Blog

Cloud Security This Week – November 30, 2018

  At the risk of sounding like an alarmist, the fact is that this week was an absolute doozy for security-watchers. Leading off with the massive breach of 500 million Starwood customer records, to evidence that NSA hacking tools are still being used for nefarious purposes, it makes one question if we’re getting any better […]

Read More…

ELF of the Month_ Linux DDoS Malware Sample

ELF of the Month: Linux DDoS Malware Sample

Each month we take a look at a malicious Executable and Linkable Format (ELF) file, the common executable file format for Unix and Unix-like Operating Systems, and share details about the sample. In this edition of ELF of the Month we take a look at a Linux DDoS sample recently uploaded to VirusTotal. This particular […]

Read More…

A Cybersecurity Three Pointer: How Basketball Explains Risk in the Cloud

A Cybersecurity Three Pointer: How Basketball Explains Risk in the Cloud

Photo by Erica Nilsson on Unsplash Basketball season is in full swing which means we’re in for some long range Steph Curry three pointers, savage Giannis Antetokounmpo dunks, and an endless supply of Gregg Popovich memes. Teams have to be ready for anything in the course of the season, and those most able to be […]

Read More…

Anatomy of a Redis Exploit

Anatomy of a Redis Exploit

Photo by Sonja Langford on Unsplash At Lacework Labs we have been setting up honeypots as part of our ongoing research into securing public cloud infrastructure. Recently we noticed one of our Redis honeypots was compromised. We were running a stock version of Redis which allowed inbound connections. During our monitoring, a cryptocurrency mining botnet […]

Read More…

Cloud Security This Week - October 12, 2018

Cloud Security This Week – October 12, 2018

  New from Lacework Network Security Vendors Are Trying to Buy Their Way Into Relevance Consolidation, investment, and acquisition in the security market is a great validation that demand for the cloud continues at a breakneck pace. But it’s not necessarily making customers safer.   Inside Lacework: Set Up Lacework with AWS We cover how […]

Read More…

History is repeating itself with cybersecurity acquisitions. It’s NOT making organizations safer.

The New Security Stack: While old school security vendors are trying to buy their way into relevance, it’s still not making organizations any safer

Photo by Jacek Dylag on Unsplash We’ve heard it a million times: those who don’t learn from history are doomed to repeat it. Some of us take heed, while most figure we can beat history on our own terms. What we can’t beat, however is evolution. Evolution has brought us, both from a technology and […]

Read More…

Cybersecurity is Everyone’s Business, All the Time

Cybersecurity is Everyone’s Business, All the Time

Photo by Dianor S on Unsplash This week begins the Department of Homeland Security’s National Cyber Security Awareness Month which promotes awareness and best practices for how citizens should think about security and how it relates to their data, their organizations, and ultimately, our nation. Just as Smokey the Bear was created in the 1940’s […]

Read More…

Cloud Security This Week

Cloud Security This Week – September 28, 2018

  New from Lacework Cybersecurity in the News…Again…And Again A roundup of three major cybersecurity breaches. This is becoming common, and not just for people who live the world of cybersecurity. It’s a harbinger of our connected world, and one that keeps delivering headlines.   Secure Your AWS Cloud with Lacework Webcast replay that explains […]

Read More…

Lacework Achieves SOC 2 Type II Compliance

Mountain View, Calif. – September 26, 2018 –  Lacework®, the industry’s first solution to bring automation, speed and scale to cloud security, has received Service Organization Control (SOC) 2, Type II Certification, which provides independent validation that Lacework security controls comply with the American Institute of Certified Public Accountants’ applicable Trust Services Principles and Criteria. […]

Read More…

In the news - cyberattacks or the discovery of a breach of sensitive data.

I Read the News Today, Oh Boy

Photo by Flemming Fuchs on Unsplash Every morning, I begin my day with the same routine I’ve had for many years. You and I aren’t that close yet, so I won’t go into the specifics of my dawn activities, but I can safely divulge that it involves fleece, coffee, and a quick scan of the […]

Read More…

Lacework Supports PCI Compliance with FIM Solution

Lacework Supports PCI Compliance with FIM Solution

Photo by Samuel Zeller on Unsplash If you wanted to name a technology product category so it got beat up in the schoolyard, you might call it File Integrity Monitoring. Like a lot of products in the security space, File Integrity Monitoring (FIM) as a moniker accurately explains what the solution provides, but it’s about […]

Read More…

Lacework Kubernetes Meetup

Kubernetes, Pizza, and Learning From Our Community

  Yesterday was a big day for Lacework. We announced a $24 million series B round of funding which will help us continue our momentum in building the market’s most comprehensive cloud security solution. Even in today’s funding environment, that’s a significant amount, and we already have plans to invest heavily (and wisely) in product development, […]

Read More…

PCI Compliance for cloud environments: Tackle FIM and other requirements with a host-based approach

PCI Compliance for Cloud Environments: Tackle FIM and Other Requirements With a Host-Based Approach

