Lacework announced the release of a series of new
platform capabilities that save invaluable time for security stakeholders
ranging from CISOs to frontline security analysts. The platform additions,
which include Lacework Explorer (a new security graph and resource explorer),
new dashboards, and further investments in industry-leading Lacework composite
alerts, give more time back to security teams as they take on attackers.
"The new
dashboard highlights the information we care about most, offering customizable
and discrete views for specific metrics," said Patrick Linnane, Senior
Director, Information Security Operations, Emburse. "This enhancement
enables us to make better decisions, faster."
The number one adversary
enterprises face in securing their cloud environments is time. It takes too
long to detect and contain a breach, it takes too long to remediate critical
vulnerabilities, and bad actors can exfiltrate valuable data too quickly for
security teams to achieve desired outcomes. Each of these new platform
capabilities provide customers with significant time savings.
New dashboards put the
information each security persona needs to do their job directly at their
fingertips. Lacework Explorer combines a next-generation security graph and
resource explorer to quickly find the assets a security professional wants to
assess, and dynamically shows the complex relationships between them. New
context panels combine and neatly display all the necessary information to
support lightning-quick threat investigations. Composite alerts for Kubernetes
bring together multiple low-level indicators to provide a powerful signal with
context of when something malicious is happening in container environments.
"The life of most
security professionals is a constant struggle between proactively reducing
risk, triaging potential security incidents and maintaining repeatable
processes that are effective and time efficient," said Niels Provos,
Head of Security Efficacy, Lacework. "Lacework has invested significantly
into building a platform for end-to-end security workflows that reduce toil and
enable security professionals at all levels of an organization to focus their
work on improving security outcomes. Whether it's enabling a CISO to
efficiently delegate and hold other business units accountable or allowing
incident responders to quickly identify the root cause for an incident,
Lacework has built the end-to-end platform to make everyone more efficient."
Together with the
code-to-cloud coverage of the Lacework platform, these new capabilities help
give customers the high-fidelity security context they need to take decisive
action, quickly, in the face of cyberattacks.
Introducing Lacework
Explorer
Lacework has
always believed that achieving the best security outcomes, with speed, requires
continuous visibility and context, including knowing where every software
package is running, and the ability to capture and correlate data across the
application lifecycle. This approach empowers security teams to be more
efficient, eliminates the toil of stitching together data and findings from
different sources, and it helps to consolidate onto fewer tools that deliver
higher value.
Lacework Explorer
allows security teams to instantly visualize the complex and nested
relationships between resources within their cloud environment, to better
understand and prioritize the risk associated with each cloud entity and
resource. With Lacework Explorer, customers can:
- Gain greater visibility into the network and identity based relationships
between cloud resources, to better understand how an attacker could exploit a
risk and gain access to critical resources and data.
- Visualize how an attacker could move laterally between hosts, containers
and Kubernetes services.
- Better prioritize an entity's risk through deeper exploration of its blast
radius, connections, and permissions.
- Easily access security data by allowing teams to get quick and visual
answers to complex personalized questions.
New Security Dashboards
At a time when
security budgets are more scrutinized than ever, senior security leaders must
be able to quickly determine whether the controls they put in place are making
a difference in order to demonstrate the return on their security investments,
highlight opportunities for future investment, establish accountability with
respect to their security goals, and report progress up to the board of
directors.
Lacework security
dashboards provide security leaders immediate insights into how their security
program is tracking against its overall goals and gives them the granular
visibility to assess progress at the individual business, team or functional
levels within their organizations.
Lacework security
dashboards allow security leaders to:
- Gain immediate visibility into the performance and effectiveness of their
cloud security and compliance programs over time.
- Quickly understand how individual business units or other functions are
performing against their security goals and objectives.
- Easily demonstrate progress and the return on security investments, and
identify areas of opportunity for additional investment or oversight.
Lacework Context Panels
Speed kills when investigating and containing cloud threats, and new
Lacework context panels provide more clarity than ever to threat investigation
teams so they can take swift action. Context panels transform the way security
professionals interact with alerts by allowing them to view related entities
and content without losing sight of the alert's context.
Lacework context panels represent a strategic advantage for security teams.
By significantly reducing investigation times and improving the fidelity of
threat detection, these enhancements allow teams to focus on what truly
matters: safeguarding their organizations from increasingly sophisticated
threats.
Kubernetes Compromised
User Composite Alerts
The Lacework platform is
well-known for its unique threat detection capability, composite
alerts, which detects hard-to-uncover malicious
activity by automatically tying together low severity signals to define a more
specific alert condition. These low-level alerts often go unnoticed on their
own. To date, Lacework composite alerts have detected attacks like cloud
ransomware, cryptomining, compromised credentials, and compromised hosts.
Composite alerts save
threat hunters invaluable time by reducing the burden of chasing hundreds of
low-level alerts and combining specific indicators of compromise into highly
accurate signals with the necessary context to investigate the highest priority
events quickly. By extending composite alerts into Kubernetes, Lacework
customers can quickly identify active threats within their K8s environments.