This is Lacework
Product Videos
Customer Testimonials
Case Studies
Snowflake Case Study
Learn how Snowflake was able to gain full visibility into their cloud environment to follow everything that was occurring, end-to-end. Read More...
Sift Case Study
Learn how Lacework enabled Sift to reduce their security budget by 50% and accelerate their security roadmap by more than six months. Read More...
Drift Case Study
See how Lacework gave Drift increased visibility in their AWS and Kubernetes deployments to support their growth and compliance goals. Read More...
Marqeta Case Study
See how Marqeta was able to deliver faster application development and improved security monitoring with no additional AWS expertise. Read More...
Poka Case Study -Visibility Into Containers With Deep Application Context
See how Lacework gave Poka full visibility into the inner workings of their containerized environments, all while drastically reducing alert fatigue. Read More...
DataVisor Case Study
DataVisor was able to extend security to expanding multicloud environments, which required a highly efficient approach to real-time monitoring & protection. Read More...
Jitterbit Case Study
With Lacework, Jitterbit was able to secure their dynamic cloud and containerized environments, along with their microservices, all at scale. Read More...
Carson Living Case Study
Carson Living was struggling with adequately securing their AWS environment. Here's how they leveraged automated rule writing to scale their security with their growth. Read More...
Cazena Case Study
With Lacework, Cazena was able to increase operational efficiency, reduce noise generated by their security stack, and identify anomalies. Read More...
Wavefront Case Study
Lacework enabled the security team at Wavefront to quickly investigate events, while improving visibility into overall security posture. Read More...
Guidebook Case Study
Learn how Lacework gave Guidebook a clear and complete picture of security operations across their entire cloud implementation. Read More...
eBooks
Cloud Security Automation For Dummies®
Cloud security automation brings great value, safety, responsiveness, and productivity gains to organizations that put it to proper use. Learn how you can do this at your organization and start gaining exponential value in milliseconds. Read More...
Transform AWS Data Into Cloud Security Insight
Organizations collect security logs and have at least some alerting, but consider this simple question: what do we do with those logs? Download this guide to see a new approach to AWS data ingestion. Read More...
Solving M&A Challenges with Cloud Security
Strategic merger and acquisition (M&A) has long been an effective way to rapidly grow a business. The M&A approach often involves less risk to invested capital and delivers a faster return on the investment. Read More...
How to Accelerate Container Adoption
Developing applications with containers has become an increasingly popular way to operationalize speed, but it must be able to do so without jeopardizing security and compliance. Read More...
Cloud Security Fundamentals
Protecting a cloud environment requires a dedicated, comprehensive effort across the policies, processes, technologies, and controls that are involved in securing the data and resources that make up overall cloud infrastructure. Read More...
The Fundamental Shift in Cloud Security
The fundamental aspects of the cloud are enabling an entirely new way of conducting business. The most innovative organizations are those that recognize that for this new pace of business to be sustainable, security must keep pace with the speed and agility of the cloud. Read More...
Securing Modern Applications and Infrastructure
The maturation of cloud-native security and containerized environments creates pervasive blind spots, making securing these environments uniquely challenging. Here's how to secure these types of modern applications and infrastructure. Read More...
Addressing Compliance & Audit Challenges in the Cloud
Cloud dependence comes with cloud complications—a critical one being compliance. Compliance audits are never easy, but now, with businesses running applications in multiple public, private and hybrid clouds, even knowing if you are compliant, let alone proving it, has become a major burden. Read More...
2021 Buyer’s Guide to Comprehensive Cloud Security
To ensure cyber resiliency in the cloud, teams have to address several new challenges unseen in traditional IT and on-premises data centers. Here are some topics to keep top of mind as you explore a cloud security platform. Read More...
Top Ways Your Cloud Approach is Burning Cash
Through our work across hundreds of clouds and tens of thousands of containers and workloads, we've captured the top ways organizations can save time and money by embracing a cloud first approach to security. Read More...
Top Mistakes to Avoid When Using Cloud Provider Security Tools
Using cloud native apps to secure your infrastructure may seem like the path of least resistance, but there are a number of mistakes when using cloud native and open source security products that you’ll want to avoid. Read More...
Why Compliance is Not Enough When it Comes to Cloud Security
Compliance objectives generally carry three main goals: prevent misconduct, detect misconduct, and align policies with laws, rules, and regulations. We cover these goals in the context of modern cloud environments. Read More...
