It’s now proven that conventional security fails in the cloud. A new operating model is needed to keep data and applications safe in the cloud. This is the foundation behind Polygraph, the technology backbone of the Lacework platform. The Polygraph technology brings automation, scale and speed to cloud security.
Polygraph monitors the activity and behavior of entities in your cloud. Anomalous behaviors and deviations from the baseline, such as escalation of privileges, unexpected application launches or server communications are detected automatically out of billions of events per hour. With Polygraph, your security can keep up with the pace at which you deploy new applications in the cloud.
From the first day you migrate data to the cloud and need to assess your configuration for security to the on-going monitoring of your runtime environment for threats and anomalies, Lacework automates security processes, allowing security teams to successfully tackle the speed and scale of the cloud.
Using Lacework, you can make sense of and easily track the thousands of VMs and containers that generate billions of events per hour. Our Polygraph technology does all the work for you and only presents insights and alerts that matter.
Lacework is built for the unique characteristics of highly dynamic clouds, supporting natively cloud technologies, VMs, containers, and more. Our platform is natively integrated with AWS services – AWS CloudTrail, AWS Config, and AWS Security Groups – to:
- Continuously assess the configuration of AWS S3 buckets and AWS Accounts for security
- Continuously monitor activities and behaviors of AWS Accounts and Workloads to detect anomalies and threats.
Our pricing model is designed to be compatible with cloud subscription-based models and our solutions are available on the AWS Marketplace.
Deeper Insights for Effective Protection
Cloud environments are highly dynamic by design, made of thousands of components at the storage, compute, and access layers, often piloted through APIs. Effective cloud security needs full visibility into these components at all layers, their activity and interactions, who updated them and why.
Polygraph, the technology backbone behind Lacework’s platform, automatically discovers entities deployed: workloads, applications, processes, machines, VMs, containers, files and users. Polygraph then groups these entities logically, establishes a behavior baseline, detects any deviation from the expected normal behavior and automatically reports on anomalies or threats detected.
The highly interactive interface of Lacework’s Polygraph gives security teams immediate access to the insights required to investigate and take action on security incidents.
Rogue users taking advantage of misconfigured resources is one of the many examples of a threat that is automatically detected by Lacework’s Polygraph.
No Manual Rule Writing or Log Correlation
Lacework approaches security from a radically new perspective. Our solution eliminates the daily maintenance of rules and policies that has become the bane of security professionals. In addition, by providing all insights and activity related to incidents in one place, Lacework eliminates the need to manually correlate log and information stored in SIEMs. With Lacework, investigations become actionable playbooks for fast, definitive remediation.