Resources

Webinars

Security Insights in a High Growth Cloud Environment - Webcast Replay

Lacework & Snowflake are innovators in their respective markets, but working together, they deliver powerful and actionable security insights and the most flexible, scalable, easy to use data warehouse on the planet. See Webinar...

The Emperor Has No Network - Webcast Replay

How to move away from a network-centric mindset and adopt a cloud approach to be successful in modern environments. See Webinar...

Watch SANS Webinar

Given the current state of cyber security data breaches, advancements in attacker capabilities and all-too-frequent dumps of new malware and capabilities, it has never been more crucial for organizations to secure themselves. See Webinar...

Prevent Cryptocurrency Mining in Your AWS Account

Learn how modern cybercriminals are actively breaching accounts in public clouds to perform cryptocurrency mining, and how you can take action to prevent this in your AWS cloud environment. See Webinar...

This is Lacework

Lacework AWS Account Security

From initial configuration to compliance assessment and daily operations, Lacework integrates with and augments AWS services to deliver advanced protection to the assets you deploy on AWS.

Lacework AWS Configuration and Compliance

In highly dynamic clouds where workloads and resources get reassigned continuously, the compliance process requires more frequent controls and a different, more automated approach.

Lacework Cloud Workload Security

From workload discovery to threat detection and point-and-click investigation, we automate many security processes so that your cloud stays secure no matter how fast DevOps spins new code and new machines.

Product Videos

Lacework for Azure & Multicloud Environments

Here's how Lacework spans the three critical segments for cloud security: configuration & compliance, container security, and anomaly detection.

Lacework for Kubernetes and Google Cloud Platform

Here’s how Lacework straddles configuration and audit, while providing anomaly detection against storage, and infrastructure and platform as a service. Protect your workloads whether they are deployed as a VM, container, or a managed infrastructure system.

Product Overview

The velocity of the cloud is outpacing the ability to keep it safe. That’s why Lacework built a solution to tackle modern cloud security issues.

Inside Lacework: Set Up Lacework with AWS

We cover how to quickly integrate Lacework with AWS in this 5 minute informational video.

Inside Lacework: Introduction to Workload Security

We cover Lacework workload security, the benefits of Lacework Polygraph, along with sample events.

Lacework for AWS CloudTrail Demo

How Lacework integrates with AWS CloudTrail to protect your AWS deployments by detecting any anomalous activity.

Preventing Illicit Bitcoin Mining with Lacework

How Lacework detects new instances unexpectedly coming online that could be a cybercriminal abusing your cloud resources.

Latest Kubernetes Product Features at KubeCon

Live from KubeCon, Lacework's Chief Product Officer covers how our latest Kubernetes functionality provides deep visibility and threat detection specifically designed for container orchestration, containers, and applications.

Customer Testimonials

Snowflake Computing

Listen as Mario Duarte talks about how Lacework Polygraph thwarted the PEN testers at Snowflake Computing.

Guidebook

Learn how Guidebook gained visibility, cross-functional versatility and effective protection with Lacework.

Large Networking Firm

Hear Ian O’Brien’s true-crime story of Lacework, WordPress, and an intruder who never made it out the back door.

Automating Security & Compliance for Flatiron Health

Learn how a CISO of Lacework customer operates security and compliance at scale in the cloud.

Solution Briefs

Anomaly Detection

Lacework provides comprehensive, real-time anomaly detection for all modern cloud and container environments. It uses machine learning to identify and analyze behavioral deviations from normalized behaviors in cloud and container infrastructures that result from vulnerabilities. Read More...

AWS Security

Lacework provides comprehensive, continuous end-to-end security and configuration support for workloads and accounts running in AWS and in multi cloud environments. Read More...

Azure Security

Lacework provides comprehensive, continuous end-to-end security and configuration support for workloads and accounts running in Microsoft Azure. For all Azure events and configurations, Lacework monitors activities and behaviors of cloud entities beyond network traffic to detect anomalies indicative of a misconfiguration, a human error, malicious activity or a threat. Read More...

Cloud Account Security

In multicloud environments, it’s critical to monitor the activities of each account. Lacework helps organizations understand who is using what, to learn what API calls are made to various cloud resources, and identify irregularities that might indicate account risk. Read More...

Configuration Compliance

Operating on multiple cloud platforms can increase the threat vector of the overall infrastructure and add complexity to an already challenging task. Lacework delivers deep visibility for configurations across all of an enterprise’s cloud accounts and workloads so organizations can ensure compliance with industry, governmental, and institutional standards. Read More...

Container Security

Lacework is fully container-aware and monitors all container activities regardless of the container distribution you rely on (Docker and/or Kubernetes). Any malicious activity in a containerized environment will generate an anomaly at one layer or another – Lacework’s threat detection and behavioral analysis identifies anomalous activities across your cloud and containers so issues can be remediated before any damage is done. Read More...

File Integrity Monitoring

Designed for high-velocity cloud implementations, Lacework’s FIM solution automates setup and eliminates labor-intensive rule development, ACL specification, and configuration. With our innovative baselining technology, Lacework keeps up with cloud changes while dramatically reducing false positives so security teams can focus on the FIM events that really matter. Read More...