Gaining Complete Cloud Visibility as You Scale
To keep pace with cloud innovation, you need to see the entirety of your cloud footprint to be able to effectively secure it, which is paramount as you continue to innovate, build, and scale in the cloud. Read More...
A Security Guide to Container Orchestration
It's hard to argue against the benefits of containers and containerized applications running on cloud resources. However, containers create new cloud security challenges. Read More...
Compliance in the Cloud: Avoiding the Compliance Trap for Cloud Environments
In order to successfully meet your security requirements and compliance obligations you must define and implement appropriate technical and administrative controls. Read More...
Security-First Compliance
With cloud services increasingly emerging as a key component of IT operations, more organizations now face the compliance issues that come with that style of adoption. Read More...
CISO's Playbook to Cloud Security
To secure enterprise assets in the cloud, CISO's must address several new challenges unseen in traditional IT and on-premises data centers. Here are key strategies to secure your enterprise cloud infrastructure from cyber threats. Read More...
How to Build a DevSecOps Culture
A DevSecOps culture embeds security in your DevOps workflows to speed up delivery speed without compromising security. Here's how to build a strong DevSecOps culture in your organization: Read More...
Cloud Security Checklist
To help those responsible for their company’s security get their bearings in the cloud, we’ve put together a checklist that explains key issues and risks, and provides guidance about how you need to address them. Read More...
What are Your Public Cloud Security Risks?
The ease and speed with which organizations can deploy workloads often outweighs the security implications of doing so. Here's why you may be more at risk thank you think, and what you can do about it. Read More...
Resetting Your Security Thinking for the Public Cloud
We take a closer look at securing cloud infrastructures by asking seven experts the following question: To operate public cloud-based IT infrastructures securely, what security thinking needs to change, and why? Read More...
Automated, Comprehensive Compliance & Security: Purpose-Built for the Cloud
Learn how Lacework was built specifically to deliver contextual data about cloud events, because changes can lead to new vulnerabilities and potential threats. Read More...
Avoiding Container Vulnerabilities
To get a better understanding of potential risks associated with containers and how best to address those risks, we asked the security experts the following question: What vulnerabilities do containers create, and how do you protect against them? Read More...
VPC Flow Logs Are Not Enough
VPC flow logs are not enough, and modern environments require a new approach to cloud security. Here are eleven ways network-based security tools based on VPC logs fall short when transitioning to the cloud. Read More...
Webinars
Reckless to Fearless: Automating Remediation in the Cloud
Tines and Lacework have partnered to bring you insights into the latest in cloud automation. Our tools powerfully combine, helping you take action and automatically solve security alerts in real-time as they occur. See Webinar...
Behaviors of Compromised Cloud Environments
Join Chief Architect Ulfar Erlingsson and Sr. Product Manager Michael Bentley for the latest installment of the Automate to Accelerate Series - Behaviors of Compromised Cloud Environments. See Webinar...
Lacework Cloud Threat Report, 2021 Volume 1 Review
The attack surface just broadened. Are you fully updated on the emerging cloud threats now facing your organization? See Webinar...
Achieve Cloud Security Savings through SIEM Optimization
Learn strategies you can implement to start saving on cloud security through SIEM optimization. See Webinar...
How YOUR Data Can Drive Cloud Security Success at Scale
Modern organizations face a ton of cloud complexity—migrations, new applications, acquisitions, multi-cloud, microservices, and more. Change is the only constant in the cloud. See Webinar...
LendingTree Automates AWS Security for DevOps Teams and Stays Compliant with Lacework
Learn how LendingTree automates their AWS security for DevOps teams and stays compliant with Lacework. See Webinar...
How to Address the Unique Challenges of Cloud and Container Security
Experts from Lacework and ESG discuss cloud adoption research, and how to stay on top of vulnerabilities across multicloud and containerized/K8s landscapes. Read More...
Top 5 Strategies to Balance Container Advantages and Risks
Improve your container security posture at both buildtime and runtime, and how to stay on top of potential container vulnerabilities so you can continue to innovate with speed and safety. Read More...
Achieve 40% Cloud Infrastructure Savings with AWS Graviton2
Many cloud-first organizations are shifting workloads to AWS Arm-based architecture to reduce costs while ensuring optimal cloud performance. Learn how to take advantage of these cost savings while achieving next-level security. Read More...
Reduce AWS Security Investigation Time by 90%
We cover how to free yourself from the grind of manually investigating countless security incidents, all with unparalleled context to build and run secure and compliant infrastructure at cloud speed. Read More...
