Try our new research platform with insights from 80,000+ expert users

Automox vs Lacework comparison

Automox and Fortinet are both solutions in the Vulnerability Management category. Automox is ranked #43 with an average rating of 7.0, while Fortinet is ranked #13 with an average rating of 8.7. Automox holds a 0.4% mindshare in VM, compared to Fortinet’s 1.8% mindshare. Additionally, 100% of Automox users are willing to recommend the solution, compared to 90% of Fortinet users who would recommend it.
Automox
Read 10 Automox reviews
  • 488 Views
  • 358 Comparison Views
100% willing to recommend
Lacework
Read 10 Lacework reviews
  • 2,352 Views
  • 1,546 Comparison Views
90% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Automox and Lacework based on real PeerSpot user reviews.

Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Automox vs. Lacework Report (Updated: September 2024).
Buyer's Guide
Automox vs. Lacework
September 2024
Download the complete report
Helped 805,335 peers since 2012
 

Categories and Ranking

Automox
Ranking in Vulnerability Management
43rd
Average Rating
8.8
Number of Reviews
10
Ranking in other categories
Endpoint Protection Platform (EPP) (55th), Enterprise Mobility Management (EMM) (17th), Patch Management (12th)
Lacework
Ranking in Vulnerability Management
13th
Average Rating
8.6
Number of Reviews
10
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (10th), Cloud Security Posture Management (CSPM) (11th), Cloud-Native Application Protection Platforms (CNAPP) (9th), Compliance Management (7th)
 

Mindshare comparison

As of September 2024, in the Vulnerability Management category, the mindshare of Automox is 0.4%, up from 0.4% compared to the previous year. The mindshare of Lacework is 1.8%, down from 2.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management
 

