Visibility and Analysis for Cloud Compliance
Cloud Configuration Compliance for Multicloud Environments
Audit all of your cloud platform configurations and activity in one place.
Complexity is an enemy of security. Maintaining a unified view of your environment reduces the complexity that comes with having multiple cloud configurations.. At Lacework, we can help you achieve a comprehensive view across AWS, GCP, and Azure by bringing multiple clouds into one unified portal. Gone are the days of logging into different tools to evaluate your security stance. Instead, Lacework’s portal is a single pane of glass that audits all of your cloud platform configurations. Lacework will monitor configuration changes and send alerts when they are no longer compliant. This ensures that security and compliance teams are made aware of issues as soon as they arise so that they can be addressed before data and cloud resources are compromised.
Lacework delivers deep visibility for configurations across all of an enterprise’s cloud accounts and workloads so that you can ensure compliance with industry, governmental, and institutional standards. Operating on multiple cloud platforms can increase the threat vector and add complexity to the challenging task of securing your environment. Lacework operates as a comprehensive, centralized solution to identify, analyze, and alert you to configuration issues.
Identify Configuration Issues
- Find Identity and Access Management (IAM) vulnerabilities including root account, password requirements, and usage of multi-factor authentication
- Check for logging best practices, enable log files across regions, and ensure that log files are validated and encrypted
- Monitor critical account activity such as unauthorized API calls and unauthorized use of the management console
- Confirm secure network configurations, including limiting access to vulnerable ports, enforcing ‘least access’ privileges, and checking for the use of flow logging
Track Configuration Continuously
- Maintain compliance and achieve protection with daily re-audits
- Monitor account activity for abnormal activity, even when that activity is technically authorized
- Receive customizable alerts when items change from compliant to non-compliant
Ongoing Monitoring of Activity
- Detection and alerting of activity on all cloud platform resources, such as new activity in a particular region, activation of new services, or changes to access control lists
- Monitoring of changes to users, roles, or access policies
- Detection of access or customer master key tampering
- Reduce alert fatigue with customizable alerts and reports that eliminate repetitive or irrelevant results
Configuration Compliance Management
Lacework checks across the industry-accepted CIS Benchmark for secure configurations for cloud accounts and workloads. Additionally, Lacework includes supplemental checks for common compliance frameworks like PCI-DSS, SOC 2, HIPAA, and others. Using Lacework, compliance and security teams have access to continuous analysis and historical reporting so they can understand what is being monitored, identify vulnerabilities, analyze risk, and take the necessary steps to remediate the misconfiguration. We supply links directly to the resources in question to reduce the time to remediate. The Lacework configuration compliance solution is built to detect behavioral anomalies, so even if configurations meet required standards, unauthorized use or abnormal activity is detected and an alert is triggered. This ensures that organizations are aware of issues that might go undetected by solutions that only identify non-conforming compliance rules.
The Power of Polygraph® for Configuration Compliance
Lacework’s foundation is Polygraph, a deep temporal baseline built from collecting high fidelity machine/process/user interactions over a period of time. The Polygraph is used to detect anomalies, generate appropriate alerts, and provide a tool for users to investigate and triage issues.
Fundamentally, Lacework’s Polygraph technology develops a dynamic behavioral and communication model of your services and unique infrastructure. The model understands natural hierarchies for processes, containers, pods, and machines and aggregates them to develop behavioral models. A behavioral model is, in some sense, the essence of how a customer’s infrastructure operates. With this model, Polygraph monitors your infrastructure for activities that fall outside the model. In addition, Polygraph continually updates its models as your data center behavior changes.
Spot IaaS account configurations that violate compliance and security best practices that could put your company at risk with Lacework’s comprehensive configuration compliance monitoring tools for enterprise DevOps teams.
FAQs About Lacework's Configuration Compliance Solution
Lacework uses best practice checks including CIS benchmarks to evaluate security relevant configurations in Amazon AWS, Google GCP, and Microsoft Azure.
Lacework has mappings to PCI, HIPAA, SOC 2, and NIST 800-53 Rev 4.
Lacework supports continuous monitoring of your configurations in your cloud accounts. As configurations drift from best practices, they are detected and an alert is generated. These alerts can be configured to be sent to many of the common alert tools such as Slack, Splunk, Pagerduty, etc.
Lacework has checks for AWS, Azure, and GCP. Lacework provides a single platform that can can support compliance efforts without the need for deploying multiple tools for each cloud provider.
Lacework performs configuration checks based on industry accepted best practices such as CIS. Lacework will then supply reports listing all resources that are in violation, which support remediation efforts. These reports can then be provided to auditors to act as evidence of meeting compliance requirements.