Lacework expands enterprise capabilities with Lacework Explorer

April 2, 2024
The new risk assessment and threat detection enhancements provide invaluable time savings to CISOs and security teams alike.

Lacework, the data-driven security company, today announced the release of a series of new platform capabilities that save invaluable time for security stakeholders ranging from CISOs to frontline security analysts. The platform additions, which include Lacework Explorer (a new security graph and resource explorer), new dashboards, and further investments in industry-leading Lacework composite alerts, give more time back to security teams as they take on attackers.

“The new dashboard highlights the information we care about most, offering customizable and discrete views for specific metrics,” said Patrick Linnane, Senior Director, Information Security Operations, Emburse. “This enhancement enables us to make better decisions, faster.”

The number one adversary enterprises face in securing their cloud environments is time. It takes too long to detect and contain a breach, it takes too long to remediate critical vulnerabilities, and bad actors can exfiltrate valuable data too quickly for security teams to achieve desired outcomes. Each of these new platform capabilities provide customers with significant time savings.

New dashboards put the information each security persona needs to do their job directly at their fingertips. Lacework Explorer combines a next-generation security graph and resource explorer to quickly find the assets a security professional wants to assess, and dynamically shows the complex relationships between them. New context panels combine and neatly display all the necessary information to support lightning-quick threat investigations. Composite alerts for Kubernetes bring together multiple low-level indicators to provide a powerful signal with context of when something malicious is happening in container environments.

“The life of most security professionals is a constant struggle between proactively reducing risk, triaging potential security incidents and maintaining repeatable processes that are effective and time efficient,” said Niels Provos, Head of Security Efficacy, Lacework. “Lacework has invested significantly into building a platform for end-to-end security workflows that reduce toil and enable security professionals at all levels of an organization to focus their work on improving security outcomes. Whether it’s enabling a CISO to efficiently delegate and hold other business units accountable or allowing incident responders to quickly identify the root cause for an incident, Lacework has built the end-to-end platform to make everyone more efficient.”

Together with the code-to-cloud coverage of the Lacework platform, these new capabilities help give customers the high-fidelity security context they need to take decisive action, quickly, in the face of cyberattacks.

Introducing Lacework Explorer

Lacework has always believed that achieving the best security outcomes, with speed, requires continuous visibility and context, including knowing where every software package is running, and the ability to capture and correlate data across the application lifecycle. This approach empowers security teams to be more efficient, eliminates the toil of stitching together data and findings from different sources, and it helps to consolidate onto fewer tools that deliver higher value.

Lacework Explorer allows security teams to instantly visualize the complex and nested relationships between resources within their cloud environment, to better understand and prioritize the risk associated with each cloud entity and resource.

With Lacework Explorer, customers can:

  • Gain greater visibility into the network and identity based relationships between cloud resources, to better understand how an attacker could exploit a risk and gain access to critical resources and data.
  • Visualize how an attacker could move laterally between hosts, containers and Kubernetes services.
  • Better prioritize an entity’s risk through deeper exploration of its blast radius, connections, and permissions.
  • Easily access security data by allowing teams to get quick and visual answers to complex personalized questions.

New Security Dashboards

At a time when security budgets are more scrutinized than ever, senior security leaders must be able to quickly determine whether the controls they put in place are making a difference in order to demonstrate the return on their security investments, highlight opportunities for future investment, establish accountability with respect to their security goals, and report progress up to the board of directors.

Lacework security dashboards provide security leaders immediate insights into how their security program is tracking against its overall goals and gives them the granular visibility to assess progress at the individual business, team or functional levels within their organizations.

Lacework security dashboards allow security leaders to:

  • Gain immediate visibility into the performance and effectiveness of their cloud security and compliance programs over time.
  • Quickly understand how individual business units or other functions are performing against their security goals and objectives.
  • Easily demonstrate progress and the return on security investments, and identify areas of opportunity for additional investment or oversight.

Lacework Context Panels

Speed kills when investigating and containing cloud threats, and new Lacework context panels provide more clarity than ever to threat investigation teams so they can take swift action. Context panels transform the way security professionals interact with alerts by allowing them to view related entities and content without losing sight of the alert's context.

Lacework context panels represent a strategic advantage for security teams. By significantly reducing investigation times and improving the fidelity of threat detection, these enhancements allow teams to focus on what truly matters: safeguarding their organizations from increasingly sophisticated threats.

Kubernetes Compromised User Composite Alerts

The Lacework platform is well-known for its unique threat detection capability, composite alerts, which detects hard-to-uncover malicious activity by automatically tying together low severity signals to define a more specific alert condition. These low-level alerts often go unnoticed on their own. To date, Lacework composite alerts have detected attacks like cloud ransomware, cryptomining, compromised credentials, and compromised hosts.

Composite alerts save threat hunters invaluable time by reducing the burden of chasing hundreds of low-level alerts and combining specific indicators of compromise into highly accurate signals with the necessary context to investigate the highest priority events quickly. By extending composite alerts into Kubernetes, Lacework customers can quickly identify active threats within their K8s environments.

To learn more, visit Lacework.com.