Lacework Announces New Capabilities Enabling AWS Customers to Rapidly Implement Security Best Practices and Proactively Identify S3 Buckets at Risk
New features bring continuous assessment of compliance to CIS Benchmark for AWS and auditing of S3 bucket configuration
November 15, 2017
Mountain View, Calif. – November 15, 2017 – Lacework, the industry’s first solution to bring automation, speed, and scale to cloud security, today announced new features that enable Amazon Web Services (AWS) customers to easily and continuously maintain an AWS cloud configuration that is compliant with proven security best practices. Lacework now automatically reports on the configuration’s adherence to the Center for Internet Security (CIS) Benchmark for AWS.
Lacework has also introduced security controls targeted at AWS S3 buckets, enabling AWS customers to rapidly identify S3 buckets at risk or compromised due to misconfiguration. Through targeted auditing of S3 configuration, Lacework ensures that all buckets are configured with best practices for logging, encryption, and versioning, then provides continuous monitoring with AWS CloudTrail events and workload activity analysis.
“Deploying new initiatives to the public cloud brings a spectrum of new security challenges that many organizations are not yet familiar with,” said Dan Hubbard, Chief Security Architect, Lacework. “Starting with the daily validation of the AWS configuration (AWS accounts and AWS resources such as S3 buckets), to the continuous monitoring of workloads deployed on AWS, the Lacework cloud security platform enables organizations to safely migrate data to AWS and deploy applications in AWS.”
The new AWS security features from Lacework include:
- An interactive report assessing compliance with the 52 controls specified in the CIS Benchmark for AWS. Controls cover Identity and Access Management, Monitoring, Logging and Networking, and range from the validation that Multi-Factor Authentication is enforced for all users who attempt to delete buckets, to the validation that CloudTrail is enabled
- The ability to click on each control with a violation to access details on the scope of the violation, the list of impacted AWS resources, and recommendations on how to fix the violation
- An interactive report showings adherence to a set of recommended S3 bucket configuration ensuring that access rights are not provided too broadly, exposing data to outside internet users
Changes to any of the above controls towards non-compliance will generate an alert with context to take immediate action and remediate the violation.
The Lacework cloud security platform delivers security and compliance capabilities specifically designed for the cloud, bringing speed, scale, and automation to security processes that have traditionally be labor-intensive. Lacework will demonstrate the above AWS configuration auditing capabilities at AWS re:Invent 2017 which takes place November 27 to December 1 in Las Vegas. Attendees are invited to stop by the Lacework booth (#1606) to get a personalized live demo from one of our cloud security experts. Interested AWS customers can evaluate the new features today using the Lacework 14-day free trial.
Lacework brings automation, speed, and scale to cloud security, eliminating manual, repetitive tasks and enabling security teams to keep up with DevOps. Specifically designed for the cloud, the Lacework security platform monitors workloads, applications, processes, containers, machines, users and accounts to automatically surface anomalous behaviors out of billions of events per hour. Lacework provides unprecedented visibility, automates breach detection, delivers one-click investigation and simplifies cloud compliance. Based in Mountain View, California, Lacework is a privately held company that was incubated by Sutter Hill Ventures.
Lumina Communications on behalf of Lacework