Lacework Releases High-Fidelity, Composite Alerts for Polygraph® Data Platform

Only CNAPP provider to combine robust human intelligence with automatic correlation of disparate alerts so customers can identify and remediate threats faster

February 21, 2023


San Jose, Calif., February 21, 2023Lacework®, the data-driven cloud security company, today announced the release of high-fidelity composite alerts on the Lacework Polygraph® Data Platform, to help customers detect compromised credentials, cloud ransomware, and cryptomining that would otherwise go unnoticed. By combining human intelligence with the automatic correlation of disparate alerts, Lacework generates a single, evidence-based composite alert with full context and actionable data that makes it easy for SOC teams to quickly respond to specific cloud threats across data sources.  

“I’m excited to see Lacework continuing to bring new features to market that will help give our security team better context to make decisions,” said Alberto Silveira, Head of Engineering at LawnStarter. “We value Lacework as a partner because they’re continually innovating the Polygraph Data Platform to bring us more value and help keep our business safe.”

Enterprises are inundated with alerts, leading to slower response times and a lack of understanding about the nuances of potential risks or attack scopes. Security teams must spend countless hours manually correlating weak signals that appear insignificant when presented in isolation, but can indicate a dangerous, genuine threat when associated with other events. Lacework does this investigative work for customers. Composite alerts combine human intelligence from Lacework Labs about prevalent attack sequences and tactics with automatic correlation of numerous events, including low criticality data from disparate sources. In a single, opinionated composite alert, Lacework describes a suspected exploit so security teams can perform faster, more effective investigations and remediations —without excessive querying and significant expertise.

“Production environments can be very noisy and delivering actionable and highly precise alerts in quickly changing, complex environments is often a challenge,” said Niels Provos, Head of Security Efficacy at Lacework. “With composite alerts, we combine many potentially noisy data points into highly actionable and opinionated alerts. We tell customers precisely about the specific security threat they face and provide all the evidence needed to underpin how we reached our verdict. This enables our customers to quickly and with confidence remediate the problem before it grows out of control.”

The benefits for the enterprise are saved time and costs, as there’s no need for SOC teams to manually link events and spend hours trying to determine what is happening. Customers also see  improved security efficacy, as the technology automatically ties together seemingly disparate and often lower severity events that were previously not being investigated, recognizes important patterns, and adds context about the type of attack happening.  


  • Learn more about how Lacework integrated composite alerts into the Polygraph Data Platform.
  • Take the crash course in CNAPP to understand why your cloud platform needs data-driven security. 
  • Read what Lacework customers have to say about the Lacework Polygraph Data Platform.
  • Celebrate the rise of the CISO with us! 

About Lacework 

Lacework offers the data-driven security platform for the cloud and is the leading cloud-native application protection platform (CNAPP) solution. Only Lacework can collect, analyze, and accurately correlate data — without requiring manually written rules — across an organization’s cloud and Kubernetes environments, and narrow it down to the handful of security events that matter. Security and DevOps teams around the world trust Lacework to secure cloud-native applications across the full lifecycle from code to cloud. Get started at