We are covering cloud security posture management and run-time detection as well, so there are two flavors. It is also used for inventory purposes. We are probably using all the capacity of the tool. We have the agents deployed in our environment, and we are also covering all of the cloud environments with the Cloud Security Posture Management version.
First of all, alert reduction is helping us to be focused on other things that matter. The other thing is in regards to visibility. What we found is that Lacework is super easy to deploy in Kubernetes environments and other environments. You can get super quick visibility into what is going on in your environment. Even though it has a behavioral engine, and it takes a couple of hours to consolidate the information and present that to you, it is pretty quick. We have a huge environment, it is great for us.
Lacework saves us a lot of money because in terms of the ingestion of data or in terms of the way AWS, GCP, and other cloud providers are sending logs into Lacework, if we have to ingest the data in our SIEM, for instance, it is going to cost us a lot of money. Having Lacework in the middle, ingesting the data, processing the data, and providing us with the right information is super valuable, at least from a cost perspective. I know every company would like to have all the logs in the SIEM or store them somewhere in their environment, but that is an advantage that I recognize in Lacework. The data is good. We can see the data that we want.
It is good for helping us view our environment from an attacker’s perspective. One of the things that they introduced recently is Attack Path. Previously, we needed to go to two or three places to figure out what was going on in our environment. Even though we had alerts from Lacework that gave us a lot of information, we sometimes needed to go to other places to make sure that we fully understood the context of the data alert. Lacework has introduced Attack Path which helps us a lot to identify the activity from the beginning to the end.
It has the ability to monitor configurations continuously. This capability is important, but we have complementary tools that monitor the configuration of certain files.
We have reduced the alert noise by 60% to 70%. We needed an opportunity to focus on projects and improve our controls elsewhere. We also wanted to focus on improving our detection capabilities because the network is providing a subset of alerts that are helpful, but we also need to think about all those things that we need to do in our environment, such as make a list of some use cases from an attacker's perspective and see if we can catch the event. We have threat intelligence as well. We can see whether we have a particular type of threat in our environment. There is vulnerability management as well. The combination of those factors is what we are currently doing. We can focus on these things.
Lacework helped save time by reducing our manual tasks. Lacework is providing us with comprehensive data or some set of data to see what is going on. In the past, we were doing that manually. We had to go to other places to understand what was going on, so Lacework helped us on that front. That was the most important saving of manual tasks.
It also has helped us to free up existing resources. The number of people that I had initially on the on-call rotation is less because of it. I could take out those people for other projects. That is the huge value that I saw from Lacework. As long as we reduce alerts, we will have time to focus on other things. In terms of human resources, people are more focused on other things.
Lacework has absolutely helped to reduce our organization's breach risk. Our company is super focused on protecting customer data. We are storing data in several cloud providers' object storage. With Lacework, especially with Cloud Security Posture Management, there is a compliance part where we can see how many object storages are exposed to the Internet. Whenever we have any event, we can identify that properly and immediately take action. That is how we reduce the risk in cloud providers. We take customer data super seriously, and we were able to identify all the alerts for the public object storage or for those that we had already but did not know.
Lacework has been helpful for spotting critical weaknesses. The most important thing is our customer data. It has helped us a lot, and it is super valuable.