Security at Lacework
Trust is a Critical Asset to our Success
Security is at the forefront of everything we do at Lacework – we take security very seriously. This is not just about securing our customers. It is also about securing our platform and our customers’ data on that platform. We have dedicated security roles, the security engineers are the engineers. It is everyone’s role at Lacework to make sure we are as secure as possible, not just that of an individual or a group.
As a customer-first organization, we are committed to not breaking the trust with our prospects, customers, or business partners by publicly releasing information about their data, their security, their vulnerabilities, or any proprietary information without their consent. We take the confidentiality of that information seriously.
We believe in the responsible disclosure of vulnerabilities to our service and will reply to all reported vulnerabilities via email at security -(at)- lacework.com.
Data Center Security
Our service runs 100% on Amazon Web Services’ highly secured data centers which have several certifications, including SOC II type II. We deploy and maintain best practices to secure that infrastructure including network and data security, and customer data segregation.
Data at Rest
All customer data is stored in Amazon Web Services in a data warehouse that is SOC II, PCI DSS, and HIPPA compliant, and ensures:
- Fine-grained access to the data
- Data encryption only those with the key can read
- Encryption of data at rest and in-transit