In today’s highly dynamic cloud environments, Lacework brings speed, automation, and scale to cloud security so that DevOps and security teams can keep data and applications secure. Lacework redefines security by automating many of the security processes behind configuration assessment, behavior monitoring, threat and anomaly detection, and incident investigation. The firm supports public and private clouds, VMs and containers, Docker or Kubernetes, Linux or Windows Server, and therefore, enables security teams to protect data in the cloud and maintain compliance.
In discussion with CIO Applications’ Stefan Dyckenhoff, President & CEO talks about how Lacework helps firms bring speed and automation to every cloud security process.
Could you give us a detailed insight of Lacework and explain how it has been effective in mitigating cybersecurity hurdles?
When we stepped into the cloud cybersecurity arena, the cloud-operating model was still emerging. We realized that the next generation of security solutions was about automation and analytics; hence, we recruited a team with expertise in cybersecurity, Big Data, and DevOps. With a group of relatively diverse people, we conceptualized Lacework with a mission to automate cloud security, allowing our customers to safely innovate in cloud environments. We address numerous pain points presented by public cloud operating models and think distinctively about how security works and how effectively it can be delivered to security teams. The cloud is built differently: the attack surface is different and threat vectors focus at the application and user level as opposed to the machine and network level. The level of automation we bring to cloud security enables security teams to operate at the same pace as DevOps operates cloud environments and publishes new code.
How has Lacework become a game changer through solutions that it offers?
We aim to empower clients with a holistic and trusted SaaS platform that gives them a competitive edge from a security standpoint. We address four core security use cases-compliance, visibility, threat detection and investigation. We focus on collecting far more data from the cloud than other approaches. Because we curate data keeping analytics in mind, we give clients more insights into compliance and security risks. The ‘secret sauce’ is that you cannot explode the cost or the compute footprint as you collect all this data.
Our vision is to be a trusted SaaS platform that covers all aspect of security
With automation becoming a pillar of technology, we believe in building a product that both security and DevOps teams can embrace, hence, we eliminate the need to manually tune policies, analyze and correlate data across systems from network to applications. We built a solution that covers traditional VM-based architecture as well as containers as they get integrated into every customer’s cloud infrastructure.
On the Polygraph technology bringing automation, scale, and speed to cloud security:
Polygraph monitors the activity and behavior of all entities in your cloud. It emphasizes organizing all information and connecting massive amounts of metadata, which enables you to automatically learn the relationship between different entities in your cloud. We built a collection of about ten polygraphs that we track over time. Some track user or network behavior while others track application, VM or container behavior. With polygraphs organizing data, you are assured of compliance and if something goes wrong, you get specific high-value alerts that can be investigated quickly. With Polygraph, your security can keep up with the pace at which you deploy new applications in the cloud.
How has Lacework helped a client overcome business challenges and attain desired outcomes with its solution?
Snowflake, a cloud-based data-warehouse provider realized that handling security changes only once a month was insufficient, as application and code changes were happening at lightning speed. The hectic task of managing and updating security rules with the conventional security tools they were using was increasingly overwhelming their security team. When Lacework stepped in to help identify and trace the attack patterns of PEN testing, it also gave them full visibility into what was happening in their cloud environment. They soon realized that, with Lacework, the couple of hours spent daily to update rules and review incidences could be cut down to 50 minutes of analysis.
With an aim to provide avant-garde security, what makes unique Lacework in this arena?
We believe that the polygraph technology is fundamentally new and is able to process a hundred times more data efficiently and cost-effectively. This enables us to process and make sense of the large volume of API events generated in cloud environments like AWS where everything is controlled and orchestrated through APIs. We are a multi-cloud platform, but are very focused right now on AWS because that is where we see many customers experiencing challenges with security. So we have built core capability that allows us to both gather more data to generate better insights and enable security to operate with speed.
Most important, the heart of any successful company is its culture and Lacework brings people from different spaces to think about the cloud security problem. We put a lot of efforts into building collaboration across different disciplines and enable a high-performance culture. We believe in the ‘survival of the fittest ideas’.
How does the future look for Lacework?
Our vision is to become a trusted SaaS security platform that covers all aspect of a customer’s business in the cloud. We are also engaging with established companies that are moving their business to the cloud. Security for these companies is not just an obstacle to overcome. The ability to innovate fast in the cloud and do so safely is a business enabler. Our goal is to capitalize on the opportunity to redefine a security stack that works for cloud environments.