Photo by Hannes Egler on Unsplash Compliance frameworks and security standards are necessary, but they can be a burden on IT and security teams. They provide structure, process, and management guidelines that enable businesses to serve customers and interoperate with other organizations, all according to accepted guidelines that facilitate a better experience for end users. […]

Read More…

Using Lacework, Brightcove Automates Security and Compliance Across Multiple AWS Accounts Covering Development, Testing, and Production

Lacework Selected by Brightcove for Automation of Security at Scale for Its AWS-Hosted Video Service

Mountain View, Calif. – July 18, 2018 –  Lacework®, the industry’s first solution to bring automation, speed and scale to cloud security, today announced that Brightcove Inc. (NASDAQ: BCOV) has selected Lacework to provide continuous security for its cloud-based online video platform hosted on Amazon Web Services (AWS). With Lacework, Brightcove automates security monitoring and […]

Read More…

How Ronaldo’s Hair Explains Cybersecurity

Security tools abound that promise to protect you from the looming threat of hackers everywhere. Many of them look great, but their value is dubious. They might perform some specific task like packet inspection at the perimeter or bot detection, but aren’t actually doing the complex work required to inspect the millions (and in some […]

Read More…

Veeva

Lacework Helps Veeva Systems Automate Security and Compliance for its AWS Cloud

Mountain View, Calif. – May 17, 2018 –  Lacework®, the industry’s first solution to bring automation, speed and scale to cloud security, today announced that Veeva Systems has chosen the Lacework Cloud Security Platform to provide advanced security and compliance capabilities atop its infrastructure hosted in Amazon Web Services (AWS). Lacework enables Veeva, a leader […]

Read More…

Lacework logo

Lacework Names Stefan Dyckerhoff Chief Executive Officer

Mountain View, Calif. – November 7, 2017 – Lacework™, the industry’s first solution to bring automation, speed and scale to cloud security, today announced the appointment of Stefan Dyckerhoff to the role of Chief Executive Officer (CEO). As CEO, Dyckerhoff is responsible for the future direction of the organization and leading the company’s overall operations, […]

Read More…

File Integrity Monitoring

Lacework Adds File Integrity Monitoring to its Cloud Security Platform

Mountain View, Calif. – October 31, 2017 – Lacework™, the industry’s first solution to bring automation, speed and scale to cloud security, has added File Integrity Monitoring (FIM) to its platform, enabling FIM to be more than a compliance checkmark and making it an integral part of the threat detection process. FIM’s file integrity signals […]

Read More…

Cloud Workload Security Automate

Forrester’s Insights into Cloud Workload Security: Automate, Automate, Automate

Earlier this week, Forrester released its Vendor Landscape report for cloud workload security solutions (CWS), authored by Andras Cser, Vice President and principal analyst at Forrester. According to the report, 52% of North American infrastructure decision makers believe public cloud implementations are a critical business priority. There’s no question the future belongs to the cloud. […]

Read More…

Forrester

Lacework Recognized in Independent Cloud Workload Security Solutions Vendor Landscape Report

Mountain View, Calif. – September 12, 2017 – Lacework™, the industry’s first zero-touch cloud security solution, today announced its inclusion in Forrester’s September 2017 report, Vendor Landscape: Cloud Workload Security Solutions Q3 2017, by Andras Cser, vice president and principal analyst at Forrester Research. The report provides security and risk professionals with an overview of the […]

Read More…

Amazon Web Services

Lacework Brings Zero-Touch Anomaly Detection to AWS Accounts

Mountain View, Calif. – August 14, 2017 – Lacework™, the industry’s first zero-touch cloud security solution, today announced that Lacework Polygraph is now integrated with Amazon Web Services (AWS) CloudTrail, extending the company’s zero-touch security approach to protect AWS accounts. Using Lacework for AWS CloudTrail, cloud teams can make sense of CloudTrail data, deepen visibility […]

Read More…

Lacework’s Partnerships and Integrations Establish Foundation of New Cloud Security Stack

Mountain View, Calif. – July 25, 2017 – Lacework™, the industry’s first zero-touch cloud security solution, today announced a range of partnerships across the security and cloud ecosystems as critical building blocks of a security stack natively adapted to cloud deployments in Amazon Web Services (AWS), Microsoft Azure and private clouds. Organizations transitioning to modern […]

Read More…

Smitten with containers? What about security?

Developers are smitten with containers. It’s no mystery why — they’re perfect partners for agile development and fast-paced DevOps environments. Containers start up in seconds and use a fraction of the resources of traditional VMs, making them ideal for microservices architectures and scalable apps. Convenience is a big part of the allure too: third party images make […]

Read More…

Free Trial

Lacework Announces 14–Day Free Trial of Zero-Touch Cloud Workload Protection Platform (CWPP)

Mountain View, Calif. – June 27, 2017 – Lacework™, the industry’s first zero-touch cloud workload security solution, today announced the immediate availability of a 14-day free trial for its zero-touch cloud workload protection platform.  With this free trial, global security teams can rapidly assess their security posture on Amazon Web Services (AWS), Microsoft Azure and […]

Read More…