Lacework

About Lacework

Recently incubated Lacework™, a new provider of cloud workload security solutions, launched out of stealth mode with the introduction of Lacework Polygraph™, the industry’s first zero-touch cloud workload security platform that instantly detects breaches, manages insider threats, delivers insights into workloads, and offers graphical investigation tools for public, private and hybrid cloud workloads. With Polygraph, Lacework eliminates the reliance on labor-intensive policy and rule development and time consuming log correlation activities that characterize today’s alternatives.

“Many of the vendors in the cloud workload protection platform space have built solutions that don’t address the new world of public/private and hybrid cloud workload. Because of this, Lacework is approaching cloud workload security from a completely new direction,” said Jack Kudale, CEO at Lacework. “We realized that every datacenter, workload, user, container, application and process has its own truth. Inspired by this insight, we spent the last two years, under the direction and leadership of security and analytics industry veterans and Lacework co-founders – Vikram Kapoor, Sanjay Kalra and Sam Pullara – creating the industry’s first zero-touch cloud workload security solution that makes cloud workload security dramatically more effective, making instant breach detection possible.”

According to Gartner’s March 2017 Market Guide for Cloud Workload Protection Platforms, “by 2019, 60% of server workloads will use application control in lieu of antivirus, which is an increase from 30% in 2017.”

Unlike other solutions on the market, Lacework Polygraph was developed to provide a complete picture of the entire cyber kill chain for end-to-end visibility so security professionals can connect and visualize elements of an attack or insider threat to respond more quickly and effectively. Complex cloud datacenter architectures typically feature thousands of similar machines, processes, users, containers, applications and their activity. Lacework Polygraph reduces redundant events and notifications by automatically distilling these entities into a handful of analysis groups based on behavior. Companies including Wavefront, Snowflake, Jitterbit and Verizon are early testing partners for Lacework Polygraph.

“As an early stage test partner of Lacework Platform, we observed the shortest time to value for enterprises that are running hybrid cloud workloads,” said Stan Leong, R&D leader at Hewlett Packard Enterprise, Mergers, Acquisitions and Divestitures Practice. “With Lacework Polygraph, anomalies are detected hourly and can aid in breach notifications much quicker. Low false positives coupled with actionable alerts can also aid in timely investigations without policies, rules or logs.”

According to Ovum, managing security, identity and privacy is a top priority for chief information officers (CIOs). However, few organizations are completely satisfied that they are doing enough to keep their users, data and business systems safe. Lacework Polygraph reveals hidden component relationships and interactions for faster breach remediation and insights, presented in a powerful and intuitive visual interface that makes it easy to explore and drill down into workloads for security and data center operations. The platform supports a wide variety of security and operations tasks, from breach detection and insider threat management to forensics analysis and DevSecOps analytics. Without Lacework Polygraph, multiple products are required to perform each of these tasks.

“With digital transformation now rampant, end-user organizations have ambitious plans for the amount of enterprise workloads they will move to the public or hybrid cloud by 2020,” said Rik Turner, a principal analyst for the Infrastructure Solutions team at technology research firm Ovum. “This presents a major security challenge, so there is clearly demand right now for platforms that can address the dual requirement of breach detection and investigation in cloud environments. A key differentiator is going to be how quickly such products can deliver value, deploying quickly, producing actionable insights and reducing the mean time to detection.”

Lacework provides organizations with a self-service acquisition model, making it dramatically easier for security operations and DevOps personnel to get started. Lacework Polygraph is available for general use immediately at $250/instance/year and via a 14-day free trial which can be accessed on the company’s website. Lacework Polygraph is also available on the Amazon Web Services (AWS) marketplace as an hourly subscription model. To learn more about Lacework and the benefits of the Polygraph Platform, please visit www.lacework.com and follow the company on Twitter and LinkedIn.