Featured Reviews

JH
Aug 3, 2021
Monitors our devices irrespective of the location and the environment, allows us to exempt certain machines from certain patches, and has perfect patch management abilities
The fact that it is pretty much hands-off is most valuable. Basically, you set up your policies and give it free rein, and it just does its thing. They've been adding some new features lately, which I'm not nearly as familiar with, but the ability to just deploy patches and exempt certain machines from certain patches is helpful. For instance, for our servers, we may not want to roll out zero-day patches. We are able to exempt those and make sure that they don't get those policies. We've got certain servers that have to run a particular version of Java, and being able to exempt those servers from receiving Java updates is pretty fantastic. Its patch management abilities are perfect. We've gone through probably five different solutions in the past 10 years. Automox is the only one that we've found that we can just set and then forget. It simply works. It is the best. Its speed in carrying out functions is good. We've never experienced any performance issues. We've never noticed any delays. If we have to do a manual update, when we click update, within moments, we can tell that our computers are being updated. The actual UI is quick. Navigating between menus is seamless, and the actual communication between the console and the clients is seemingly instant as well. So, everything is as fast and quick as it can be. It doesn't require much brainpower to navigate the UI and to figure out how to update. Building schedules and different groups is very intuitive. It is just a matter of a few checkboxes, and they've got great examples already in the software when you first get hold of it. Their support staff is fantastic in helping you get those configured if you do have any questions, but the likelihood of you needing that is pretty minimal. It is built to make sense. It is very simple to set up policies using Automox. They've got several sample policies that are actually out there when you get access to the portal. The process is very simple. They've already got the samples out there, and it is so easy to duplicate them and modify them the way you want. It is just a matter of clicking a few checkboxes. It does not take much at all.
Read full review
SS
Dec 29, 2022
Helps us detect things based on severity and to focus on the critical and high-severity issues
There are many valuable features that I use in my daily work. The first are alerts and the event dossier that it generates, based on the severity. That is very insightful and helps me to have a security cap in our infrastructure. The second thing I like is the agent-based vulnerability management, which is the most accurate information. It helps us to know what the security gaps or weaknesses are in the systems and to patch them. Finding a critical weak spot is one of the best features, with the agent-based scanner. We can check it out, based on a filter of the host or container, get the vulnerability report for that particular host, and just share it with the DevOps team to patch. For anomalous activities, Lacework has a good set of rules for detection and it gives super-informative alert information. For example, when an issue is detected that results in an alert, it doesn't just give the details. It also explains clearly what is happening, with "WH" questions. In the alert, if you click on "Why this alert has been detected," there is a clear explanation for it. Next, you can click on, "When," and it gives the time range of the detection time. The next is "What has been impacted?" That kind of accurate information means we don't have to look around or worry about the source of the information or the legitimacy of the alert.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The flexibility in creating tools to make changes on remote machines is most valuable to me. The reporting feature is also fantastic because on any given day I can bring up a list of machines that don't have patches, for example. Or I can bring up a list of machines that are in my environment on a certain day. The solution helps me with not only my own role, and what I look for internally myself, but it also helps during audits. I can go in and look at the number of machines in there, and their owners and timelines. It certainly helps tell a story for anything that IT requires."
"Its flexibility is most valuable."
"It's easy to deploy agents to endpoints."
"It's super easy to use and we haven't found anything easier."
"Previously, we would run a report, scan it, and compare it. We were spending 15 to 30 minutes a month on each machine on this stuff because you would find stuff that wasn't up to date, then you had to fix it. This solution takes that time down to minutes. Automox saves us easily many hours a month."
"They've been adding some new features lately, which I'm not nearly as familiar with, but the ability to just deploy patches and exempt certain machines from certain patches is helpful. For instance, for our servers, we may not want to roll out zero-day patches. We are able to exempt those and make sure that they don't get those policies. We've got certain servers that have to run a particular version of Java, and being able to exempt those servers from receiving Java updates is pretty fantastic."
"Coming from prior solutions that were a lot more effort, Automox's patch management abilities are transformational. When I took over patching at my company, they were using on-premise architecture to patch. As the workforce shifted from being in the office into their home offices, I was able to lift and shift with no effort other than deploying the new agent out into the environment."
"The biggest improvement to our organization involves the reduction in its man hours... We've probably saved hundreds of hours."
More Automox pros
"The most valuable feature, from a compliance perspective, is the ability to use Lacework as a platform for multiple compliance standards. We have to meet multiple standards like PCI, SOC 2, CIS, and whatever else is out there. The ability to have reports generated, per security standard, is one of the best features for me."
"The most valuable feature is Lacework's ability to distill all the security and audit logs. I recommend it to my customers. Normally, when I consult for other customers that are getting into the cloud, we use native security tools. It's more of a rule-based engine."
"For the most part, out-of-the-box, it tells you right away about the things you need to work on. I like the fact that it prioritizes alerts based on severity, so that you can focus your efforts on anything that would be critical/high first, moderate second, and work your way down, trying to continue to improve your security posture."
"The most valuable aspects are identifying vulnerabilities—things that are out there that we aren't aware of—as well as finding what path of access attackers could use, and being able to see open SSL or S3 buckets and the like."
"The best feature, in my opinion, is the ease of use."
"There are many valuable features that I use in my daily work. The first are alerts and the event dossier that it generates, based on the severity. That is very insightful and helps me to have a security cap in our infrastructure. The second thing I like is the agent-based vulnerability management, which is the most accurate information."
"The compliance reports are definitely most valuable because they save time and are accurate. So, instead of relying on a human going through and checking or providing me with a report, I could just log into Lacework and see for myself."
"I find the cloud configuration compliance scanning mature. It generates a lot of data and supports major frameworks like ISO 27001 or SOC 2, providing reports and datasets. Another feature I appreciate is setting custom alerts for specific events. Additionally, I value the agent-based monitoring and scanning for compute nodes. It gives us deeper insights into our workloads and helps identify vulnerabilities across our deployed assets."
More Lacework pros
 

