SlideShare a Scribd company logo

Lacework AWS Security Week Presentation

Download as PPTX, PDF
Lacework, profile picture
Lacework

Lacework offers a cloud security platform that automates threat detection and compliance auditing through integration with AWS services and modern deployment methods. The system uses ingested data to identify security threats by establishing behavioral baselines and detecting anomalies in real-time. It provides contextual alerts and insights to improve threat prevention and enhances overall security for public cloud infrastructures.

Technology
Related topics:
Cloud Computing Insights Public Cloud
1 of 11
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
©2017 Lacework, Inc. Confidential and Proprietary. 1 Automating Cloud Security at Scale
©2018 Lacework, Inc. Confidential and Proprietary. 2 Lacework Polygraph Threat Intelligence and Reputation Alerting SIEM SOC InvestigationCompliance DetectionVisibility Enforcement via APIs Cloud Infrastructure Workloads Accounts VMs ContainersFilesApps Insiders Config Logs Use cases Security Platform for the Cloud
©2018 Lacework, Inc. Confidential and Proprietary. Get started by simply configuring your AWS CloudTrail and AWS Config Accounts. Then deploy our agent. We support all modern deployment methods: Kubernetes, Docker, Puppet/Chef, etc… Capture Relevant Activity Ingested data is used to build relationships between key activities: CloudTrail data, API user and account behavior, machines, containers, applications, processes and network behaviors. Build Relationships Security for your Public Cloud Data Analysis at Scale
©2018 Lacework, Inc. Confidential and Proprietary. Ingested data (not samples) runs through detection algorithms to detect known threats. Are you failing compliance? Do you have high risk configuration changes? Have you been breached? Is data being actively ex- filtrated to known bad sites, are brute-force password attacks occurring? Identify Known Threats Once a baseline of known behaviors for your cloud is established, we detect outliers and potential security threats automatically. Our ”Polygraph” then provides real-time insights into unknown attacks. Identify Unknown Risks & Threats
©2018 Lacework, Inc. Confidential and Proprietary. Upon discovering known or unknown attacks, alerts are created with context and supporting evidence combined with severity levels. Deliver Alerts / Insights Upon discovering known or unknown attacks alerts are created with context and supporting evidence combined with severity levels. Integrated Workflow
©2018 Lacework, Inc. Confidential and Proprietary. Our core value proposition: auditing of your public cloud configuration for compliance, threat prevention, log correlation, and storage in a sub- second query interface to all the data. Compliance, Intrusion Prevention, Container Security, & Analytics
©2018 Lacework, Inc. Confidential and Proprietary. Example Customer Value (1 month)
©2018 Lacework, Inc. Confidential and Proprietary. 10 46B Events a Month Visualized
©2018 Lacework, Inc. Confidential and Proprietary. 11 Customer – Bitcoin Mining Attack
©2018 Lacework, Inc. Confidential and Proprietary. 12 Customer – Bitcoin Mining Attack
©2018 Lacework, Inc. Confidential and Proprietary. www.lacework.com/free-trial

More Related Content

PDF
Lacework slides from AWS Meetups
John Varghese
 
PPTX
Lacework for AWS Security Overview
Lacework
 
PPTX
Lacework Overview: Security Redefined for Cloud Scale
Lacework
 
PPTX
Lacework Kubernetes Meetup | August 28, 2018
Lacework
 
PDF
Security for AWS: Journey to Least Privilege
Lacework
 
PPTX
AWS Security Week | Getting to Continuous Security and Compliance Monitoring ...
Lacework
 
PDF
Securing aws workloads with embedded application security
John Varghese
 
PPTX
Lacework | Top 10 Cloud Security Threats
Lacework
 
Lacework slides from AWS Meetups
John Varghese
 
Lacework for AWS Security Overview
Lacework
 
Lacework Overview: Security Redefined for Cloud Scale
Lacework
 
Lacework Kubernetes Meetup | August 28, 2018
Lacework
 
Security for AWS: Journey to Least Privilege
Lacework
 
AWS Security Week | Getting to Continuous Security and Compliance Monitoring ...
Lacework
 
Securing aws workloads with embedded application security
John Varghese
 
Lacework | Top 10 Cloud Security Threats
Lacework
 

What's hot (19)

