Schedule a meeting with us and get a free pair of Apple AirPods Pro
Make the machines work 24×7.
Oct 14 – 15, 2020 | ONLINE
Schedule a meeting with us to learn more and get a free pair of Apple AirPods Pro.
Organizations today are either choosing public cloud or rapidly migrating to it in order to compete with the elite performing technology companies. With this comes all of the challenges of securing those environments in the midst of continuous change, compliance regulations and emerging threats.
Meet with us to experience the Lacework difference around automating security and compliance across your multicloud environments, workloads, and containerized environments. We give you:
- Visibility, transparency, and better collaboration between cloud Security and DevOps teams
- Gains from eliminating waste and efficiency drains during the development cycle
- The ability to deliver innovation quickly and securely with shorter cycle times
- Security at the speed of DevOps
Automation and Immutable Infrastructure: See at Scale so You Can Change at Scale
When a single human can configure 15 thousand AWS APIs in minutes, that’s awesome. Unless you’re taking a traditional approach to security compliance, visibility, and threat detection, in which case it’s horrifying.
When you are making changes at scale can you quickly:
- Know all your cloud services, hosts, and containers are configured properly?
- Detect risky or unusual changes across all your clouds, cloud accounts, cloud entities, APIs, users, hosts, containers, and clusters?
- When things go wrong can you easily determine what when wrong and how serious it is?
Cloud and infrastructure as code need a new approach to security. One that doesn’t require PhD know-it-alls, because humans can’t stitch it all together, and machines need to toil so you can focus. If you’re operating at cloud scale, we’ll give you security capabilities that keep up with your innovation.
With Lacework, Organizations Can:
Use our Terraform integration to secure environments in the midst of continuous change
We recently released our new Terraform Provider for Lacework. This enables organizations to automate the configuration of the Lacework Security Platform in order to bring their public cloud environments under the protection of Lacework.
Lacework is purpose-built to secure many aspects of our customers’ cloud environments, but a common challenge is how to get all of those environments integrated and configured as quickly and efficiently as possible.
Customers can login to our user interface and manually configure the settings to allow Lacework the access needed to monitor their cloud environments. That may work just fine if they have only one or two accounts. The reality is that the larger majority of our customers don’t just have one AWS or GCP account, but instead have HUNDREDS of them. Each account may be owned by a different business unit or team, or they are often divided into logical environments such as development, staging, production, PCI, SOC 2 and so on. Each account may have different alert channels, alert rules and integrations. If this sounds familiar, then you understand the need to automate as much as possible.
Terraform Provider for Lacework
HashiCorp’s Terraform is a powerful framework that helps organizations configure cloud environments from code. At Lacework, we use Terraform to manage our multi-cloud environments, but we also use it for managing APIs from platforms such as GitHub.
Our new Terraform Provider was released because we understand that while our customers expand their footprint in the cloud, they should be able to automate Lacework the same way they do any other environment.
Lacework Terraform Resources
The initial release of the provider offers seven custom resources needed to integrate cloud accounts into Lacework:
lacework_api_token– Creates a bearer API token to be used to authenticate API requests
lacework_integration_aws_cfg– Create an AWS config integration to analyze AWS configuration compliance
lacework_integration_aws_ct– Configure an AWS account for CloudTrail behavior-based anomaly detection
lacework_integration_azure_al– Configure an Azure account for activity log integration
lacework_integration_azure_cfg– Azure configuration and compliance visibility
lacework_integration_gcp_at– Google Cloud audit trail
lacework_integration_gcp_cfg– Google Cloud configuration
This, of course, is just the beginning, and we will continue to add more resources as we release new public APIs to the platform.
See indicators of attacks or signs of trouble earlier:
- Deleting EC2 instances or keys to deny or degrade service
- Changing S3 bucket permission to expose or steal sensitive data
- Starting unauthorized EC2 or S3 instances for bitcoin mining or file sharing
- Restoring AWS snapshots to steal data that was thought to be unavailable
- Adding new privileged users with wide administrator privileges in the AWS account