Greater insight into attack paths and runtime visibility helps customers reduce risk and improve cloud security posture
Lacework®, the data-driven cloud security company, today announced new cloud-native application protection platform (CNAPP) capabilities for the Polygraph® Data Platform that provide improved attack path analysis and agentless workload scanning for secrets and vulnerabilities. These capabilities provide better visibility into today’s increasingly complex security environment, enabling organisations to instantly understand what matters so they can triage and respond faster.
According to the latest Lacework Cloud Threat Report, attackers are rapidly increasing in sophistication, with a particular focus on infrastructure. Attackers constantly seek paths of least resistance to compromise a system, hiding in the complexity of seemingly disparate risks and exploiting them whenever possible. Despite cloud adoption becoming nearly ubiquitous across industries, many enterprises still lack the visibility needed to truly manage and understand these sophisticated vulnerabilities present or emerging in their own cloud environments. Even most modern security solutions fall short here, relying on rules-based approaches that don’t account for the dynamic uniqueness of each organisation’s cloud environment.
“As cloud environments become more complex, it’s difficult for organisations to get a clear picture of what is happening across their critical infrastructure so they can work efficiently to scale security to manage risk with the speed of modern software development,” said Melinda Marks, Senior Analyst at ESG. “Lacework is a strong player in the CNAPP category because it combines visibility with a deep understanding of behaviours across a customer’s overall cloud environment.”
In response to these challenges, Lacework has introduced attack path analysis, which combines a visual representation of potential attack paths with deep runtime insight from the Polygraph Data Platform. These visual attack paths tie together different attack vectors, including vulnerabilities, misconfigurations, network reachability, secrets, and identity and access management (IAM) roles for every host in the environment. This is provided as an additional layer of context for every alert to clearly show which assets could be attacked and why. As cloud threats continue to grow in volume and sophistication, this critical context enables security teams to identify and prioritise remediation based on risk and actively watch for exploits before they become a problem, all from a single platform.
With the addition of agentless workload scanning, customers benefit from more flexibility to build layered security, broader coverage across environments, and faster time to value through vulnerability and secrets discovery in runtime environments without the use of agents. Customers can now assess vulnerabilities and exposed secrets in container images, hosts, and language libraries and deliver a software bill of materials for their runtime environment. This enables:
- A better understanding of the cloud environment and potential risks with an up-to-date inventory of software components and information about vulnerabilities and exposed secrets in the production environment
- The ability to scan more resources without an agent for more complete coverage of the runtime environment and to stay compliant with security standards and business needs
- More flexibility and choice to build layered security with continuous monitoring
“We take security seriously and always consider it a critical factor when we build or deploy new services,” says Charly Vitrano, Director of Security Operations at Medallia. “Lacework has given the market a new, better, and more secure option for agentless scanning — the privacy and least privilege elements were essential for us to deploy this solution across our environment.”
“In order to provide a complete, robust security solution, customers need both visibility into the risks to prioritise fixing across the entire cloud environment and deep insight into what’s actively happening across their environment so they can take action quickly to protect their business,” says Adam Leftik, VP of Product, Lacework. “We knew delivering only risk prioritisation wasn’t good enough, which is why we’ve incorporated advanced visibility and protection from active attacks into our Polygraph Data Platform. Customers now have the context they need to ensure their environments stay safe even as threats continue to grow.”
Lacework is the only security platform that combines the ability to see potential risks from the lens of an attacker with the knowledge of what’s actively happening to uncover attacks without needing to write a single rule. This enables customers to prioritise mitigating the most impactful attack vectors and automatically detect if or when they are exploited.
Attack path analysis and agentless vulnerability scanning are now generally available to Lacework customers. Visit our website to get started today.