AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet.
N/A
Lacework
Score 6.0 out of 10
N/A
Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.
Where you already have some Chef recipes to build your application boxes and are happy to run directly on VMs, OpsWorks really shines. It won't do anything too complex for you, so it only really works well for simple stacks (load balancers, application layers, database layers). If you want to do more complex infrastructure, Cloudformation or Terraform are probably worth looking at.
Lacework is well suited for behavioral analysis. One thing to consider thought is in the early stages there will be quite a bit of noise generated by Lacework. There will be a higher volume alerts generated initially - until a good baseline is generated. Overall Lacework is good with alert handling - integration with Slack is good.
Getting up and running with OpsWorks is a very technical and potentially time-consuming process. You need to know the ins and outs of Chef/Puppet if you really want to get into it and there isn't a convenient way to test out the environment locally so debugging can be time-consuming.
To take advantage of some of the newer AWS instance types you need to be running on a VPC, which again is a pain if you don't have a DevOps team.
The error logs and monitoring metrics in OpsWorks are pretty basic and haven't changed much over the years.
Unless you pay for a pricey support package getting support on OpsWorks will be pretty slow. Documentation is also relatively limited and sometimes hard to follow when compared to competitors. Generally, we've been able to get the answers we need from OpsWorks support when we run into problems but don't expect rapid responses.
OpsWorks isn't really a direct competitor to Terraform/Cloudformation, but it does allow you to do some of the more simple things on offer quite quickly and effectively. Opsworks was used for this reason, along with existing internal knowledge of Chef. Along with some of the other services on offer from AWS, it is good to use as a stepping stone along the way when building your systems - or perhaps it would be entirely suitable for a fairly simple project.
Compared to Sysdig Falco (the free open-source IDS), Lacework helps security teams by providing actionable alerts and a user-friendly interface that gives you an overview of all workloads being monitored, and detailed insights into these workloads if needed. Falco requires you to build your own integration and interface around it, including a mechanism to whitelist certain alerts. This made it harder for the security team to focus their time on potential intrusions.
Being a FinTech company, financial institutions who partner with us want to know that we are appropriately maintaining a Security, Risk and Compliance program that maintains a level of comfort for their vendor management. Lacework gives us the ability to monitor and maintain a level of security for our infrastructure that puts our partners at ease, reduces the revenue cycle for new partners and opens doors to the future.