7 Key Considerations Before Sending AWS CloudTrail Logs to a SIEM
This webinar covers the seven most important factors to consider if your organization sends raw AWS CloudTrail logs to a SIEM tool. Read More...
Addressing Compliance and Audit Challenges in the Cloud
Traditional approaches to cloud compliance are not effective and require new cloud security tools to meet growing security demands. Learn how to overcome the challenges of public cloud compliance. Read More...
How the Cloud Breaks Traditional Security Approaches
The traditional approach of writing rules to define bad or suspect behaviors simply doesn’t work for modern organizations. Humans can’t write rules fast enough to keep up with changes in the cloud, and logs + network data force too much guessing, you must understand the entity relationships as well. Read More...
Solution Briefs
Cutting Through the Cloud Clutter
We cover how deep visibility and actionable insights from effective cloud-native security applications can be instrumental in mitigating security issues. Read More...
Cloud Security for Health IT
From mobile health, telehealth, or eHealth, the growing influence of cloud networks are reshaping the IT landscape. Here's how to stay secure and compliant. Read More...
Financial Services in the Cloud
The Financial Services sector is among the most targeted groups for financially motivated cyberattackers. Ensure your organization is prepared. Read More...
AWS CloudTrail
Learn how Lacework helps security professionals analyze AWS CloudTrail logs in less time with behavioral analytics and deep insight into anomalies. Read More...
Anomaly Detection
Here's how we use machine learning to identify and analyze behavioral deviations from normalized behaviors in cloud and container infrastructures that result from vulnerabilities. Read More...
AWS Security
Lacework provides comprehensive, continuous end-to-end security and configuration support for workloads and accounts running in AWS and in multi cloud environments. Read More...
Azure Security
For all Azure events and configurations, Lacework monitors activities and behaviors of cloud entities beyond network traffic to detect anomalies indicative of a misconfiguration, a human error, malicious activity or a threat. Read More...
Cloud Account Security
In multicloud environments, it’s critical to monitor the activities of each account. Lacework helps organizations understand who is using what, to learn what API calls are made to various cloud resources, and identify irregularities that might indicate account risk. Read More...
Configuration Compliance
Operating on multiple cloud platforms can increase the threat vector of the overall infrastructure and add complexity to an already challenging task. Lacework delivers deep visibility for configurations across all of an enterprise’s cloud accounts and workloads so organizations can ensure compliance with industry, governmental, and institutional standards. Read More...
Container Security
Lacework is fully container-aware and monitors all container activities regardless of the container distribution you rely on (Docker and/or Kubernetes). Any malicious activity in a containerized environment will generate an anomaly at one layer or another – Lacework’s threat detection and behavioral analysis identifies anomalous activities across your cloud and containers so issues can be remediated before any damage is done. Read More...
File Integrity Monitoring
Designed for high-velocity cloud implementations, Lacework’s FIM solution automates setup and eliminates labor-intensive rule development, ACL specification, and configuration. With our innovative baselining technology, Lacework keeps up with cloud changes while dramatically reducing false positives so security teams can focus on the FIM events that really matter. Read More...
GCP Security
Lacework offers an automated, end-to-end security and configuration solution that monitors threats for workloads and accounts in GCP and across multicloud and containerized environments. Lacework checks for a series of controls specific to GCP resources like Storage Buckets, ACLs and other resources, and for processes like Cross-Origin Resource Sharing (CORS), access logs, and other elements that can be targeted in the course of attacks. Read More...
Host Intrusion Detection
Lacework Host-based IDS automatically identifies intrusions and raises the alarm so you can stay a step ahead of attackers. We give you the visibility and context you need to resolve intrusion events before they turn into damaging breaches. Delivered as a service, Lacework can be deployed at scale in minutes. Read More...
Kubernetes Security
Lacework provides deep visibility into your Kubernetes deployment. This includes high-level dashboards of your clusters, pods, nodes, and namespaces combined with application level communication between all of these at the application, process, and network layer. Read More...
Runtime Threat Defense
To provide comprehensive security for active threats and vulnerabilities caused by misconfigurations and other infrastructure changes, Lacework uses runtime defense to identify, analyze, and alert on anomalous behavior for applications, virtual resources, hosts, and all user activity. Read More...
Workload Security
Lacework’s lightweight agents collect and send data to Lacework’s backend in the cloud where this data is aggregated, and a baseline of the activity in the cloud environment is created. The automated method of detecting undesired activity in cloud and container workloads provides great benefits over traditional rule writing. Read More...