Cons

"There should be better inventory capabilities. Right now, they only allow you to have insight into software out-of-the-box. It would be nice to also extend that into custom inventory that can be modified and managed by the practitioner."
"The biggest area they need to fix, without a doubt, is the ability to copy and sync profiles and worklets between all of the organizations you manage, and the ability to have top-level user access control across all of the companies that you manage."
"As concerns the patching concepts, there's a bit of a learning curve in terms of working out how Automox wants you to work within the console, not only splitting up everything into groups, but then having the various policies assigned."
"When we bring on a new client, we need to go into that client and manually set up my account, my chief engineer's account, three technicians' accounts, and a billing person's account all over again, which is annoying. We have probably up to 15 or 16 of our clients on Automox now. For every single one of those, we have had to go in and set this up. Then, if anything changes, we have to remember to go to Automox and change it 15 or 16 times. So, we just want inheritable permissions, and that is it. We have talked to them about this, and they are like, "Yeah, we hear a lot of complaints about it." I am thinking, "Guys, I have been complaining about this for a year and a half. When are you going to do it?" It must be some tricky thing or not an easy fix, because I can only assume if it were easy, then they would have done it by now."
"They need to improve the automation features."
"We would like to see additional detailed reporting for Service providers like us. We had to build our own reports via their APIs to meet our needs."
"It should have integrated workstation access. So, there should be a remote desktop feature."
"The only thing that we've ever truly wanted is an onsite repository. Currently, all updates are provided directly from the internet. So, if you have 1,000 devices, all 1,000 devices go directly out to the internet. We would love the option of being able to put the updates on local storage so that we're not consuming as much bandwidth. That is literally the only thing that we've ever wanted."
More Automox cons
"The biggest thing I would like to see improved is for them to pursue and obtain a FedRAMP moderate authorization... I don't believe they have any immediate plans to get FedRAMP moderate authorized, which is a bit of a challenge for us because we can only use Lacework in our commercial environment."
"The solution lacks a cohesive data model, making extracting the necessary data from the platform challenging. It uses its own LQL query language, and each database across different layers and modules is structured differently, complicating correlation efforts. Consequently, I had to create extensive custom reports outside Lacework because their default dashboards didn't communicate risk metrics. They're addressing these issues by redesigning their tools, including introducing the dashboard, which is a step closer to actionable insights but still needs refinement."
"The configuration and setup of alerts should be easier. They should make it easier to integrate with systems like Slack and Datadog. I didn't spend too much time on it, but to me, it wasn't as simple as the alerting that I've seen on other systems."
"A feature that I have requested from them is the ability to sort alerts and policies based on a security framework. Right now, when you go into alerts, you have hundreds and hundreds of them that you have to manually pick. It would be useful to have categories for CIS Benchmark or SOC 2 and be able to display all the alerts and policies for one security framework."
"Lacework has not reduced the number of alerts we get. We've actually had to add resources as a result of using it because the application requires a lot of people to understand it to get the value out of it properly."
"I would like to see a remote access assistance feature. And the threat-hunting platform could be better."
"Visibility is lacking, and both compliance-related metrics and IAM security control could be improved."
"Lacework lacks remediation features, but I believe they're working on that. They're focused on the reporting aspect, but other features need to improve. They're also adding some compliance features, so it's not worth saying they need to get better at it."
More Lacework cons
 

Pricing and Cost Advice

"Its licensing for a year was nine grand. There was no additional fee."
"For all these software tools, it is usually a subscription model. There is a monthly charge that we need to pass along to our clients because we are doing all this for their benefit. It is only a couple of bucks a month per computer, and that is a low enough price point where our clients, without exception, have accepted it, and said, "This is great. We will pay that. It sounds like a worthwhile thing.""
"Automox just charges us a set amount per user, per month, for using the product. That is very important to us. Because it's a cloud-native solution, you're saving on the cost of hosting an on-premises solution on your servers."
"We're doing it annually directly through Automox. It is per endpoint. It is $2 and some change per endpoint, but I believe the cost is right around $28,000. Everything is covered in this fee."
"We are on the premium licensing, which is the one that has the API capability that we use."
"The product is a great value."
"The cost is very reasonable compared to the competition."
"The pricing and licensing costs have been great for us... My advice to others who are evaluating or thinking of implementing Automox is to give it a shot. If a free trial is still available, definitely use it, because it makes life a lot easier."
More Automox pricing and cost advice
"It is slightly expensive. It depends on how big your environment is, but it is expensive. Right now, we are spending a lot of money. We have covered all of the cloud providers and most of our colocation facilities as well, so we cannot complain, but it is slightly expensive. It is not super expensive."
"My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz."
"The pricing has gotten better. That scenario was somewhat unstable. They have a rather interesting licensing structure. I believe you get 200 resources per "Lacework unit." It was difficult, in the beginning, to figure out exactly what a "resource" was... That was a problem until about a year or so ago. They have improved it and it has stabilized quite a bit."
"The licensing fee was approximately $80,000 USD, per year."
report
See which vendors are best for you
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
See recommendations
805,335 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Manufacturing Company
8%
Financial Services Firm
7%
Government
7%
Computer Software Company
19%
Financial Services Firm
14%
Retailer
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Automox?
It's easy to deploy agents to endpoints.
See all answers
What is your experience regarding pricing and costs for Automox?
We do pay a monthly licensing fee. I'd rate the pricing as average. It's not cheap yet not too expensive. You can also pay for more support if you require them to provide consultancy services.
See all answers
What needs improvement with Automox?
They need to improve the automation features. It could be more stable.
See all answers
How would you compare Wiz vs Lacework?
Wiz and Lacework sucks... Buy Orca.
See all answers
What do you like most about Lacework?
Polygraph compliance is a valuable feature. In our perspective, it delivers significant benefits. The clarity it offers, along with the ability to identify and address misconfigurations, is invalua...
See all answers
What is your experience regarding pricing and costs for Lacework?
My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz.
See all answers
 

