Lacework, the data-driven cloud security company, today introduced the Polygraph® Data Platform, which helps organizations of all sizes automatically uncover suspicious activity across a multicloud environment so they can detect and address true threats and risks to their business from build time through runtime. Lacework is the only company to offer automated anomaly detection that provides consistent visibility, context, and security across Amazon Web Services (AWS), Google Cloud, Microsoft Azure, and Kubernetes EKS environments, providing customers with the ability to detect attack activity stemming from known and unknown threats. Lacework uses data and automation to protect multicloud environments, helping customers prioritize risk with pinpoint accuracy – with or without an agent – so they can innovate with confidence.
The recent Log4j vulnerability, which began as a zero day threat, is an example of the advantage of the Lacework approach. Lacework identified anomalous behavior in customer environments before disclosure of the vulnerability. New capabilities added to the platform allow customers to better prioritize the remediation of Log4j by integrating relevant vulnerability data with anomaly detection to surface these vulnerabilities more prominently.
According to a commissioned Total Economic Impact Study™ conducted by Forrester Consulting on behalf of Lacework, customers identified that the Polygraph Data Platform helped drive down the cost of security while at the same time increasing the time-to-value and efficacy of their security posture. One of Forrester’s interviewees for the study said, it typically takes six to twelve months to tune incoming signals, whereas Lacework takes only one to two weeks to learn their environment. As a result, the platform reduced the number of alerts by as much as 86%, making it easier for security and developer teams to tackle the most critical issues and giving them time to focus on other strategic initiatives. Based on the interviews and financial analysis, the study found that a composite organization experiences an ROI of 342% over three years.
Most security tools were not built for the scale, complexity, and speed of a single cloud environment, let alone multi or hybrid cloud. Relying on security teams to create rules that scan against a list of known problems, these tools bury critical information amid an influx of alerts and delay protection for new issues or attacks. These tools also often exist outside the company’s development process, positioning security teams as a roadblock to speedy innovation.
Securing cloud environments will only increase in importance. According to a recent independent global study of 700 executives, security, and DevOps practitioners, 88% of respondents said the security of their cloud environment will become increasingly important over the next year, with more than half feeling overwhelmed by their organization’s current security posture.
Lacework provides insights into vulnerabilities and misconfigurations for developers, as well as an inventory of cloud assets, compliance checks, monitoring of cloud configuration, and cloud account threat detection. To do this, the platform automatically collects and processes the right cloud service provider data without an agent. Lacework does all of the heavy lifting to keep an accurate record of assets and configurations so our customers can focus on more strategic projects. Moreover, to further reduce risk, Lacework provides continuous visibility and insight – via our modern, lightweight agent – into anomalous activity that could be indicative of an attack, even exploits tied to vulnerabilities that have not yet been discovered.
“Lacework was crucial to helping us quickly determine our exposure to Log4j, and as a result, we were able to maintain transparency and open communication with our customers in real-time,” said David Ting, Senior Vice President of Engineering, Product, CISO, Nylas. “Because Lacework combines agentless and agent-based approaches, we didn’t have to rely on snapshots which miss important activity and information. Instead, we were able to not only detect vulnerabilities but also continuously watch for exploit activity at runtime, saving us a lot of stress and allowing us to get a handle on the issue really quickly.”
The Polygraph Data Platform is the only solution that extends automated anomaly detection across AWS, Google Cloud and now Microsoft Azure and Kubernetes EKS environments. Available today are additional new features including:
- Correlating major vulnerabilities with exploit activity: The latest Lacework agent includes application vulnerability discovery for containers, hosts, and virtual machines, tying together Log4j vulnerability data and anomaly detection. Not only can customers better prioritize remediation efforts, they can actively watch for exploits targeting those Log4j vulnerable systems – including those stemming from commercial, off-the-shelf tools they don’t control.
- Improved asset discovery: Customers can automatically identify all assets plus easily track the risk, compliance, and configuration changes over time with resource management for AWS and now Google Cloud. The Polygraph Data Platform also provides a consolidated view of AWS and Google Cloud assets to all team members, including those who may otherwise have no access to cloud management consoles, so teams have a better understanding of their multicloud environment.
- Enhanced compliance benchmarking: CIS Benchmarks are one of the most common ways to assess security posture in relation to industry best practices, and measure security improvements over time. Lacework now offers analysis and reports for updated CIS Benchmarks for AWS, Google Cloud and Microsoft Azure.
- Google Cloud Marketplace availability: Lacework is now available on the Google Cloud Marketplace, in addition to the previously-supported AWS Marketplace, so customers have more options to purchase Lacework to secure their multicloud environments.
“Accelerating digital transformation and the resulting increasing shift toward multicloud environments have created a heated discussion of agent versus agentless cloud security approaches, good arguments can be made for both” said Frank Dickson, IDC. “However, the real discussion should be about static scanning of cloud environments for vulnerabilities and misconfigurations while also examining runtime activity for potential maliciousness. Frankly, the conversation needs to mature from an ‘or’ conversation to an ‘and’ conversation.”
“Companies are moving more workloads to the cloud to take advantage of the scalability and flexibility it offers. They face an ever changing and rapidly increasing set of attacks squarely targeting cloud adoption. Customers are seeking security solutions that help them manage the scale and complexity of their cloud environments and guard against threats such as ransomware and zero day vulnerabilities,” said Jay Parikh, Co-CEO, Lacework. “Continual end-to-end monitoring of cloud runtimes using the data-driven approach of the Polygraph Data Platform helps customers understand all of their environments and stay ahead of these threats.”
For more such updates follow us on Google News ITsecuritywire News