Lacework®, the data-driven cloud security company, today announced new cloud-native Application Protection Platform (CNAPP) capabilities for the Polygraph® Data Platform, which provides enhanced attack path analysis and agentless workload scanning for secrets and vulnerabilities. These capabilities provide better insight into today’s increasingly complex security environment, enabling organizations to instantly understand what matters so they can triage and respond faster.
According to the latest Lacework Cloud Threat Report, attackers are becoming more sophisticated, with a particular focus on infrastructure. Attackers are constantly looking for ways of least resistance to compromise a system by hiding in the complexities of seemingly disparate risks and exploiting them where possible. Although cloud adoption is near ubiquitous across all industries, many organizations still lack the visibility needed to truly manage and understand these sophisticated vulnerabilities that exist or are emerging in their own cloud environments. Even most modern security solutions fall short, relying on rules-based approaches that fail to take into account the dynamic uniqueness of each organization’s cloud environment.
“As cloud environments become more complex, it’s difficult for organizations to get a clear picture of what’s happening across their critical infrastructure so they can work efficiently to scale security to mitigate risk at the speed of modern software development manage,” said Melinda Marks, senior analyst at ESG. “Lacework is a strong player in the CNAPP category because it combines transparency with a deep understanding of behavior across a customer’s cloud environment.”
In response to these challenges, Lacework introduced an attack path analysis that combines a visual representation of potential attack paths with deep runtime insights from the Polygraph Data Platform. These visual attack paths connect various attack vectors, including vulnerabilities, misconfigurations, network reachability, secrets, and Identity and Access Management (IAM) roles for each host in the environment. This is provided as an additional layer of context for each alert to clearly show which assets could be under attack and why. As cloud threats continue to grow in volume and complexity, this critical context enables security teams to identify and prioritize remediation based on risk and actively hunt for exploits before they become a problem, all from one single platform.
With the addition of agentless workload scanning, customers benefit from more flexibility in building layered security, broader coverage across environments, and faster time to value by discovering vulnerabilities and secrets in runtime environments without the use of agents. Customers can now assess vulnerabilities and disclosed secrets in container images, hosts and language libraries and provide a software BOM for their runtime environment. This allows:
• A better understanding of the cloud environment and potential risks through an up-to-date inventory of software components and information on vulnerabilities and disclosed secrets in the production environment
• The ability to scan more resources without an agent to cover the runtime environment more comprehensively and ensure compliance with security standards and business requirements
• More flexibility and choice to build layered security with continuous monitoring
“We take security seriously and always consider it a critical factor when developing or deploying new services,” said Charly Vitrano, Medallia’s director of security operations. “Lacework has brought to the market a new, better and more secure option for agentless scanning – the elements of privacy and least privilege were essential for us to deploy this solution across our environment.”
“To deploy a complete, robust security solution, customers need both risk visibility to prioritize troubleshooting across the cloud environment and deep visibility into activity in their environment so they can quickly take action to protect their business can take hold of,” he told Adam Leftik, VP of Product, Lacework. “We knew that just providing risk prioritization wasn’t good enough, so we built advanced visibility and protection from active attacks into our Polygraph data platform. Customers now have the context they need