Lacework Brings Zero-Touch Anomaly Detection to AWS Accounts
Integration with AWS CloudTrail Automates Monitoring of AWS Accounts and Deepens Visibility into Account Activity
August 14, 2017
Mountain View, Calif. – August 14, 2017 – Lacework™, the industry’s first zero-touch cloud security solution, today announced that Lacework Polygraph is now integrated with Amazon Web Services (AWS) CloudTrail, extending the company’s zero-touch security approach to protect AWS accounts. Using Lacework for AWS CloudTrail, cloud teams can make sense of CloudTrail data, deepen visibility and insights into AWS account activity, and automatically surface account anomalies.
CloudTrail is a management service provided by AWS that monitors, logs, and retains every AWS account activity, including access changes, and compute and storage resource modifications. CloudTrail collects a wealth of data but the resulting millions of daily events create yet another security challenge for the teams that monitor AWS deployments for security incident. Lacework for AWS CloudTrail eliminates the need for labor-intensive analysis of CloudTrail events, automatically raising alerts on suspicious activities.
In its November 2016 “Predicts 2017: Cloud Security” report, Gartner posits: “By 2018, the 60% of enterprises that implement appropriate cloud visibility and control tools will experience one-third fewer security failures.”
“A quick look at the news shows the importance of serious cyberthreat protection. It takes hard work to prevent a breach at any scale, and investigating millions of daily security events in AWS can present challenges, said Brian Lachance, Chief Security Officer at Cazena. “With Lacework, we know immediately what deserves our time and attention and can act decisively when dealing with security and operational incidents.”
“We help our retail customers focus on what’s important to them – making them successful and more competitive at the pace of modern retail,” said Satish Kumar at Boomerang Commerce. “Lacework supports our mission by helping us navigate and protect our cloud infrastructure faster and more decisively. Simplified daily operations and the ability to quickly address incidents in AWS eliminates the need for time consuming maintenance and analysis.
“We help organizations harness the power of the cloud,” said Matthew Zeier, Technical Operations at Wavefront. “Cloud infrastructure are highly complex and many existing security tools just weren’t effective enough for what we needed. Partnering with Lacework has simplified what is usually a very complicated process.”
Lacework for AWS CloudTrail protects against attacks on AWS accounts by detecting unusual changes including:
- Unauthorized activity on AWS resources, in regions or accounts; activation of new services or changes to AWS S3 buckets.
- Suspicious changes to users, roles, or access; changes tin security groups, bypass of two-factor authentication.
- Changes to AWS infrastructure services: tampering with access master keys, modifications to route table, or network interfaces and services.
“Organizations have been plagued by the risk of misconfiguration in AWS deployments,” said Vikram Kapoor, Co-Founder and CTO, Lacework. “We are proud to augment CloudTrail capabilities with automated detection of unusual events, potential misconfiguration, breaches, or insider threats, eliminating the need for manual analysis of logs. Our proprietary machine learning techniques aggregate and organize CloudTrail data into intuitive maps and dashboards. Alerts are automatically triggered when usage of an organization’s AWS account by users deviates from the baseline of normal behavior.”
Lacework for AWS CloudTrail is available immediately on the AWS Marketplace and includes up to 10,000 free events per hour. You can also sign up for a 14-day free trial to test Polygraph in your own environment. will have a complete view of all accounts or entities in your cloud and their normal and abnormal activities.
Mountain View, California-based Lacework enables security teams to keep up with the pace of application deployment by providing the industry’s first zero-touch security platform for public and private clouds. Polygraph, Lacework’s flagship product, continuously monitors all cloud components, workloads, applications, processes, containers, machines, users and accounts, and automatically detects anomalous behaviors out of billions of events per hour. Providing unprecedented visibility, Lacework Polygraph compresses the breach detection cycle, reduces false positives, delivers precise alerts and simplifies incident investigations. For more information, please visit https://posts.lacework.com/.
Lumina Communications on behalf of Lacework