Lacework Overview: Security Redefined for Cloud Scale
Download as PPTX, PDF0 likes368 views
The document discusses Lacework's cloud security platform. It provides continuous monitoring, compliance checks, and anomaly detection across AWS accounts, configurations, workloads and hosts. Lacework analyzes CloudTrail data and other activities to establish normal behavior baselines and detect deviations that could indicate threats. It aims to provide end-to-end visibility and security across all AWS resources and components through its Polygraph behavioral analysis technology.
![©2018 Lacework, Inc. Confidential and Proprietary.
Automated Security for AWS
13
End-to-end. Continuous. Integrated with AWS Services.
AWS Accounts
EC2/ECS/EKS
S3 buckets
Compliance Monitoring, Intrusion
Detection, Alerting
Incident Investigation
and resolution
Analyze CloudTrail events
(Polygraph)
Polygraph of Workloads
Polygraphs of Workloads (S3
layer)
CloudTrail event analysis
Value prop
Continuous validation of
AWS configuration for
security & compliance
[Security & compliance teams]
Easy to navigate UI to get to
incident root cause and get
insight needed to fix.
[DevOps & Security teams]
Automatic detection and
scoring of anomalies with
high quality alerts
[DevOps & Security teams]
CIS benchmark
S3 controls
(HIPAA & PCI controls
coming soon)
Lacework UI and Polygraphs
Lacework UI and Polygraphs](https://image.slidesharecdn.com/laceworkintroductionjuly20182-180719001201/85/Lacework-Overview-Security-Redefined-for-Cloud-Scale-13-320.jpg)
Lacework Overview: Security Redefined for Cloud Scale
- 1. ©2018 Lacework, Inc. Confidential and Proprietary. Security Redefined for Cloud Scale Andrew Wesbecher VP of Sales andrew@lacework.com 1 Chris Pedigo Sr Sales Engineer chris@lacework.com
- 2. ©2018 Lacework, Inc. Confidential and Proprietary. Customers 2
- 3. ©2018 Lacework, Inc. Confidential and Proprietary. Data leaks Publicly exposed S3 buckets Highjacked resources Compromised AWS Accounts Highjacked compute capacity Compromised hosts Security Incidents on AWS 3
- 4. ©2018 Lacework, Inc. Confidential and Proprietary. (mis)Configurations AWS Accounts • AWS accounts and users • S3 buckets left open • APIs left open • AWS Accounts & regions • IAM users & assumed roles • AWS Security groups • Applications & containers • Machine connections • User access & files Workloads & Hosts AWS Attack Surfaces 4 EC2 ECS EKS
- 5. ©2018 Lacework, Inc. Confidential and Proprietary. What Lacework Does 5 Workload / Container Security AWS Account Security AWS Configuration Auditing Continuous compliance Use of security best practices Automated alerts on violations Analysis of CloudTrail data Automated alerts on anomalies Point & click UI for investigation Automated 24x7 monitoring Host IDS for security & compliance File Integrity Monitoring (FIM) Point & click UI for investigation End-to-end visibility at all layers
- 6. ©2018 Lacework, Inc. Confidential and Proprietary. Continuous Compliance / Configuration Validation 6
- 7. ©2018 Lacework, Inc. Confidential and Proprietary. AWS Account Security: CloudTrail Event Analysis 7
- 8. ©2018 Lacework, Inc. Confidential and Proprietary. Application / Workload Security 8
- 9. ©2018 Lacework, Inc. Confidential and Proprietary. Security Monitoring at Cloud Scale 9
- 10. ©2018 Lacework, Inc. Confidential and Proprietary. End-to-End Protection Applications Containers Machines AWS Accounts File Integrity Networks Users Configurations 10
- 11. ©2018 Lacework, Inc. Confidential and Proprietary. Audit your AWS configuration Spot at-risk S3 buckets Stop illicit Bitcoin mining Track privilege escalations Detect brute-force attacks Try Lacework for free! www.lacework.com/free 10-min set-up 11
- 12. ©2018 Lacework, Inc. Confidential and Proprietary. Monitor all components and their activities End-to-end behavior analysis – User to Network to Workloads to Data 12 acme/process OBSERVATIONS Application launch Initiated connection External IP calls Information exchanged Configurations File changes Threat intelligence … • Analyze behaviors • Define rules of normal behavior • Detect deviations • Decide whether anomaly is a threat Users Apps Processes VMs / Containers Accounts Files Machines Scored alerts Compliance violations Visibility graphical view All data to investigate POLYGRAPH™
- 13. ©2018 Lacework, Inc. Confidential and Proprietary. Automated Security for AWS 13 End-to-end. Continuous. Integrated with AWS Services. AWS Accounts EC2/ECS/EKS S3 buckets Compliance Monitoring, Intrusion Detection, Alerting Incident Investigation and resolution Analyze CloudTrail events (Polygraph) Polygraph of Workloads Polygraphs of Workloads (S3 layer) CloudTrail event analysis Value prop Continuous validation of AWS configuration for security & compliance [Security & compliance teams] Easy to navigate UI to get to incident root cause and get insight needed to fix. [DevOps & Security teams] Automatic detection and scoring of anomalies with high quality alerts [DevOps & Security teams] CIS benchmark S3 controls (HIPAA & PCI controls coming soon) Lacework UI and Polygraphs Lacework UI and Polygraphs