White Papers
Achieve Cloud Security Cost Savings Through SIEM Optimization
The migration to the cloud and containerization has brought with it an astonishing rate of logs to search, store and analyze. SIEMs have held their own for many years but are beginning to show their age in the form of an exploding total cost of ownership. Read More...
Container Security Essentials: The Rise of Containers in the Cloud
Containers are a fascinating and sometimes controversial topic in the IT world. The most powerful companies rely on them implicitly in the production environment. But do containers pose a potential security risk? Read More...
Tevora: Simplify Continuous Compliance and SOC 2
Cybersecurity is top of the mind for management, boards, and regulators. And with the impact of regulatory oversight, organizations are under increasing pressure to demonstrate that they have taken appropriate measures to secure their environment. Read More...
Gartner Market Guide for Cloud Workload Protection Platforms
Workload protection must span VMs, containers and serverless workloads in public and private clouds. This Gartner Market Guide covers the need for protection that spans development and runtime. Read More...
DZone Container Trend Report
We explore the current state of container adoption, uncover common pain points of increasingly complex containerized architectures, and introduce modern solutions for building scalable, secure, stable, and performant containerized applications. Read More...
The Journey to Mature Cloud Security
Whether you’re migrating to the cloud or developing cloud-native apps, it’s essential to bolster IT security practices to meet the challenges and opportunities that stem from those environments. Read More...
2021 Cloud Threat Report, Volume 1
Get the latest report from the Lacework Labs team focused on risks and threats relevant to cloud services, containers, and container orchestration systems. Read More...
Securing Containers in a Cloud Environment
Containers and containerized applications running on cloud resources have brought countless benefits, but have introduced security challenges as well. To address the latter, we created a blueprint for container and orchestration best practices. Read More...
Preventing Data Leaks in the Cloud with Anomaly Detection
This paper describes the five forms of data leaks in the cloud, and how an effective anomaly detection platform can be the most important ally in identifying, understanding, and combatting these breaches. Read More...
5 Steps to Improve Breach Detection and Incident Response in Public Cloud
Managing the aftermath of a security breach or cyber attack is no easy task. Here's how to continuously monitor security within your cloud workloads and improve incident response processes. Read More...
Security Tooling for Multi-Cloud Deployments
This whitepaper explains how to consolidate security across multicloud environments, and your responsibility for different cloud approaches. Read More...
Cloud & Container Security from Build-Time to Run-Time
Learn how to create a complete security approach for cloud and multi-cloud environments, DevOps, and container orchestration, for all aspects of compliance, accounts, and workloads. Read More...
The Role of Kubernetes in Cloud Security
With the rapid adoption of Kubernetes for application and infrastructure orchestration, there’s a corresponding increase in the risk associated with data exposure and vulnerabilities throughout the application lifecycle. Read More...
DevOps Security for Cloud and Container Environments
Security & compliance must be woven into any new framework and this is no different with DevOps. Here's why new DevOps processes must also follow an organization's information security and secure development lifecycle policy and process. Read More...
How to Automate Compliance Gaps for Public Cloud
Automating security and compliance functions can ease management of complex multi-cloud environments. Here's how to streamline compliance in the public cloud: Read More...
Automating Container Security with AWS & Lacework
Using containers in AWS enables agile orchestration of app capabilities with less coordination and oversight than than on-premises or virtualization infrastructure. Here's how to maintain security for these new capabilities. Read More...
Identify & Manage Cloud Security Misconfigurations in AWS, Azure & GCP
Here's why it’s critical to understand how your cloud infrastructure is set up, and what tools you'll need to rely on to protect it. Read More...
5 Steps for DevOps + Security Integration Infographic
From instituting training to creating a culture of security, here's how to build a team that can keep systems secure at the speed of DevOps Read More...
Top Ten Threats to Cloud Security Infographic
There’s an enormous amount of event activity in the cloud. A busy cloud environment can generate eight to ten billion events per month, which makes threat detection a much more challenging proposition. Read More...
Containers At-Risk: A Review of 21,000 Cloud Environments
This report describes the risks and threats that can be created by deploying workloads in public cloud without the proper security guardrails, security services, and the systematic use of security best practices. Read More...
Lacework: Avant Garde Security
Lacework redefines security by enabling configuration assessment, behavior monitoring, threat and anomaly detection, and incident investigation. Here's how we bring speed and automation to every cloud security process. Read More...