Cloud security continues to gains attention with Lacework being one of the latest cloud security platform companies to tap into the growing market.
The company, which recently came out of incubation with its Polygraph platform, announced deals to integrate data from various companies to bolster its product. The integration deals include companies providing threat and reputation feeds; security information and event management (SIEM) vendors; and event management systems.
Lacework said it was working with ReversingLabs, which maintains a list of malware that Lacework will use to cross-reference with its list of malicious IP addresses and DNS services.
Lacework also now integrates alerting systems data from PagerDuty, Slack, Splunk, and VictorOps, which allow security teams to continue using existing tools and workflows. The company also added the ability to integrate behavioral data into monitoring, log management, and SIEM solutions from New Relic and Splunk.
Lacework said its Polygraph product can detect breaches, manage insider threats, deliver insights into workloads, and offer graphical investigation tools for public, private, and hybrid cloud workloads. The company said it conducted early testing with Wavefront, Snowflake, Jitterbit, and Verizon.
Isabelle Dumont, VP of marketing at Lacework, said enterprises typically deploy the Lacework platform using a configuration management tool such as Chef, Puppet, Ansible, or Salt. The platform can also be embedded in the base image or Amazon Machine Images (AMI) and is then automatically propagated along with the AMI.
“We have always partnered with the platforms we protect, deepening these integrations wherever applicable,” Dumont said of the latest deals.
Container Security Support
Lacework also said it now offers full support for Amazon Web Services (AWS), Microsoft Azure, and container-based runtime architectures like Docker. The company noted its platform is “fully container-aware” and takes baseline readings on container behaviors, tracks and monitors container provenance, automatically provides security for each container, and can run within a container.
“We protect Docker containers once deployed by tracking all runtime activity inside and outside the container,” Dumont explained.
In a recent blog post, Lacework CEO Jack Kudale wrote that one of the biggest challenges for container security remains deployment methods. He cited a number of “ill-advised” practices that can impact container security protocols. These included using container images from untrusted sources; using overloaded host operating system distributions in a container; and not protecting each container.
Gartner echoed the need for enterprises to have a more complete container security deployment plan.
“Containers are not inherently unsecure, but they are being deployed in an unsecure manner by developers, with little or no involvement from security teams, and little guidance from security architects,” the analyst firm said. “Traditional network and host-based security solutions are blind to containers.”
Gartner predicts cloud security services will generate $5.9 billion in revenues this year, surging to $9 billion by 2020. The firm noted enterprises were most focused on email security, web security, and identity and access management (IAM).
A number of cloud and container security companies have recently garnered investments, highlighting the market opportunity.
Awake Security popped out of stealth mode last week with more than $30 million in total funding to target the container security space. The firm said it spent two years developing its security analytics platform that uses machine learning and data science to automate the data analytics process.
Security startup Corelight also last week scored $9.2 million in funding for its network visibility software based on the Bro open-source monitoring framework. Bro garners its name as a reference to George Orwell’s “Big Brother.”
Cisco earlier this month announced plans to acquire Observable Networks for an undisclosed amount. Observable provides cloud-native network forensics security applications, delivered as a service.