $3.5B in just 2 trading sessions. Equifax out of pocket costs may exceed $300M. Farhad Manjoo at The New York Times wrote a […]

Read More…

Cloud Workload Security Automate

Forrester’s Insights into Cloud Workload Security: Automate, Automate, Automate

Earlier this week, Forrester released its Vendor Landscape report for cloud workload security solutions (CWS), authored by Andras Cser, Vice President and principal analyst at Forrester. According to the report, 52% of North American infrastructure decision makers believe public cloud implementations are a critical business priority. There’s no question the future belongs to the cloud. […]

Read More…

Machine Learning Models

More Machine Learning Models != Better Results

Earlier this week, Techspective published “Three Critical Machine Learning Questions for Cybersecurity Pros.” That article highlights how ML is changing cybersecurity workflows and it’ll give you some things to consider as you evaluate alternatives. Have a look and let me know what you think! […]

Read More…

Real-World AWS Account Compromises and How Lacework Stops Them

I’m excited and proud to announce that Lacework’s Polygraph technology is now available to protect your AWS account. If you’re an AWS customer, you already know you’re on the hook to secure your own data. Under Amazon’s shared security model, you’re also responsible for the security of your AWS account. Think of it this way: […]

Read More…

Polygraphs: behavior baselining to reveal the elephant

You are probably familiar with the parable of the blind men describing an elephant. Because they experience only what they can touch, each of them has a very different concept of what the animal is. One touches the trunk and concludes it’s a snake. Another explores a leg and concludes it’s a tree. They are, […]

Read More…

Introduction to Polygraphs

In my last blog, I talked about how we developed requirements for a Cloud Workload Protection Platform (CWPP) for modern data centers. In this blog, I’m going to dive into the heart of the matter: how Lacework builds the baseline we use for everything from breach detection to incident investigations. But first, let me recap […]

Read More…

Smitten with containers? What about security?

Developers are smitten with containers. It’s no mystery why — they’re perfect partners for agile development and fast-paced DevOps environments. Containers start up in seconds and use a fraction of the resources of traditional VMs, making them ideal for microservices architectures and scalable apps. Convenience is a big part of the allure too: third party images make […]

Read More…

Whack-a-Mole – Wanna Cry!!

WannaCry was bad news. It crippled hundreds of thousands of hosts. Patients and hospitals couldn’t retrieve records. Automobile manufacturers stopped production. Even now, the criminals continue to collect cash via Bitcoin accounts. WannaCry just might be the wake up call the industry needs. But will it really change anything? Or are we just playing Whack-a-Mole […]

Read More…

Lacework Coming Out Of Stealth!

An incredible milestone in a journey that started two years ago with a simple question: Why does it take enterprises 6+ months to find intruders in their data centers? […]

Read More…

Security Challenges: Just a Handful

A CIO I met recently, capture the current security scenario quite aptly. He said, “ I will not be promoted for doing security right and spending money on it, but I can be fired if things go wrong. The other challenge with security is that the stack has become very complex and I do not […]

Read More…

No Policies. No Rules. No Logs.

 It’s the brass ring of security professionals everywhere: spot every breach in less than one day. Can it be done? On average, how many days does it take to detect a security breach in a modern hybrid cloud environment? 205 days? 146 days? 99 days? The truth is, it doesn’t matter. Any security breach that’s not […]

Read More…