PPTX
#ALSummit: Realities of Security in the Cloud
Alert Logic
 
PPTX
#ALSummit: Alert Logic & AWS - AWS Security Services
Alert Logic
 
PPTX
#ALSummit: Architecting Security into your AWS Environment
Alert Logic
 
PPTX
Alert Logic: Realities of Security in the Cloud
Alert Logic
 
PDF
The AWS Shared Responsibility Model in Practice
Alert Logic
 
PDF
Realities of Security in the Cloud
Alert Logic
 
PPTX
Defcon 27 - Phishing in the Cloud Era
Netskope
 
PDF
The Intersection of Security & DevOps
Alert Logic
 
PDF
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Alert Logic
 
PDF
Phishing in the Cloud Era (BSides)
Netskope
 
PPTX
5 Highest-Impact CASB Use Cases - Office 365
Netskope
 
PPTX
Securing Applications in the Cloud
Security Innovation
 
PDF
Phishing in the cloud era
CloudVillage
 
PDF
The New Economics of Cloud Security
Alert Logic
 
PDF
MozDef Workshop slide
CloudVillage
 
PPTX
Cloud Security Demo
Cheah Eng Soon
 
PDF
Extending Amazon GuardDuty with Cloud Insight Essentials
Alert Logic
 
PPTX
#ALSummit: Cyber Resiliency: Surviving the Breach
Alert Logic
 
PPTX
#ALSummit: Live Cyber Hack Demonstration
Alert Logic
 
#ALSummit: Realities of Security in the Cloud
Alert Logic
 
#ALSummit: Alert Logic & AWS - AWS Security Services
Alert Logic
 
#ALSummit: Architecting Security into your AWS Environment
Alert Logic
 
Alert Logic: Realities of Security in the Cloud
Alert Logic
 
The AWS Shared Responsibility Model in Practice
Alert Logic
 
Realities of Security in the Cloud
Alert Logic
 
Defcon 27 - Phishing in the Cloud Era
Netskope
 
The Intersection of Security & DevOps
Alert Logic
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Alert Logic
 
Phishing in the Cloud Era (BSides)
Netskope
 
5 Highest-Impact CASB Use Cases - Office 365
Netskope
 
Securing Applications in the Cloud
Security Innovation
 
Phishing in the cloud era
CloudVillage
 
The New Economics of Cloud Security
Alert Logic
 
MozDef Workshop slide
CloudVillage
 
Cloud Security Demo
Cheah Eng Soon
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Alert Logic
 
#ALSummit: Cyber Resiliency: Surviving the Breach
Alert Logic
 
#ALSummit: Live Cyber Hack Demonstration
Alert Logic
 
Ad

Similar to Lacework AWS Security Week Presentation (20)

PPTX
Containers At-Risk: A Review of 21,000 Cloud Environments
Lacework
 
PDF
How to Kickstart Security and Compliance for Your AWS, Azure, and GCP Clouds
SBWebinars
 
PDF
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Priyanka Aash
 
PDF
Avoiding Limitations of Traditional Approaches to Security
Mighty Guides, Inc.
 
PDF
Kubernetes meetup k8s_aug_2019
dhubbard858
 
PDF
Biznesa infrastruktūras un datu drošības juridiskie aspekti
ebuc
 
PDF
Security for AWS : Journey to Least Privilege
dhubbard858
 
PDF
Resetting Your Security Thinking for the Public Cloud
Mighty Guides, Inc.
 
PDF
Preventing Cloud Data Breaches.pdf
Chinatu Uzuegbu
 
PDF
CSA SV Threat detection and prediction
Vishwas Manral
 
PDF
Top 10 Threats to Cloud Security
SBWebinars
 
PPTX
9 Things You Need to Know Before Moving to the Cloud
kairostech
 
PPTX
Cloud Security in 2025_ Top Challenges, Daily Risks & Key Threats You Need to...
infosprintseo
 
PPTX
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
EC-Council
 
PDF
NCC Group Pro-active Breach Discovery: Network Threat Assessment
Ollie Whitehouse
 
PDF
How Secure Is Cloud
William Lam
 
PPTX
Securing your Cloud Deployment
Hrusostomos Vicatos
 
PPTX
IBM Relay 2015: Securing the Future
IBM
 
PPTX
Netskope — Shadow IT Is A Good Thing
Netskope
 
PPTX
Practical Security for the Cloud
Chirag Joshi, CISA, CISM, CRISC
 
Containers At-Risk: A Review of 21,000 Cloud Environments
Lacework
 
How to Kickstart Security and Compliance for Your AWS, Azure, and GCP Clouds
SBWebinars
 
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...
Priyanka Aash
 
Avoiding Limitations of Traditional Approaches to Security
Mighty Guides, Inc.
 
Kubernetes meetup k8s_aug_2019
dhubbard858
 
Biznesa infrastruktūras un datu drošības juridiskie aspekti
ebuc
 
Security for AWS : Journey to Least Privilege
dhubbard858
 
Resetting Your Security Thinking for the Public Cloud
Mighty Guides, Inc.
 
