Lacework vs. Sonatype Vulnerability Scanner

Lacework is well suited for behavioral analysis. One thing to consider thought is in the early stages there will be quite a bit of noise generated by Lacework. There will be a higher volume alerts generated initially - until a good baseline is generated. Overall Lacework is good with alert handling - integration with Slack is good.

Incentivized

Well suited for organizations with small application security team as the solution scales and is easy for devs to use. The only choice if you develop in Java as their data is the most accurate.

Incentivized

• Easy to set-up the agent in cloud workloads.
• Easy integration with ticketing and messaging tools.
• Detailed visibility of all our container workloads across multiple accounts.

Incentivized

• UI can be complicated and hard to know where to click to find information.
• Ability to create and manage cases or tickets from events that trigger.

Compared to Sysdig Falco (the free open-source IDS), Lacework helps security teams by providing actionable alerts and a user-friendly interface that gives you an overview of all workloads being monitored, and detailed insights into these workloads if needed. Falco requires you to build your own integration and interface around it, including a mechanism to whitelist certain alerts. This made it harder for the security team to focus their time on potential intrusions.

Incentivized

• Being a FinTech company, financial institutions who partner with us want to know that we are appropriately maintaining a Security, Risk and Compliance program that maintains a level of comfort for their vendor management. Lacework gives us the ability to monitor and maintain a level of security for our infrastructure that puts our partners at ease, reduces the revenue cycle for new partners and opens doors to the future.