With Lacework, Snowplow secures their multicloud environments and protects against Log4j

Had the vulnerability hit earlier, it would have been much more challenging. But we established pretty early on that our exposure to Log4j was low, which we could only do because we had Lacework as part of our security posture.
STEVE COPPIN-SMITH, VICE PRESIDENT OF ENGINEERING, SNOWPLOW
Snowplow provides a platform to enable any company to collect first-party granular behavioral data for themselves, in their own cloud account, so that data practitioners can free themselves from the constraints imposed by web analytics vendors. It allows customers to track all behavioral event data, assure the quality of that data, and use any tool they want to answer important questions. This high-quality behavioral data is the driving force behind many fantastic digital experiences and the successful companies that provide them.
Challenges
- Achieve greater visibility into cloud environments
- Automate writing rules and checking logs
- Improve security posture
Solutions
- Deployed Lacework across 16 AWS sub-accounts in 30 minutes
- Applied Lacework on data pipelines to ensure deployed software is compliant
- Used Lacework to perform safety checks before updates reach customers
Results
- Gained visibility into environments to determine exposure to vulnerabilities, including Log4j
- Used reports from Lacework to easily demonstrate compliance during audits
- Secured AWS and Google Cloud environments and plan to use Lacework to help with future expansion into Microsoft Azure