Information Security Engineer at a insurance company with 501-1,000 employees
Real User
Top 10
2023-08-24T19:09:00Z
Aug 24, 2023
The overall solution can be rated 10 out of 10. I would recommend that while utilizing the product, it's vital to actively engage in configuring your environment appropriately and adopting the right procedures, both technical and administrative. This approach ensures the realization of value from Lacework or any security solution.
Techology Operations Lead at a computer software company with 11-50 employees
Real User
Top 20
2023-03-29T17:03:00Z
Mar 29, 2023
My advice is that it's very important to understand what you have and where you want to get to. You can use Lacework in many ways, and one of the ways you can use it is to assess the security posture of your infrastructure. If you understand what your security requirements are, you will better understand how to get the most out of Lacework. Lacework provides insight, to some extent, for viewing our environment from an attacker's perspective, because every alert is broken down into the steps someone took to get to the point where it generated the alert. That way, you get some insight into how someone would approach hacking the infrastructure. But it obviously doesn't offer as much detail as a pen test would. Because of the way we use Lacework, integrated with public cloud providers, every time we create an environment in the public cloud, we have to create an integration with Lacework. We do that through Terraform, using the principle of infrastructure as code. The maintenance comes in when Lacework makes API changes on their end. If the API changes in such a way that it's not compatible with our code, then we have to update it. But that happens rarely. It has only happened once in the last six months. Overall, I rate Lacework at 10 out of 10. I've been really happy with it.
I'm a fan, so I rate Lacework 10 out of 10. I recommend implementing it immediately. If you have a security team writing rules and trying to enforce them the old-fashioned way, that's a lot of man-hours. If they were to have a breach, not only the security team would be impacted but also the administrators. They have to go through the logs and parse them to figure out how many things were touched. You have to look through the VMs, load balancers, and other pieces of the infrastructure. You would need to put it in a spreadsheet and write a script to go through it. It's a pain. With Lacework, it's all there in one fell swoop, and you can go through all the logs. However, if you are a rules-based person, Lacework has the features to do that too. You can add some specific rules that aren't part of the normal CIS benchmarks and stuff that is already in the posture. You're getting scanned across the CIS benchmarks whether or not you implement them or not. You can also go in there and switch those values around to meet whatever your organizational goals are.
Lacework hasn't helped reduce our alerts. That's because we weren't alerting before Lacework in terms of security and compliance. If anything, it has increased our alerts, but that's just because we didn't have it before. So, overall, through time, after we implemented it and started addressing those alerts, for sure, they've been reduced. We've reduced our alerts by 70% to 80%, and there is more and more reduction. I would rate it a 10 out of 10.
Chief Information Security Officer at a tech services company with 201-500 employees
Real User
2022-07-10T15:39:00Z
Jul 10, 2022
Currently, it is determined by your capabilities and the size of your environment. In general, I would not recommend Lacework right now. There are more mature solutions that would be a better fit. It is very dependent on the specific environment in which you operate. Lacework isn't necessarily bad; it's just that the more mature solutions on the market have significantly more capabilities. Prisma Cloud, for example, or Rapid7 Clouds, I believe, have more capabilities and support. In the cloud environment, better support and different security use cases are available. However, it is similar to the situation with automobiles. You are not required to drive a Ferrari. You could buy, a simpler car and seat it for your needs. It depends on what you want to accomplish. I would rate Lacework an eight out of ten. It has some technical capabilities, which are not bad, but it is currently lacking some technical features. It's also prone to false positives, which I believe is due to an over-reliance on some AI detection models. But the precision of those things isn't always good.
Lacework is a cloud security platform whose Polygraph Data Platform automates cloud security at scale so customers can innovate with speed and safety. Lacework is the only security platform that can collect, analyze, and accurately correlate data across an organization’s AWS, Azure, GCP, and Kubernetes environments, and narrow it down to the handful of security events that matter. As a breach detection and investigation tool, Lacework provides information on when and how a breach happened,...
I rate the overall product a seven out of ten.
The overall solution can be rated 10 out of 10. I would recommend that while utilizing the product, it's vital to actively engage in configuring your environment appropriately and adopting the right procedures, both technical and administrative. This approach ensures the realization of value from Lacework or any security solution.
My advice is that it's very important to understand what you have and where you want to get to. You can use Lacework in many ways, and one of the ways you can use it is to assess the security posture of your infrastructure. If you understand what your security requirements are, you will better understand how to get the most out of Lacework. Lacework provides insight, to some extent, for viewing our environment from an attacker's perspective, because every alert is broken down into the steps someone took to get to the point where it generated the alert. That way, you get some insight into how someone would approach hacking the infrastructure. But it obviously doesn't offer as much detail as a pen test would. Because of the way we use Lacework, integrated with public cloud providers, every time we create an environment in the public cloud, we have to create an integration with Lacework. We do that through Terraform, using the principle of infrastructure as code. The maintenance comes in when Lacework makes API changes on their end. If the API changes in such a way that it's not compatible with our code, then we have to update it. But that happens rarely. It has only happened once in the last six months. Overall, I rate Lacework at 10 out of 10. I've been really happy with it.
I'm a fan, so I rate Lacework 10 out of 10. I recommend implementing it immediately. If you have a security team writing rules and trying to enforce them the old-fashioned way, that's a lot of man-hours. If they were to have a breach, not only the security team would be impacted but also the administrators. They have to go through the logs and parse them to figure out how many things were touched. You have to look through the VMs, load balancers, and other pieces of the infrastructure. You would need to put it in a spreadsheet and write a script to go through it. It's a pain. With Lacework, it's all there in one fell swoop, and you can go through all the logs. However, if you are a rules-based person, Lacework has the features to do that too. You can add some specific rules that aren't part of the normal CIS benchmarks and stuff that is already in the posture. You're getting scanned across the CIS benchmarks whether or not you implement them or not. You can also go in there and switch those values around to meet whatever your organizational goals are.
Lacework hasn't helped reduce our alerts. That's because we weren't alerting before Lacework in terms of security and compliance. If anything, it has increased our alerts, but that's just because we didn't have it before. So, overall, through time, after we implemented it and started addressing those alerts, for sure, they've been reduced. We've reduced our alerts by 70% to 80%, and there is more and more reduction. I would rate it a 10 out of 10.
Currently, it is determined by your capabilities and the size of your environment. In general, I would not recommend Lacework right now. There are more mature solutions that would be a better fit. It is very dependent on the specific environment in which you operate. Lacework isn't necessarily bad; it's just that the more mature solutions on the market have significantly more capabilities. Prisma Cloud, for example, or Rapid7 Clouds, I believe, have more capabilities and support. In the cloud environment, better support and different security use cases are available. However, it is similar to the situation with automobiles. You are not required to drive a Ferrari. You could buy, a simpler car and seat it for your needs. It depends on what you want to accomplish. I would rate Lacework an eight out of ten. It has some technical capabilities, which are not bad, but it is currently lacking some technical features. It's also prone to false positives, which I believe is due to an over-reliance on some AI detection models. But the precision of those things isn't always good.