Empowering women in cybersecurity, Lacework launches Secured by Women initiative, fostering diversity, and enhancing digital security.
In celebration of International Women’s Day and throughout March, the data-driven cloud security company launched an ongoing initiative to honor, bring visibility to, and increase opportunities for those making cybersecurity history. Secured by Women aims to empower more women to secure their place in the industry. The company also announced a new MSP-centric program as part of its larger channel program to better support managed service providers.
About Lacework
Lacework’s security platform, powered by Polygraph, automates cloud security to help businesses drive innovation faster and safer. The platform ingests massive volumes of data to analyze behavior, uses machine learning to detect anomalies and identifies and prioritizes risks for security teams to address. Lacework eliminates security silos and reduces costs by consolidating point solutions into a single, intelligent platform.
The platform is able to identify vulnerabilities and misconfigurations at a granular level, including within applications. It can also provide visibility into application connectivity and zero-touch breach detection using machine communication telemetry. This information can be used to construct micro-segmentation policies, enabling more precise isolation of machines and applications from one another.
This solution works in public clouds like Amazon Web Services (AWS), Google Cloud Platform and Microsoft Azure, as well as private datacenters and hybrid environments. It provides consistent, accurate and actionable insights into cloud workloads, reducing security incidents by up to 30%. It is able to identify the origin of breaches, and the attackers behind them, identifying the machines, users and applications that were compromised.
In the future, Lacework plans to offer additional features such as identity management. This would be a significant extension to their existing solution, which focuses on detection of attack activity and vulnerabilities across cloud environments.
The company also plans to build security into software development workflows, allowing developers to operate smarter and improve productivity by reducing the number of security alerts they receive. It also helps developers identify and prioritize potential security issues so that they can fix them quickly and avoid costly business impacts.
Ultimately, the goal is to bring security to the DevOps process, removing friction between teams and allowing them to work together efficiently. This approach reduces business risk, lowers costs and speeds innovation.
The Lacework product offers a scalable as-a-service architecture, with pricing based on the number of instances or clusters deployed and the amount of data ingested and analyzed. This allows them to scale up without incurring unnecessary toil or false positives. It also eliminates the need to manually sift through data to detect threats and removes the burden of rule writing.
The Data-Driven Security Platform for the Cloud
Founded in 2012, Lacework offers the cloud security platform to protect data and applications at rest, in transit and in process. Using data-driven threat models, the platform prioritizes alerts and delivers actionable intelligence to help organizations reduce their attack surface and prevent breaches. Its Polygraph machine learning engine reduces alert volumes by correlating data and identifying the most critical threats.
Lacework customers include leading enterprises and mid-sized businesses as well as MSPs and global system integrators. The company is currently valued at $8 billion in connection with its latest financing round, and ranks as a top cybersecurity unicorn, according to CB Insights.
In celebration of International Women’s Day and to honor the groundbreaking women shaping modern security, Lacework is launching an ongoing initiative called Secured by Women. The program enables people to nominate a woman they feel is making a difference in the technology and cybersecurity landscape, and gives them the opportunity to recognize her. The inaugural annual initiative will run through the month of March and will celebrate and bring visibility to the many women who are working to make a positive impact in our community.
The company also unveiled an MSP-centric partner program as it continues to seek ways to engage with managed service providers. The program consists of new certifications for partners who deliver post-sale services to their customers, as well as a new gamified enablement tool that allows field teams and their customers to use Lacework in a hands-on and fun way.
Those who are successful in registering deals under the program will be awarded an MSP-centric trip to an upcoming security conference such as RSA, Black Hat USA or Black Hat EMEA. If they cannot attend, they will be given the option to donate the value of the trip to a charity of their choice.
Secure Your Cloud Environment with Lacework
Lacework’s cloud security posture management (CSPM) solution identifies the risks of a customer’s entire cloud environment. It inventories cloud assets and configurations, and provides a unified view of compliance across AWS, Azure and GCP. It also pairs misconfigurations with anomalous activities to prioritize alerts and enable faster investigations.
With a single pane of glass, customers can identify and prioritize critical vulnerabilities in their cloud environments to minimize exposure. Using automated, machine learning-powered capabilities, the solution can detect and flag cloud risks such as misconfigurations, insecure code, unauthorized access, network reachability and secrets. Combined with threat intelligence, it is designed to help customers take the guesswork out of their security posture and meet their compliance goals.
Powered by the company’s Polygraph machine learning engine, Lacework can ingest and analyze billions of incoming events and correlate them to normalized behaviors. This enables it to filter out the noise and only notify SOC teams of high or critical severity events. It combines this with data such as cloud trail logs around AWS user access and intel from network connections to identify abnormal behavior that could represent a threat.
The platform enables customers to gain complete visibility into their cloud deployments — including virtual machines, containers and serverless resources — across all major providers. It also provides deep telemetry into workload processes and a centralized security posture report to help with the evaluation of the risk level of a deployment. In addition, it identifies and prioritizes critical threats in runtime and can automatically connect them to the right people for investigation and remediation.
Lacework’s customers also have access to a dedicated SOC team for assistance with incident response. The company’s solution is available as a managed service, and it offers a number of integrations for existing tools to streamline the workflows associated with monitoring for threat activity.
In a separate announcement, Lacework shared that it has expanded its global channel program for MSPs, and it will now provide complimentary access to its experts for a bespoke cloud security assessment. This is in addition to the enhancements made to its post-sale services. These include new partner certifications and a gamified “capture the flag” enablement tool that lets partners and customers experience how the cloud-native application protection platform works for themselves in a fun, interactive way.
Lacework’s MSP-Centric Partner Program
Lacework’s approach to cloud security focuses on a data-driven platform that helps automate intrusion detection, delivers investigations, and simplifies cloud compliance. Its unified platform addresses key use cases such as: cloud workload protection, file integrity monitoring and a comprehensive AWS security service called “Config”.
The company’s ML engine, Polygraph, ingests massive amounts of data across the customer’s multi-cloud environment to understand normal baseline behaviour. It then identifies anomalous activity and surfaces high-fidelity alerts to SecOps for rapid investigation. This allows them to reduce alert fatigue by orders of magnitude and channel their efforts on the most pressing threats.
This capability enables a more focused and effective approach to securing the cloud than is possible with existing solutions, which are often siloed in terms of their data, capabilities and functionality. For example, a SecOps team may have to scan their entire network for potential threats, which can take hours, even with the most advanced tools.
Another advantage of Lacework is its ability to process data ad hoc and quickly at scale. This is a significant improvement on the typical experience of working with a SIEM, which typically requires a long wait time before a query can be made and imposes data retention limits that limit how frequently a SIEM can be used.
As a result of the powerful combination of compute and storage, Lacework’s solution is able to handle c. 60 PB of data per day, so customers can frequently scan and analyse their cloud environments without incurring excessive wait times or costs. Compared to competing solutions that use a single on-prem data warehouse, this provides significant economies of scale and dramatically improves the speed with which a SecOps team can find the information they need to address an incident.
The launch of a partner program specifically tailored to MSPs follows a strong year for the company, which included a $525 million funding round in January 2021 that pushed its valuation to well over $1 billion. The new MSP-Centric Partner Program is designed to help MSPs accelerate deployments with Lacework, build their own customised services offering, and grow revenues by delivering a more comprehensive and value-add solution to their customers.
