Lacework™, a new provider of cloud workload security solutions, has launched out of stealth mode with the introduction of Lacework Polygraph™, the industry’s first zero-touch cloud workload security platform.
Lacework Polygraph instantly detects breaches, manages insider threats, delivers insights into workloads, and offers graphical investigation tools for public, private and hybrid cloud workloads.
With Polygraph, Lacework eliminates the reliance on labor-intensive policy and rule development and time consuming log correlation activities that characterize today’s alternatives.
(Hear Ian O’Brien’s true-crime story of Lacework, WordPress, and an intruder who never made it out the back door. Courtesy of Lacework and YouTube)
“Many of the vendors in the cloud workload protection platform space have built solutions that don’t address the new world of public/private and hybrid cloud workload. Because of this, Lacework is approaching cloud workload security from a completely new direction,” said Jack Kudale, CEO at Lacework.
“We realized that every datacenter, workload, user, container, application and process has its own truth.”
“Inspired by this insight, we spent the last two years, under the direction and leadership of security and analytics industry veterans and Lacework co-founders Vikram Kapoor, Sanjay Kalra and Sam Pullara, creating the industry’s first zero-touch cloud workload security solution that makes cloud workload security dramatically more effective, making instant breach detection possible.”
According to Gartner’s March 2017 Market Guide for Cloud Workload Protection Platforms, “by 2019, 60% of server workloads will use application control in lieu of antivirus, which is an increase from 30% in 2017.”
Unlike other solutions on today’s market, Lacework Polygraph was developed to provide a complete picture of the entire cyber kill chain for end-to-end visibility so security professionals can connect and visualize elements of an attack or insider threat to respond more quickly and effectively.
Complex cloud datacenter architectures typically feature thousands of similar machines, processes, users, containers, applications and their activity.
(See this tutorial as it walks through navigating and using the Lacework management console features such dashboard, search and filter functions, alerts, and dossiers. Courtesy of Lacework and YouTube)
Lacework Polygraph reduces redundant events and notifications by automatically distilling these entities into a handful of analysis groups based on behavior. Companies including Wavefront, Snowflake Computing, Jitterbit and Verizon are early testing partners for Lacework Polygraph.
“As an early stage test partner of Lacework Platform, we observed the shortest time to value for enterprises that are running hybrid cloud workloads,” said Stan Leong, R&D leader at Hewlett Packard Enterprise, Mergers, Acquisitions and Divestitures Practice.
“With Lacework Polygraph, anomalies are detected hourly and can aid in breach notifications much quicker. Low false positives coupled with actionable alerts can also aid in timely investigations without policies, rules or logs.”
(Learn how Stan Leong uses Lacework Polygraph to safeguard mergers and acquisitions information for Hewlett-Packard Enterprise. Courtesy of Lacework and YouTube)
According to Ovum, managing security, identity and privacy is a top priority for chief information officers (CIOs).
However, few organizations are completely satisfied that they are doing enough to keep their users, data and business systems safe.
Lacework Polygraph reveals hidden component relationships and interactions for faster breach remediation and insights, presented in a powerful and intuitive visual interface that makes it easy to explore and drill down into workloads for security and datacenter operations.
The platform supports a wide variety of security and operations tasks, from breach detection and insider threat management to forensics analysis and DevSecOps analytics.
Without Lacework Polygraph, multiple products are required to perform each of these tasks.
“With digital transformation now rampant, end-user organizations have ambitious plans for the amount of enterprise workloads they will move to the public or hybrid cloud by 2020,” said Rik Turner, a principal analyst for the Infrastructure Solutions team at technology research firm Ovum.
“This presents a major security challenge, so there is clearly demand right now for platforms that can address the dual requirement of breach detection and investigation in cloud environments.”
“A key differentiator is going to be how quickly such products can deliver value, deploying quickly, producing actionable insights and reducing the mean time to detection.”
Lacework provides organizations with a self-service acquisition model, making it dramatically easier for security operations and DevOps personnel to get started.
Lacework is the industry’s first zero-touch, cloud workload security platform that provides breach detection, insider threat management, workload insights, and investigation analysis.
After nearly two years of dedicated development and testing, Polygraphs, Lacework’s flagship offering, has been built to significantly compress the breach detection cycle, reduce false positives, provide high precision alerts, and simplify investigation analysis.
Lacework’s solution provides security for dynamic datacenter, cloud and container workloads without requiring any policies, rules or manual tagging.
Lacework automatically discovers customers’ workloads, applications and users, along with their interactions, by creating Polygraphs.