GCP Security

Lacework offers an automated, end-to-end security and configuration solution that monitors threats for workloads and accounts in GCP and across multicloud and containerized environments. Lacework checks for a series of controls specific to GCP resources like Storage Buckets, ACLs and other resources, and for processes like Cross-Origin Resource Sharing (CORS), access logs, and other elements that can be targeted in the course of attacks. Read More...

Host Intrusion Detection

Lacework Host-based IDS automatically identifies intrusions and raises the alarm so you can stay a step ahead of attackers. We give you the visibility and context you need to resolve intrusion events before they turn into damaging breaches. Delivered as a service, Lacework can be deployed at scale in minutes. Read More...

Kubernetes Security

Lacework provides deep visibility into your Kubernetes deployment. This includes high-level dashboards of your clusters, pods, nodes, and namespaces combined with application level communication between all of these at the application, process, and network layer. Read More...

Runtime Threat Defense

To provide comprehensive security for active threats and vulnerabilities caused by misconfigurations and other infrastructure changes, Lacework uses runtime defense to identify, analyze, and alert on anomalous behavior for applications, virtual resources, hosts, and all user activity. Read More...

Workload Security

Lacework’s lightweight agents collect and send data to Lacework’s backend in the cloud where this data is aggregated, and a baseline of the activity in the cloud environment is created. The automated method of detecting undesired activity in cloud and container workloads provides great benefits over traditional rule writing. Read More...

White Papers

Resetting Your Security Thinking for the Public Cloud

We take a closer look at securing cloud infrastructures by asking seven experts the following question: To operate public cloud-based IT infrastructures securely, what security thinking needs to change, and why? Read More...

Building Security Into Your Cloud IT Practices

How do IT professionals address the need to build it safer? To find out, we asked our security experts the following question: How can you make security an embedded discipline within your team? Read More...

Avoiding Container Vulnerabilities

To get a better understanding of potential risks associated with containers and how best to address those risks, we asked the security experts the following question: What vulnerabilities do containers create, and how do you protect against them? Read More...

Avoiding Limitations of Traditional Approaches to Security

To better understand the differences between the traditional security stack and a layered security strategy, we asked our experts the following question: What limitations can you expect when stitching together multiple security solutions? Read More...

What are Your Public Cloud Security Risks?

The ease and speed with which organizations can deploy workloads often outweighs the security implications of doing so. Here's why you may be more at risk thank you think, and what you can do about it. Read More...

Preventing Ransomware in the Cloud

A best practices guide to keep your cloud environment secure: In this paper, we’ll zero in on the various components of a cloud environment and offer best practices for creating a secure infrastructure. Read More...

Top Ten Threats to Cloud Security Infographic

There’s an enormous amount of event activity in the cloud. A busy cloud environment can generate eight to ten billion events per month, which makes threat detection a much more challenging proposition. Read More...

VPC Flow Logs Are Not Enough

VPC flow logs are not enough, and modern environments require a new approach to cloud security. Here are eleven ways network-based security tools based on VPC logs fall short when transitioning to the cloud. Read More...

11 Limitations of Network-Centric Security in the Cloud

To help understand the new world of security in the cloud, we've put together 11 specific use cases where network-centric security is inadequate to handle the challenges of security in modern cloud environments. Read More...

The Three Critical Elements of Effective Security for AWS

By applying the right tools and skill sets, organizations can gain control over their cloud environment through the lens of these three critical security elements. Read More...

Containers At-Risk: A Review of 21,000 Cloud Environments

This report describes the risks and threats that can be created by deploying workloads in public cloud without the proper security guardrails, security services, and the systematic use of security best practices. Read More...

10 Reasons VPC Flow Logs Won't Keep Your Cloud Secure

From inability to scale, to creation of false positives, and limits on file integrity monitoring, here are ten reasons why VPC flow logs just won't keep your cloud secure. Read More...

Lacework: Avant Garde Security

Lacework redefines security by enabling configuration assessment, behavior monitoring, threat and anomaly detection, and incident investigation. Here's how we bring speed and automation to every cloud security process. Read More...

Gartner Report: Cool Vendors in Cloud Security

Gartner's Cool Vendors in cloud security offer interesting and useful new products intended to solve the unique challenges of cloud computing. Read More...

Hurwitz Report

Based on quantitative research, as well as qualitative interviews with industry practitioners, this report covers why businesses are increasingly evolving their security strategy to advance their cloud strategy. Read More...

451 Research Report

As the scalability and elasticity of new IT stretches existing security practices to their limits, Lacework looks to help maintain proper security. Read More...

SANS Institute Review

Today’s dynamic cloud environments present new challenges to security practitioners. Tailoring old policy-and-logs approaches to the demands of the cloud require time and resources that organizations don’t have. Read More...

Ovum Report

Cloud adoption is expanding at an explosive rate, creating a growing requirement for security technologies such as Lacework’s Polygraph to monitor workloads, provide alerts about potential breaches, and highlight possible insider threats. Read More...

Case Studies

guidebook

Guidebook

With Lacework, Guidebook has a clear and complete picture of security operations across their entire AWS implementation, from the AWS API to server and user level activity. Read More...

Snowflake Computing

Snowflake Computing

Foiling PEN Testers with Automated Cloud Security: Learn how Snowflake was able to gain full visibility into their environment to follow everything that was occurring, end to end. Read More...

Wavefront

Wavefront

Logs, Logs and More Logs: Learn how Wavefront simplified security operations by deploying Lacework’s automated cloud security platform, eliminating manual tasks and saving time. Read More...