Protecting AWS deployments needs to start on day one, with compliance and the validation of your AWS configuration for security best practices.
You also need to continuously monitor your AWS cloud for misuse of resources deployed, anomalies, malicious activities, threats and any other unexpected risk introduced in your environment.
Given the scale and speed of change of most AWS deployments, Lacework gives you a head-start and automates security processes while eliminating repetitive manual tasks. From initial configuration to compliance assessment and daily operations, Lacework integrates with and augments AWS services to deliver advanced protection to the assets you deploy on AWS.
CONTINUOUSLY VALIDATE YOUR CONFIGURATION AGAINST SECURITY BEST PRACTICES
Lacework automatically validates your configuration against the controls established as best practices in the CIS Benchmark for AWS. Our interactive report delivers insights into passed or failed controls with recommendations on how to fix out-of-compliance configuration components. A similar report is available for additional security controls specific to AWS S3 buckets.
Lacework ensures continuous compliance by auditing your configuration daily and alerting you of any change that represents a degradation in compliance.LEARN MORE
CloudTrail Event Analysis
AUTOMATICALLY DETECT ANOMALIES IN AWS ACCOUNT ACTIVITY
Lacework integrates with AWS CloudTrail and automatically analyzes CloudTrail events to surface behavior anomalies in AWS Accounts. These can include unusual use of your AWS resources, regions, accounts, services, and more.
CloudTrail data can reach in the millions of API events daily. Lacework eliminates the need for any manual analysis of the data.LEARN MORE
ALWAYS KNOW IF YOUR AWS S3 BUCKETS ARE AT RISK
S3 bucket misconfigurations are too common. Why? There are four options to define and control access to AWS S3 buckets. Lacework audits your S3 configuration and tells you which buckets are accessible by outside users. Continuous auditing notifies you of any unusual changes so that you can maintain continuous compliance.
Using Lacework, you can also monitor and visualize in Polygraph all applications and processes accessing your S3 resources. Comprehensive alerts with contextual insights notify you when unexpected applications access your AWS S3 resources.LEARN MORE
IDENTIFY THREATS BEFORE DAMAGE IS DONE
From AWS accounts to EC2 and S3 resources, Lacework monitors activities and behaviors of cloud entities beyond network traffic to detect anomalies indicative of a misconfiguration, a human error, malicious activity or a threat. Lacework enables AWS security teams to identify escalation of privileges, lateral movement, misuse of AWS resources early on so that breaches can be stopped early.LEARN MORE