Subscribe for our Newsletter

In order to comply with privacy regulations in the European Union we’ll need you to provide consent before confirming you to our email list:

I consent to receive newsletter emails about our content and services.

We’ll send you occasional emails about new episodes, blogposts, partnerships and they might contain promotional content.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Lacework CSPM

April 5, 2022

Cloud computing has been around for more than a decade, but only for the last eight years has it started to get real momentum while having small and large companies undergoing digital transformation. It's especially accelerated between 2019 and 2021. Also, COVID forced people to work from home and motivated companies to move their compute and services to IaaS providers and rapidly adopt SaaS solutions.

Modern SaaS companies benefit from the elasticity of the cloud infrastructure and enjoy almost indefinite scalability for their products when using container-based, Kubernetes orchestrated, or serverless architectures to service their rapidly growing customer base. Managing cloud infrastructure at such a scale requires significant effort. The infrastructure supports multiple simultaneous operations and interactions, including data flow and processing by microservices and external APIs-based solutions. To provide some sense, we are talking about hundreds of millions of events daily, these events generated by the workloads running on the cloud infrastructure. Detecting risks or malicious activity in the noisy workload is equivalent to finding a needle in multiple revolving haystacks.

One would ask the question, why are they revolving? The revolving is related to the modern development methodology and application lifecycle that follow agile practices to deliver product features at high phase. We can learn that there is an exponentially growing amount of data processed and an increasing amount of code and network traffic processing the data. Security solutions require very granular analysis and monitoring capabilities to extract and identify the risks among the cloud workflows and detect the anomalies in the events generated while supporting speeds close to real-time. Lacework defines it as “Security at the speed of light.”

Lacework platform provides multiple approaches to integrate with any type of your cloud components. They can support servers and containers using an agent-based approach while connecting to the native cloud APIs and services.  Lacework can support most of the  public cloud providers and ingest data about your users, IAM roles, policies, networks logs, and other complex audit information. Lacework integration can also provide value by shifting left to the CI/CD process, scanning, and visibility into the container images deployed and their layers.

The data ingestion by Lacework is an important component of the solution. Lacework relies on the Snowflake data lake to support the required scalability of the solution's powerful ingestion backend. Doing that empowers Lacework to focus on processing and analyzing the data to create the baselines and build the value around detecting anomalies in the workloads.

The result of the heavy analytics provided by Lacework Polygraph® UI, which serves as a single pane of glass and allows convenient and quick access to the important events, compliance, and posture reports, including the ability of 5 Whys that helps to investigate and understand the origin of suspicious events detected by the platform. The Polygraph® data platform also extends visibility into the servers where containers are processing workloads. Then it enhances the data by vulnerability analysis collected during the build processes. Uniquely, Lacework designed a system to automate cloud security by adopting the view that security is a data problem. It is essential to know that Lacework creates a unique trained baseline for every one of its customers.

Lacework platform aggregates multiple security tools under one umbrella regardless to the cloud of your choice AWS, GCP, Azure or Kubernetes. It provides faster detection, a single pane of glass aggregating the data from various cloud providers and multiple environments under one scalable platform that will make security engineers' life easier and give them the ability to respond faster.

Nicolas St-PierreLaunch PadSeason 1Season 2Season 3
Nicolas St-Pierre
Field CTO
Nicolas is Field CTO at Lacework and responsible for providing technical leadership in Cloud Security to our customers, partners and product groups. He has over 20 years of expertise in security products and virtual platform deployments with global Tier-1 Communication Service Providers and large enterprises worldwide in a CTO and Field CTO capacity. Author of multiple patents in the field of Telecommunications, 5G, Digital Advertising, Security, and Analytics, Nicolas continues to provide Cloud Security insights and leadership from the Greater Toronto Area where he resides.