Visibility and Analysis for Compliance in Multicloud Environments
Complexity is an enemy of security; a unified view is essential to simplify the complexity of having multiple configurations. Lacework does this across AWS, GCP, and Azure by bringing multiple clouds into one portal. This means no logging into different disparate tools to evaluate your stance. It is a single pane of glass to audit all of your cloud platform configurations. As configurations change, Lacework will monitor and alert any time a configuration goes out of compliance. This ensures that security and compliance teams immediately become aware of issues so they can be fixed before data and cloud resources are compromised.
Lacework delivers deep visibility for configurations across all of an enterprise’s cloud accounts and workloads so organizations can ensure compliance with industry, governmental, and institutional standards. Operating on multiple cloud platforms can increase the threat vector of the overall infrastructure and add complexity to an already challenging task. Lacework operates as a comprehensive, centralized solution to identify, analyze, and alert on configuration issues.
Identify Configuration Issues
- Find Identity and Access Management (IAM) vulnerabilities, including root account, password requirements, and usage of MFA.
- Check for logging best practices enable log files across regions, and enable that log files are validated and encrypted.
- Monitor critical account activity such as unauthorized API calls and use of the management console for unauthorized purposes.
- Confirm secure network configurations, including limiting access to vulnerable ports, enforcing “least access” privileges, and checking for the use of flow logging.
Track Configuration Changes Continuously
- Daily re-audit to maintain compliance and protection.
- Monitor account activity for abnormal activity, even when that activity is technical authorized.
- Receive customizable alerts when items change from compliant to non-compliant.
Ongoing Monitoring of Activity
- Detection and alerting of activity on all cloud platform resources, such as new activity in a region, activation of new services, or changes to access control lists.
- Changes to users, roles, or access policies.
- Access or customer master key tampering.
- Reduce alert fatigue with customizable alerts and reports that eliminate repetitive or irrelevant results.