Apache Web Server (Apache HTTP Server) is an open source HTTP web server for modern operating systems including UNIX and Windows.
N/A
Lacework
Score 6.0 out of 10
N/A
Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.
As I mentioned earlier, the Apache HTTP Server has a small disadvantage compared to the competition (NGINX) in terms of performance. If you run websites that really have a lot of visitors, NGINX might be the better alternative.
On the other hand, the Apache HTTP Server is open source and free. Further functionalities can be activated via modules. The documentation is really excellent.
Lacework is well suited for behavioral analysis. One thing to consider thought is in the early stages there will be quite a bit of noise generated by Lacework. There will be a higher volume alerts generated initially - until a good baseline is generated. Overall Lacework is good with alert handling - integration with Slack is good.
Street Cred: Apache Web Server is the Founder for all of Apache Foundation's other projects. Without the Web Server, Apache Foundation would look very different. That being said, they have done a good job of maintaining the code base, and keeping a lot of what makes Apache so special
Stability: Apache is rock-solid. While no software is perfect, Apache can parse your web sources quickly and cleanly.
Flexibility: Need to startup your own Webpage? Done. Wordpress? Yup. REST Endpoint? Check. Honeypot? Absolutely.
The default configurations which comes with Apache server needs to get optimized for performance and security with every new installation as these defaults are not recommended to push on the production environment directly.
Security options and advanced configurations are not easy to set up and require an additional level of expertise.
Admin frontend GUI could be improved to a great extent to match with other enterprise tools available to serve similar requirements.
I give this rating because there is so much Apache documentation and information on the web that you can literally do anything. This has to do with the fact that there is a huge Open Source community that is beyond mature and perhaps one of the most helpful to be found. The only thing that should hold anyone back from anything is that they can not read. RTFM, my friend. And I must say that the manual is excellent.
I has a lot more features, except that IIS is more integrated in a Windows environment. But now with .net core also possible from Apache it would work anywhere really. Only in a full Windows environment where full integration is needed I would chose to go for IIS. Otherwise Apache it is.
Compared to Sysdig Falco (the free open-source IDS), Lacework helps security teams by providing actionable alerts and a user-friendly interface that gives you an overview of all workloads being monitored, and detailed insights into these workloads if needed. Falco requires you to build your own integration and interface around it, including a mechanism to whitelist certain alerts. This made it harder for the security team to focus their time on potential intrusions.
Being a FinTech company, financial institutions who partner with us want to know that we are appropriately maintaining a Security, Risk and Compliance program that maintains a level of comfort for their vendor management. Lacework gives us the ability to monitor and maintain a level of security for our infrastructure that puts our partners at ease, reduces the revenue cycle for new partners and opens doors to the future.
