Be part of as we speak’s main executives on-line on the Knowledge Summit on March ninth. Register right here.
Lacework as we speak introduced updates to its cloud safety platform aimed toward serving to prospects to prioritize remaining fixes for the vulnerability in Apache Log4j — together with by means of recognizing any exploits of the widespread flaw.
The corporate gives the Polygraph Knowledge Platform, which collects and correlates knowledge in cloud environments, detects potential safety points, and prioritizes the most important threats for response. Anomaly detection powered by machine studying is without doubt one of the key capabilities provided by the platform.
With as we speak’s launch, the platform now correlates main vulnerabilities, such because the Log4j flaw, with exploit exercise. The platform does this by connecting vulnerability knowledge with Lacework’s anomaly detection expertise, based on the corporate.
The result’s that prospects can now enhance their prioritization of remediation efforts for the Log4j vulnerability, together with by actively looking forward to any exploits of their surroundings which can be concentrating on the flaw, the corporate stated.
The Polygraph platform can now inform prospects, “not solely do you will have this vulnerability in your surroundings, however there’s distinctive or doubtlessly malicious habits that’s occurring on that workload,” stated James Brown, senior director of product at Lacework, in an interview. “So, that’s a robust sign that that is one thing you have to take a look at.”
Widespread vulnerability
Whereas the distant code execution vulnerability in Log4j was disclosed in December, the pervasiveness of the logging software program — and the truth that it’s usually leveraged not directly by way of Java frameworks — has made the difficulty tough to totally deal with for a lot of organizations.
Even previous to as we speak’s updates, Lacework’s expertise has already stood out with its potential to help prospects in responding to the Log4j flaw, Brown stated. Polygraph detected anomalous habits on workloads containing Log4j previous to the general public disclosure of the vulnerability, he stated.
This was attainable as a result of Lacework’s menace detection doesn’t simply search for recognized points, however is “discovering the unknown unhealthy issues” in buyer environments, Brown stated.
“Something that’s distinctive inside a buyer’s surroundings, we’re alerting them on it,” he stated. “Come to search out out that we had instances the place we have been recognizing habits from workloads that had Log4j current on it, earlier than anybody knew [about the vulnerability].”
Multicloud safety
Right this moment, Lacework additionally introduced that its anomaly detection capabilities are actually totally obtainable on Google Cloud, and are actually being provided in “restricted availability” for Microsoft Azure. The capabilities have already been obtainable for Amazon Net Providers (AWS) and Kubernetes (by way of the Amazon Elastic Kubernetes Service, or EKS).
“More and more we’re seeing organizations shift to a multicloud construction,” Brown stated. “These capabilities are deepening our story because the multi-cloud safety platform that may assist prospects deal with these challenges.”
Lacework has additionally prolonged its asset discovery and configuration monitoring capabilities into Google Cloud, becoming a member of AWS and EKS.
Moreover, the Lacework platform has additionally expanded anomaly detection to incorporate Kubernetes audit logs.
The platform has beforehand provided anomaly detection for container habits, which displays what Kubernetes is speaking with and spots uncommon habits. With as we speak’s launch, the platform is bringing in audit log evaluation for Kubernetes, which gives visibility into points corresponding to permissions which have been elevated, Brown stated.
Knowledge-driven method
Together with anomaly detection, Polygraph gives deep visibility throughout cloud and container workloads, based on Lacework. The platform finally reduces alerts to a mean of 1.4 per day and false positives by 95%, the corporate says.
Lacework is constructed atop the Snowflake knowledge platform and excels at gathering, processing, and normalizing knowledge — after which deriving insights for patrons, based on Lacework.
Based in 2015, Lacework ranks among the many best-funded and highest-valued privately held cybersecurity distributors, with the corporate most not too long ago elevating a $1.3 billion funding spherical in November that introduced a post-money valuation of $8.3 billion.
Whereas Lacework doesn’t disclose particular metrics for its development, the corporate “has been rising at 3.5 occasions, year-over-year, on most of those metrics,” Lacework’s co-CEO Jay Parikh stated in a current interview.
Final fall, Lacework employed Arash Nikkar, Fb’s vp of engineering, to affix the corporate in the identical position.
