AWS CIS Benchmarks and Security Solutions for Amazon Web Services
Comprehensive, continuous end-to-end AWS security and configuration support. Be the Envy of the AWS Security Community.
Threat Detection, Compliance, and Automated Monitoring for AWS Cloud Environments
AWS users feel the security pinch. The burden of keeping your cloud safe requires more than signatures and custom rules — every activity in the cloud environment drives potential threats, and AWS users need solutions that go beyond identifying changes to describing the security context and implications of changes.
Lacework delivers comprehensive and continuous end-to-end AWS security and configuration support for both workloads and accounts running in Amazon and multi-cloud environments. The cloud is not going away, and neither is the need for a single, unified security solution. Lacework relieves your security pinch by identifying, analyzing and reporting all misconfigurations, vulnerabilities, and behavioral anomalies.
Actionable Auditing of AWS Security Configurations for S3 Buckets
- Find and fix potentially exposed S3 buckets configured for external access and identify out of compliance buckets with CIS Benchmark for AWS. This also includes:
- Monitoring for encryption at rest and in transit
- Ensuring only users with multi-factor authentication delete S3 buckets
- Versioning that protects against deletion or overwrites
- Context-aware recommendations to help prioritize and fix violations
Robust AWS Configuration Audit
- Find Identity and Access Management (IAM) vulnerabilities including root account use, lax password requirements, and the lack of multi-factor authentication (MFA)
- Check for logging best practices and ensure AWS CloudTrail is enabled across regions
- Verify that log files are validated and encrypted
- Monitor critical account activity like unauthorized API calls and unauthorized access to the management console and root account access
- Drive secure network configurations and limit access to vulnerable ports, enforcing “least access” privileges and checking for the use of flow logging
- Assess your S3 settings for S3 buckets at risk
Continuous AWS Security Monitoring of User Activity
- See all activity on AWS resources, such as new activity in a region, activation of new AWS services, or changes to access control lists
- Quickly visualize all changes to users, roles, or access policies
- Receive notification of access tampering or customer master key tampering
- Reduce alert fatigue with customizable alerts and reports that eliminate repetitive or irrelevant results
The Power of the Polygraph®
Our foundation is based on a patent-pending Polygraph technology, a deep temporal baseline built from collecting high-fidelity machine, process, and user interactions over a period of time. The Polygraph detects anomalies, generates appropriate alerts, and provides a tool for users to investigate and triage issues.
This technology dynamically develops a behavioral and communication model of your services and infrastructure that understands natural hierarchies (processes, containers, pods, machines, etc.) and aggregates them to develop behavioral models. Together with a behavioral model, the Polygraph is able to monitor your infrastructure for activities that fall outside the model and dynamically update as behaviors change over time.
Speed, Scale, and Integration
Pinpoint exactly how files change — from content and metadata to whether the file was modified or simply appended. Extended information on executables, such as files created without a package installation, command lines used at launch, or currently running processes (with users and network activity).
- Boost intelligence with 5 billion files from ReversingLabs’ library.
- Leverage one-click investigation of events and activities related to FIM signals.
- Drive cloud-wide search with file type summaries and new file detection.
- Operate at cloud scale with unprecedented speed
- Automate configurations, file discovery and operations.
- Scale architecture without adding complexity or performance penalties.
- Included with all Lacework AWS Cloud Security agents
Meet AWS Compliance mandates
Lacework provides comprehensive, continuous end-to-end security, compliance, and configuration support for workloads and accounts running in AWS and in multi cloud environments.
- Protect log and AWS configuration files against tampering
- Daily re-check of all monitored files in AWS Accounts
- Monitor critical account activity including unauthorized API calls
- Pre-defined directory maps monitor critical files and directorie
- Assess your S3 settings for S3 buckets at risk
Address Container Security
Lacework is fully container-aware and monitors all container activities regardless of the container distribution you rely on (Docker and/or Kubernetes). Any malicious activity in a containerized environment will generate an anomaly at one layer or another – Lacework’s threat detection and behavioral analysis identifies anomalous activities across your cloud and containers so issues can be remediated before any damage is done.
Enforce Workload Security
Lacework’s lightweight agents collect and send data to Lacework’s backend in the cloud where this data is aggregated, and a baseline of the activity in the cloud environment is created. The automated method of detecting undesired activity in cloud and container workloads provides great benefits over traditional rule writing.
Great Minds Ask These Questions
Lacework is a multi-cloud security SaaS platform that provides automated, end-to-end visibility and threat detection for AWS. Our approach simplifies configuration and speeds deployment with faster time to value.
Yes, Lacework’s cloud security platform performs a series of checks against every AWS security group looking for misconfigurations.
Lacework checks configurations for several different variants of permissions that can risk data exposed, and alerts you if and when we detect any open S3 buckets in AWS.
Yes, Lacework supports AWS CloudTrail ingestion. Lacework uses these logs to understand and detect anomalous user behavior in your AWS cloud infrastructure.