Preventing Cloud Data Breaches.pdf
Chinatu Uzuegbu
 
CSA SV Threat detection and prediction
Vishwas Manral
 
Top 10 Threats to Cloud Security
SBWebinars
 
9 Things You Need to Know Before Moving to the Cloud
kairostech
 
Cloud Security in 2025_ Top Challenges, Daily Risks & Key Threats You Need to...
infosprintseo
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
EC-Council
 
NCC Group Pro-active Breach Discovery: Network Threat Assessment
Ollie Whitehouse
 
How Secure Is Cloud
William Lam
 
Securing your Cloud Deployment
Hrusostomos Vicatos
 
IBM Relay 2015: Securing the Future
IBM
 
Netskope — Shadow IT Is A Good Thing
Netskope
 
Practical Security for the Cloud
Chirag Joshi, CISA, CISM, CRISC
 
Ad

More from Lacework (9)

PDF
BSides Denver 2019 - Cloud Wars Episode V: The Cryptojacker Strikes Back
Lacework
 
PDF
DerbyCon 2019: Prepare to be Boarded! A Tale of Kubernetes, Plunder, and Cryp...
Lacework
 
PDF
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019
Lacework
 
PDF
All Your Containers Are Belong To Us
Lacework
 
PDF
Practical Guide to Securing Kubernetes
Lacework
 
PDF
Lacework Protection for AWS S3 Buckets
Lacework
 
PDF
Guidebook Case Study
Lacework
 
PDF
Container Security Research
Lacework
 
PDF
Containers At-Risk A Review of 21,000 Cloud Environments
Lacework
 
BSides Denver 2019 - Cloud Wars Episode V: The Cryptojacker Strikes Back
Lacework
 
DerbyCon 2019: Prepare to be Boarded! A Tale of Kubernetes, Plunder, and Cryp...
Lacework
 
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019
Lacework
 
All Your Containers Are Belong To Us
Lacework
 
Practical Guide to Securing Kubernetes
Lacework
 
Lacework Protection for AWS S3 Buckets
Lacework
 
Guidebook Case Study
Lacework
 
Container Security Research
Lacework
 
Containers At-Risk A Review of 21,000 Cloud Environments
Lacework
 

Recently uploaded (20)

PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
KodekX | Application Modernization Development
KodekX
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
KodekX | Application Modernization Development
KodekX
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Teaching material agriculture food technology
LiaRayya
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Approach and Philosophy of On baking technology
30anthuong17
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 

Lacework AWS Security Week Presentation

  • 1. ©2017 Lacework, Inc. Confidential and Proprietary. 1 Automating Cloud Security at Scale
  • 2. ©2018 Lacework, Inc. Confidential and Proprietary. 2 Lacework Polygraph Threat Intelligence and Reputation Alerting SIEM SOC InvestigationCompliance DetectionVisibility Enforcement via APIs Cloud Infrastructure Workloads Accounts VMs ContainersFilesApps Insiders Config Logs Use cases Security Platform for the Cloud
  • 3. ©2018 Lacework, Inc. Confidential and Proprietary. Get started by simply configuring your AWS CloudTrail and AWS Config Accounts. Then deploy our agent. We support all modern deployment methods: Kubernetes, Docker, Puppet/Chef, etc… Capture Relevant Activity Ingested data is used to build relationships between key activities: CloudTrail data, API user and account behavior, machines, containers, applications, processes and network behaviors. Build Relationships Security for your Public Cloud Data Analysis at Scale
  • 4. ©2018 Lacework, Inc. Confidential and Proprietary. Ingested data (not samples) runs through detection algorithms to detect known threats. Are you failing compliance? Do you have high risk configuration changes? Have you been breached? Is data being actively ex- filtrated to known bad sites, are brute-force password attacks occurring? Identify Known Threats Once a baseline of known behaviors for your cloud is established, we detect outliers and potential security threats automatically. Our ”Polygraph” then provides real-time insights into unknown attacks. Identify Unknown Risks & Threats
  • 5. ©2018 Lacework, Inc. Confidential and Proprietary. Upon discovering known or unknown attacks, alerts are created with context and supporting evidence combined with severity levels. Deliver Alerts / Insights Upon discovering known or unknown attacks alerts are created with context and supporting evidence combined with severity levels. Integrated Workflow
  • 6. ©2018 Lacework, Inc. Confidential and Proprietary. Our core value proposition: auditing of your public cloud configuration for compliance, threat prevention, log correlation, and storage in a sub- second query interface to all the data. Compliance, Intrusion Prevention, Container Security, & Analytics
  • 7. ©2018 Lacework, Inc. Confidential and Proprietary. Example Customer Value (1 month)
  • 8. ©2018 Lacework, Inc. Confidential and Proprietary. 10 46B Events a Month Visualized
  • 9. ©2018 Lacework, Inc. Confidential and Proprietary. 11 Customer – Bitcoin Mining Attack
  • 10. ©2018 Lacework, Inc. Confidential and Proprietary. 12 Customer – Bitcoin Mining Attack
  • 11. ©2018 Lacework, Inc. Confidential and Proprietary. www.lacework.com/free-trial

Editor's Notes

  • #3: Lacework becomes the brain of your cloud security – components. We have the ability to operate better than any other solutions because of the visibility we have in the cloud.
  • #4: The cloud operating model is fundamentally different – to show this I used a slide from Amazon illustrating the shared responsibility model