Lacework enhances data protection capabilities to enable AWS users to identify S3 buckets at risk

Lacework announced new features that enable Amazon Web Services (AWS) customers to continuously maintain an AWS cloud configuration that is compliant with proven security best practices. Lacework now automatically reports on the configuration’s adherence to the Center for Internet Security (CIS) Benchmark for AWS.

Lacework has also introduced security controls targeted at AWS S3 buckets, enabling AWS customers to rapidly identify S3 buckets at risk or compromised due to misconfiguration. Through a targeted auditing of S3 configuration, Lacework ensures that all buckets are configured with best practices for logging, encryption and versioning, then provides continuous monitoring with AWS CloudTrail events and workload activity analysis.

Based in Mountain View, California, Lacework is a privately held company that was incubated by Sutter Hill Ventures. It brings automation, speed and scale to cloud security, eliminating manual, repetitive tasks and enabling security teams to keep up with DevOps.

Designed for the cloud, the Lacework security platform monitors workloads, applications, processes, containers, machines, users and accounts to automatically surface anomalous behaviors out of billions of events per hour. Lacework provides visibility, automates breach detection, delivers one-click investigation and simplifies cloud compliance.

The features from Lacework include an interactive report assessing compliance to the 52 controls specified in the CIS Benchmark for AWS. Controls cover Identity and Access Management, Monitoring, Logging and Networking, and range from the validation that Multi-Factor Authentication is enforced for all users who attempt to delete buckets, to the validation that CloudTrail is enabled. The ability to click on each control with a violation to access details on the scope of the violation, the list of impacted AWS resources, and recommendations on how to fix the violation.

An interactive report showings adherence to a set of recommended S3 bucket configuration ensuring that access rights are not provided too broadly, exposing data to outside internet users. Changes to any of the above controls towards non-compliance will generate an alert with context to take immediate action and remediate the violation.

The Lacework cloud security platform delivers security and compliance capabilities specifically designed for the cloud, bringing speed, scale and automation to security processes that have traditionally be labor-intensive.  

“Deploying new initiatives to the public cloud brings a spectrum of new security challenges that many organizations are not yet familiar with,” said Dan Hubbard, Chief Security Architect, Lacework. “Starting with the daily validation of the AWS configuration (AWS accounts and AWS resources such as S3 buckets), to the continuous monitoring of workloads deployed on AWS, the Lacework cloud security platform enables organizations to safely migrate data to AWS and deploy applications in AWS.”

Last month,  Lacework added File Integrity Monitoring (FIM) to its platform, enabling FIM to be more than a compliance checkmark and making it an integral part of the threat detection process. FIM’s file integrity signals complement the Lacework platform’s other events and threats databases, enhancing the ability of any security team to detect anomalies and eliminate threats.

Lacework has built a platform that delivers security capabilities specifically designed for the cloud, including speed, scale and automation, while allowing customers to leverage some of the security tools with which they are familiar that are still relevant in the cloud. While typically deployed with the simple goal of meeting compliance standards, FIM serves as a component of a larger, integrated solution in the Lacework Cloud Security Platform. Lacework FIM provides the core functionality required to achieve cloud compliance where FIM is a requirement and is natively integrated with the Lacework platform.

FIM solutions are typically offered as stand-alone products with the single goal of achieving compliance. By comparison, the Lacework security platform integrates FIM to take the approach of having one agent deployed to capture all data required to serve both security and compliance needs.

With the addition of FIM, Lacework enables its customers to consolidate the number of agents that vendors must deploy on cloud workloads. Lacework’s FIM solution automates setup and eliminates labor-intensive rule development, ACL specification, and configuration typically required by traditional FIM solutions.

Leave a Reply

WWPI – Covering the best in IT since 1980