Lacework integrates with AWS CloudTrail to automate monitoring of cloud accounts; improves visibility into activity

Lacework, a zero-touch cloud security solution company, announced Monday that Lacework Polygraph is now integrated with Amazon Web Services (AWS) CloudTrail, extending the company’s zero-touch security approach to protect AWS accounts.

Using Lacework for AWS CloudTrail, cloud teams can make sense of CloudTrail data, deepen visibility and insights into AWS account activity, and automatically surface account anomalies.

Lacework for AWS CloudTrail protects against attacks on AWS accounts by detecting unusual changes including unauthorized activity on AWS resources, in regions or accounts; activation of new services or changes to AWS S3 buckets; suspicious changes to users, roles, or access; changes in security groups, bypass of two-factor authentication; and delivers changes to AWS infrastructure services: tampering with access master keys, modifications to route table, or network interfaces and services.

CloudTrail is a management service provided by AWS that monitors, logs, and retains every AWS account activity, including access changes, and compute and storage resource modifications. CloudTrail collects a wealth of data but the resulting millions of daily events create yet another security challenge for the teams that monitor AWS deployments for security incident.

Lacework for AWS CloudTrail eliminates the need for labor-intensive analysis of CloudTrail events, automatically raising alerts on suspicious activities.

In its November 2016 “Predicts 2017: Cloud Security” report, Gartner posits: “By 2018, the 60 percent of enterprises that implement appropriate cloud visibility and control tools will experience one-third fewer security failures.”

“A quick look at the news shows the importance of serious cyberthreat protection. It takes hard work to prevent a breach at any scale, and investigating millions of daily security events in AWS can present challenges, said Brian Lachance, chief security officer at Cazena. “With Lacework, we know immediately what deserves our time and attention and can act decisively when dealing with security and operational incidents.”

“We help our retail customers focus on what’s important to them – making them successful and more competitive at the pace of modern retail,” said Satish Kumar at Boomerang Commerce. “Lacework supports our mission by helping us navigate and protect our cloud infrastructure faster and more decisively. Simplified daily operations and the ability to quickly address incidents in AWS eliminates the need for time consuming maintenance and analysis.

“We help organizations harness the power of the cloud,” said Matthew Zeier, Technical Operations at Wavefront. “Cloud infrastructure are highly complex and many existing security tools just weren’t effective enough for what we needed. Partnering with Lacework has simplified what is usually a very complicated process.”

“Organizations have been plagued by the risk of misconfiguration in AWS deployments,” said Vikram Kapoor, co-founder and CTO, Lacework. “We are proud to augment CloudTrail capabilities with automated detection of unusual events, potential misconfiguration, breaches, or insider threats, eliminating the need for manual analysis of logs. Our proprietary machine learning techniques aggregate and organize CloudTrail data into intuitive maps and dashboards. Alerts are automatically triggered when usage of an organization’s AWS account by users deviates from the baseline of normal behavior.”

Lacework for AWS CloudTrail is available immediately on the AWS Marketplace and includes up to 10,000 free events per hour. Users can also sign up for a 14-day free trial to test Polygraph in the environment so that users have a complete view of all accounts or entities in the cloud and their normal and abnormal activities.

Leave a Reply

WWPI – Covering the best in IT since 1980