Lacework Reviews

How you can trace the issue all the way to the exectutable. it was 2 alerts that recived indicating that there were external attempts from servers to external IPs and upon checking the details of the alert and looking at the source and destination and traffic details; I was able to easily trace it to be legitimate attempts as one systems was trying to connect to O365 and the other to SpecOps.

None at the moment. I am happy with the product so far and the support is also great. I trust the company as well as they are doing great job developing the product even more

it was 2 alerts that recived indicating that there are external attempts from servers to external IPs and upon checking the details of the alert and looking at the source and destination and traffic details; I was able to easily trace it to be legitimate attempts as one systems was trying to connect to O365 and the other to SpecOps.

Excellent experience, able to detect anomalies in a timely manner and make judgments based on behavior

It is better if you can detect the tag we set for each EC2

Lacework can find anomalies user behavior based on agent and cloudtrial log and give use timely alert everyday. And can help us to locate where is the event and how to remediate it.

I've only had to talk to support once and the attention has been excellent, they saw a UX problem and in 4 months they implemented it, few products do that. The creation of customized policies and reports is a plus.

Many CLI options are not available in the web console (e.g., deleting or editing queries or creating custom reports). Better control of API Keys is needed, such as knowing when they were last used. Very basic FIM.

Automatic scanning for compliance with CIS and internal policies. Automatic scanning for compliance with CIS and internal policies. Alerts related to infrastructure anomalies.

The ability to verify compliance with security standards using Lacework reports.

Most of the time, I don't know why an alert is a real risk. I mean, how can someone exploit a specific alert to attack my cloud resources?

1 - Lacework is helping me achieve compliance, a requirement in various client contracts.

2 - Lacework alerts me when something unusual happens in the cloud.

3 - Lacework helped me identify insecure areas in my cloud infrastructure.

The services the product offers and also the support team behind the product. Finally, how easy is to implement and integrate with our system.

By now, I didn't find anything that dislike me.

CVE scanning and security audit

The machine learning from existing workloads makes setting up lacework a breeze. The lacework team has been rock solid about helping me to identify potential vulnerabilities in the system as well as working to use their platform to the fullest.

The documents for lacework are scattered, making it hard to self-learn how to get started on their platform. Their support team makes up for this though by being very quick and eager to help.

When we went through a security audit with a third-party partner, lacework made it super simple to export the correct type of reports they were looking for as well as to identify the high-priority items that we needed to resolve to make sure we were fully aligned with our partners needs.

Lacework offers an intuitive GUI that unifies the support and monitoring experience across multiple cloud platforms.

I have no real dislikes of Lacework. The product provided the solutions I was seeking from the product.

The primary value I gained from Lacework was a unified GUI for monitoring multiple cloud platforms. While each platform offered it's own native solution, having a single point of management was immensely more efficient.

The incorporation of machine learning algorithms into its platform allows Lacework to intelligently filter out false positives and only surface alerts that require immediate attention. The system learns the baseline behavior of our dynamic environments and adjusts its monitoring algorithms accordingly. A new component deployed to multiple environments only triggers one alert.

We work in a setting where environments are spun up and torn down in a matter of minutes, and Lacework easily adapts to these changes without requiring manual configurations each time. This adaptability dramatically reduces the time we spend on repetitive tasks and helps us focus on higher-level security challenges.

Lacework offers a growing sweet of integrations, and where one doesn't suite your needs there's awalys outbound callbacks that can be setup

One particular area that could see improvement is the documentation. As an organization that often gets early access to new features, we've found that the public documentation doesn't always keep pace with the rapid expansion and updates to the Lacework platform.

Lacework has transformed our security operations by expanding our visibility far beyond just code scanning at build time. As a single pane of glass solution, it provides comprehensive monitoring across our entire stack, from host systems to containers and even the cloud platform. This has streamlined our SecOps processes, allowing us to proactively manage risks and respond to threats more efficiently.

Easy to get started, we are able to automate a lot of aspects of cloud security with it so that we can focus more on our business, Daily/Weekly reports to help us keep track, communication via Slack is quick and easy

A bit of extra load on the servers that are running the Lacework agents, as you expect but it still needs to be considered.

Increases Security by providing visibility, basically, we can save a fulltime DevSecOps/Security Engineer position

I like the wealth of information I have. Everything is accessable through the API too which makes it amazing for analyzing data using our own tools like Tableau.

The UI can be clunky and unintuitive at times. All the data I need is there but can be hard to access to understand.

We have many machines spanning many accouunts spanning a few cloud platforms and Lacework is compatable with all fo them and provides insights all in one place. In addition we have many containers and images running through our enviroment which Lacework is able to scan.