Latest on critical Apache Log4j vulnerability   Read More >

Lacework Cloud Care

Whether you’re a Lacework customer or not, we’re here to help with our free Cloud Care, a Log4j rescue program. Get access to:

Apple AirPods Pro

Schedule a meeting with us and get a free pair of Apple AirPods Pro

Make the machines work 24×7.

HashiConf Digital

Oct 14 – 15, 2020 | ONLINE

Schedule a meeting with us to learn more and get a free pair of Apple AirPods Pro.

Schedule Meeting

By submitting this form, you agree to our privacy policy.

Organizations today are either choosing public cloud or rapidly migrating to it in order to compete with the elite performing technology companies. With this comes all of the challenges of securing those environments in the midst of continuous change, compliance regulations and emerging threats.

Meet with us to experience the Lacework difference around automating security and compliance across your multicloud environments, workloads, and containerized environments. We give you:

  • Visibility, transparency, and better collaboration between cloud Security and DevOps teams
  • Gains from eliminating waste and efficiency drains during the development cycle
  • The ability to deliver innovation quickly and securely with shorter cycle times
  • Security at the speed of DevOps

HashiConf 2020

Automation and Immutable Infrastructure: See at Scale so You Can Change at Scale

When a single human can configure 15 thousand AWS APIs in minutes, that’s awesome. Unless you’re taking a traditional approach to security compliance, visibility, and threat detection, in which case it’s horrifying.

When you are making changes at scale can you quickly:

  • Know all your cloud services, hosts, and containers are configured properly?
  • Detect risky or unusual changes across all your clouds, cloud accounts, cloud entities, APIs, users, hosts, containers, and clusters?
  • When things go wrong can you easily determine what when wrong and how serious it is?

Cloud and infrastructure as code need a new approach to security. One that doesn’t require PhD know-it-alls, because humans can’t stitch it all together, and machines need to toil so you can focus. If you’re operating at cloud scale, we’ll give you security capabilities that keep up with your innovation.

With Lacework, Organizations Can:

Use our Terraform integration to secure environments in the midst of continuous change

We recently released our new Terraform Provider for Lacework. This enables organizations to automate the configuration of the Lacework Security Platform in order to bring their public cloud environments under the protection of Lacework.

Lacework is purpose-built to secure many aspects of our customers’ cloud environments, but a common challenge is how to get all of those environments integrated and configured as quickly and efficiently as possible.

Customers can login to our user interface and manually configure the settings to allow Lacework the access needed to monitor their cloud environments. That may work just fine if they have only one or two accounts. The reality is that the larger majority of our customers don’t just have one AWS or GCP account, but instead have HUNDREDS of them. Each account may be owned by a different business unit or team, or they are often divided into logical environments such as development, staging, production, PCI, SOC 2 and so on. Each account may have different alert channels, alert rules and integrations. If this sounds familiar, then you understand the need to automate as much as possible.

Terraform Provider for Lacework

HashiCorp’s Terraform is a powerful framework that helps organizations configure cloud environments from code. At Lacework, we use Terraform to manage our multi-cloud environments, but we also use it for managing APIs from platforms such as GitHub.

Our new Terraform Provider was released because we understand that while our customers expand their footprint in the cloud, they should be able to automate Lacework the same way they do any other environment.

Lacework Terraform Resources

The initial release of the provider offers seven custom resources needed to integrate cloud accounts into Lacework:

  • lacework_api_token – Creates a bearer API token to be used to authenticate API requests
  • lacework_integration_aws_cfg – Create an AWS config integration to analyze AWS configuration compliance
  • lacework_integration_aws_ct – Configure an AWS account for CloudTrail behavior-based anomaly detection
  • lacework_integration_azure_al – Configure an Azure account for activity log integration
  • lacework_integration_azure_cfg– Azure configuration and compliance visibility
  • lacework_integration_gcp_at– Google Cloud audit trail
  • lacework_integration_gcp_cfg– Google Cloud configuration

This, of course, is just the beginning, and we will continue to add more resources as we release new public APIs to the platform.

See indicators of attacks or signs of trouble earlier:

    • Deleting EC2 instances or keys to deny or degrade service
    • Changing S3 bucket permission to expose or steal sensitive data
    • Starting unauthorized EC2 or S3 instances for bitcoin mining or file sharing
    • Restoring AWS snapshots to steal data that was thought to be unavailable
    • Adding new privileged users with wide administrator privileges in the AWS account

Get Started With Some Light Reading

Harness the power of Lacework to address today’s cloud security challenges.


Public Cloud Security Risks
Securing Containers in a Cloud Environment

Move at the speed of DevOps, while remaining secure.