Blog

NIST Cybersecurity Framework and Your Cloud

NIST Cybersecurity Framework and Your Cloud

The National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) is currently one of the most popular standards for small to medium sized companies with an emphasis on cloud computing. Introduced in 2014 and updated in 2018, CSF offers an alternative to the NIST 800-53 standard. NIST 800-53 was developed in 2005 as an […]

Read More…

Developing a Security-First Model for Cloud Compliance

Developing a Security-First Model for Cloud Compliance

Compliance looks for proof that organizations do what they say they do. Security requirements come in many forms beginning with your organization’s own information security policy. Your security policy should align with your organization’s business objectives and reflect your specific infrastructure and services. Compliance with internal security policy can be assessed through internal security reviews […]

Read More…

Effective Compliance Requires a Security-First Approach

Effective Compliance Requires a Security-First Approach

In the cloud, compliance and security are highly reliant upon one another, and they share a common goal: responsibility for keeping an organization’s data, users, resources, and intellectual property safe and usable. While some organizations see these two as separate activities, smart enterprises recognize how effective compliance and security are tightly connected. The key, however, […]

Read More…

The Basics of Configuration Compliance

The Basics of Configuration Compliance

The public cloud has enabled customers to move fast and adapt to changing needs by allowing them to quickly spin up infrastructure programmatically or with just a few clicks. This has allowed companies to grow quickly, and for technological advancements to be implemented rapidly. However, as simple as it is to stand up infrastructure it’s […]

Read More…

The New School of Security: Using the Cloud to Secure the Cloud

The New School of Security: Using the Cloud to Secure the Cloud

Legacy security was built on the premise of a moat; keep people and data away from the infrastructure, and they can’t attack it. Firewalls, intrusion detection systems, or intrusion prevention systems –  these tools delivered “network-centric” solutions and aimed to keep access at a safe distance. Originally, firewalls performed the task of preventing unwanted, and […]

Read More…

PCI Compliance in the Public Cloud

Compliance frameworks provide a structure for how enterprises organize and secure their content and resources. Because they are created and governed for the purposes of protection and interoperability, they provide necessary safeguards that help organizations structure their security posture. They can also be onerous and burdensome which can lead to security and compliance teams falling […]

Read More…

Lacework Achieves SOC 2 Type II Compliance

Mountain View, Calif. – September 26, 2018 –  Lacework®, the industry’s first solution to bring automation, speed and scale to cloud security, has received Service Organization Control (SOC) 2, Type II Certification, which provides independent validation that Lacework security controls comply with the American Institute of Certified Public Accountants’ applicable Trust Services Principles and Criteria. […]

Read More…

Lacework Supports PCI Compliance with FIM Solution

Lacework Supports PCI Compliance with FIM Solution

Photo by Samuel Zeller on Unsplash If you wanted to name a technology product category so it got beat up in the schoolyard, you might call it File Integrity Monitoring. Like a lot of products in the security space, File Integrity Monitoring (FIM) as a moniker accurately explains what the solution provides, but it’s about […]

Read More…

Hurwitz & Associates

Hurwitz & Associates: Leaders Find Winning Cloud Security Strategy in Automation

Mountain View, Calif. – January 31, 2018 – Lacework®, the industry’s first solution to bring automation, speed and scale to cloud security, today announced findings from “Balancing Velocity and Security in the Cloud,” the latest report from Hurwitz & Associates. Based on quantitative research, as well as qualitative interviews with industry practitioners, Hurwitz & Associates […]

Read More…

File Integrity Monitoring

Lacework Adds File Integrity Monitoring to its Cloud Security Platform

Mountain View, Calif. – October 31, 2017 – Lacework™, the industry’s first solution to bring automation, speed and scale to cloud security, has added File Integrity Monitoring (FIM) to its platform, enabling FIM to be more than a compliance checkmark and making it an integral part of the threat detection process. FIM’s file integrity signals […]

Read More…