Comparisons

Microsoft Intune vs Automox Logo
Microsoft Intune vs Automox
Compared 36% of the time
Tanium vs Automox Logo
Tanium vs Automox
Compared 10% of the time
NinjaOne vs Automox Logo
NinjaOne vs Automox
Compared 9% of the time
BigFix vs Automox Logo
BigFix vs Automox
Compared 8% of the time
Microsoft Configuration Manager vs Automox Logo
Microsoft Configuration Manager vs Automox
Compared 8% of the time
More Automox Competitors
Wiz vs Lacework Logo
Wiz vs Lacework
Compared 29% of the time
Prisma Cloud by Palo Alto Networks vs Lacework Logo
Prisma Cloud by Palo Alto Networks vs Lacework
Compared 10% of the time
AWS GuardDuty vs Lacework Logo
AWS GuardDuty vs Lacework
Compared 8% of the time
Aqua Cloud Security Platform vs Lacework Logo
Aqua Cloud Security Platform vs Lacework
Compared 6% of the time
Snyk vs Lacework Logo
Snyk vs Lacework
Compared 6% of the time
More Lacework Competitors
 

Product Reports

Buyer's Guide
Automox
September 2024
Automox reportDownload Automox product report
Buyer's Guide
Lacework
September 2024
Lacework reportDownload Lacework product report
 

Also Known As

No data available
Polygraph
 

Learn More

Automox
Video not available
Fortinet
 

Overview

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-based and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.

Lacework is a cloud security platform whose Polygraph Data Platform automates cloud security at scale so customers can innovate with speed and safety. Lacework is the only security platform that can collect, analyze, and accurately correlate data across an organization’s AWS, Azure, GCP, and Kubernetes environments, and narrow it down to the handful of security events that matter. As a breach detection and investigation tool, Lacework provides information on when and how a breach happened, including the users, machines, and applications involved in the breach. By using machine learning and behavioral analytics, the solution can automatically learn what's normal for your environment and reveal any abnormal behavior. In addition, Lacework gives you continuous visibility to find vulnerabilities, misconfigurations, and malicious activity across your cloud environment.

Lacework Features

Lacework has many valuable key features. Some of the most useful ones include:

  • Dashboards
  • Reports
  • Workflow management
  • Administration console
  • Governance
  • Policy enforcement
  • Auditing
  • Access control
  • Workflow management
  • Compliance monitoring
  • Anomaly detection
  • Data loss prevention
  • Cloud gap analytics
  • Host compliance

Lacework Benefits

There are many benefits to implementing Lacework. Some of the biggest advantages the solution offers include:

  • Security visibility: Get deep observability into your cloud accounts, workloads, and microservices to give you tighter security control.
  • Threat detection: By using Lacework, your organization can identify common security events that target your cloud servers, containers, and infrastructure-as-a-service (IaaS) accounts so you can take action on them quickly.
  • Flexible deployment: With Lacework, you have the option to deploy the way you prefer - either agent or agentless - which provides the visibility needed to have maximum security for cloud accounts and systems. Because Lacework offers an easy-to-deploy layered approach, you gain quick time to value.
  • Configuration compliance: With the Lacework solution, you can easily spot IaaS account configurations that are non-compliant and identify opportunities to apply security best practices.
  • Synced teams: Lacework allows your teams to operate smarter and bridge the gap between security, Dev, and Ops regardless of your team's size or experience level.
  • Gain meaningful security insights: Lacework provides meaningful security insights, alerting you of issues before they reach production from your existing workflows. This way you can build apps quickly and confidently.
  • Increased revenue streams: Because the solution has built-in security from the first line of code early on, it helps users unlock higher revenue streams.
  • Helps avoid development delays: The Lacework solution helps you better prioritize security fixes by making security information accessible to DevOps and security teams for earlier risk mitigation that speeds innovation.
  • Increased productivity: Lacework provides alerts with all the context you need and eliminates data silos and costly investigations, enabling you to boost productivity.
  • Correlate and contextualize behaviors: Lacework can take attributes and data points from your unique environment and correlate them together into behaviors.
  • Simplified cloud security posture and compliance: With the Lacework platform, you can get comprehensive visibility and continuous tracking to reduce risks and meet compliance requirements so you can improve your bottom line.
  • Address vulnerabilities before it is too late: Lacework enables you to limit your attack surface so you can address the riskiest vulnerabilities early in the development cycle.
 

Sample Customers

Information Not Available
J.Crew, AdRoll, Snowflake, VMWare, Iterable, Pure Storage, TrueCar, NerdWallet, and more.
Buyer's Guide
Automox vs. Lacework
September 2024
Free Report: Automox vs. Lacework
Find out what your peers are saying about Automox vs. Lacework and other solutions. Updated: September 2024.
DOWNLOAD NOW
805,335 professionals have used our research since 2012.
See our Automox vs. Lacework report.
See our list of best Vulnerability Management vendors.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.