TrustRadius Insights
Lacework is a versatile product that has proven to be invaluable in various use cases. Customers have praised its ability to perform …
Overview
What is Lacework?
Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.
Recent Reviews
Pricing
N/A
Unavailable
What is Lacework?
Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
3 people also want pricing
Alternatives Pricing
What is Snyk?
Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and helps security teams to collaborate with their development teams. It boasts a developer-first approach that ensures organizations can secure all of the critical components of their applications from code to…
Product Demos
Partner Integration on Twitch: Lacework
YouTube
Introduction to Lacework — Data-Driven Security Platform for the Cloud | Demo & Tutorial
YouTube
Lacework Demo from 2018 Re:Invent
YouTube
Product Details
- About
- Integrations
- Competitors
- Tech Details
- FAQs
What is Lacework?
Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.
Lacework Video
Lacework Polygraph Data Platform Overview
Lacework Integrations
Lacework Competitors
Lacework Technical Details
| Operating Systems | Unspecified |
|---|---|
| Mobile Application | No |
Frequently Asked Questions
Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.
The most common users of Lacework are from Mid-sized Companies (51-1,000 employees).
Comparisons
Compare with
Reviews and Ratings
(7)
Community Insights
TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!
- Business Problems Solved
- Pros
- Cons
- Recommendations
Lacework is a versatile product that has proven to be invaluable in various use cases. Customers have praised its ability to perform behavioral analysis of the AWS infrastructure layer, server host processes, and user activities within AWS and the server itself. This comprehensive visibility enables security teams to monitor and alert on security risk and compliance issues within cloud environments efficiently.
Users also appreciate Lacework's vulnerability assessment and malware detection capabilities for Docker container images. By providing vulnerability scanning for production instances with centralized logging and event analysis, Lacework helps organizations identify potential security flaws proactively. Additionally, the platform's integration with ticketing systems automates the creation of tickets when anomalous behavior is detected, streamlining incident response efforts.
Furthermore, Lacework's intrusion detection capabilities play a vital role in monitoring cloud workloads for malicious behavior. The platform acts as a single pane of glass, offering detailed visibility of all containers across multiple accounts. This feature has been highly valued by users as it allows security and DevOps teams to improve their company's security posture in the cloud environment.
Integrations with popular tools such as Jira and Slack are effortless to configure, enhancing workflow efficiency for users. Moreover, customers have reported positive experiences with the Lacework team's support throughout the purchase process.
Overall, Lacework's ability to establish a baseline of usual behavior in systems and provide timely alerts regarding anomalies makes it an essential tool for monitoring vulnerabilities, threats, and compliance in cloud environments. Daily alerts ensure that incident response teams can prioritize and address urgent issues promptly.
Ease of Implementation: Users have found it easy to set up the agent in their cloud workloads, indicating that the implementation process is straightforward and hassle-free. This sentiment was expressed by multiple reviewers.
Comprehensive Visibility: Reviewers highly value the product's ability to provide detailed visibility of all container workloads across multiple accounts. This feature allows users to have comprehensive insights into their container environment, facilitating effective monitoring and management. Several users have mentioned this as a key advantage.
Threat Detection Capabilities: The product's detection of threats and utilization of machine learning models has been praised by users. This shows that the advanced technologies employed by the product enable proactive identification of potential security issues and anomalies, allowing for efficient resource allocation. A number of reviewers have highlighted this aspect as valuable.
Poor Product Support: Some users have expressed dissatisfaction with the product support, particularly in terms of alert handling and scanning capabilities. They feel that there is room for improvement in these areas.
Insufficient Data in Runtime Behavior Alerts: Several reviewers have mentioned that not all runtime behavior alerts provide enough data to determine whether something is malicious. They suggest providing more detailed information, such as identifying the process responsible for a specific action.
Complicated User Interface: Many users find the user interface complicated and have difficulty locating information. They recommend making the web GUI more user-friendly and improving the clarity of where to click to find desired information.
Users have provided several recommendations for Lacework based on their experiences. The most common recommendations include:
-
Understand your needs: It is important to understand what you want out of the tools before talking to Lacework. This will help you effectively communicate your expectations and ensure that the tool aligns with your needs.
-
Test the solution: Users suggest testing the solution during a Proof of Concept (PoC) to see its value in action. By conducting a PoC, you can evaluate how Lacework performs and determine its suitability for your organization's security needs.
-
Request feature updates: Users recommend making use of the tool to its full potential and requesting feature updates for company growth. By actively engaging with Lacework and suggesting improvements, you can help shape the tool to better meet your evolving security requirements.
Overall, users highly recommend considering Lacework as a security tool due to its ease of setup, structured approach, and ability to provide a comprehensive view of corporate infrastructure. They emphasize the importance of being prepared to make changes in your cloud environment when using Lacework and putting in the work to achieve the targets it provides. Additionally, users find value in Lacework's ability to bring awareness to previously unknown alerts while monitoring IDS and suggest testing its user interface and requesting needed features from the product roadmap.
Reviews
(1-7 of 7)Companies can't remove reviews or game the system. Here's why
January 18, 2023
Lacework - Coud native UEBA platform
We mainly use Lacework for User and Entity Behavior Analytics. It allows us to be aware of any anomalies in our systems, be it a process, a user or a connection coming from an unusual location etc. The beauty of it is that the platform takes care of establishing a baseline of what is usual behavior in the systems, and once that is done, it becomes humanly possible to sift through the incoming alerts of what is considered out of the norm.
- installation at the OS level and containers.
- Queries for the latest vulns (e.g log4j, ksmbd...) to scan the systems.
- Alerts and notifications
- The Web GUI could be more user friendly
- The information fetched from AWS services (like CloudTrail specifically) could be more verbose.
January 18, 2023
Lacework - good for the Enterprise
We used Lacework as a service that performed behavioral analysis of the AWS Infrastructure layer (Cloudtrail, AWS Config), the server host processes, and user activities within AWS and the server itself. We also used Lacework Container Security to deliver end-to-end visibility of Docker container images by providing vulnerability assessments and malware detection. Vulnerability scanning for production instances with centralized logging and event analysis is a ‘must-have’ for customers from any product in the Commercial/GxP state.
- Easy to implement in our environments
- Good with alert handling
- Good with compliance
- Assurance of protection against the latest vulnerabilities and threats
- Improve product support
- Improve alert handling
December 25, 2021
Best security solution to protect your cloud environment easily
Score 10 out of 10
Vetted Review
Verified User
Lacework solutions help our company improve significantly our security posture in our cloud environment. We were looking for an easy-to-use solution and covered all our cloud assets. The tool is used on a daily basis to monitor vulnerabilities, threats in our environment, our posture against CIS benchmark... Security and DevOps teams are using the solution every week.
- Detection of threats and Machine learning model
- Ease of use
- Support and contact with vendor
- Alerting capabilities
- Roles and permissions for Lacework users
December 23, 2021
Lacework - The Road to Security Risk Reduction and Partners that we all have been looking for
Score 10 out of 10
Vetted Review
Verified User
We utilize Lacework to monitor and alert on Security Risk and Compliance issues within our Cloud Infrastructure environments. Similar to a SIEM in functionality without the overhead in resources of a traditional solution, Lacework provides the function that our team needs to protect the systems and data our company depends on daily.
- Ease of deployment
- Log and event correlation and alerting
- Vulnerability & Compliance scanning
- Addition of scanning of on-prem[ise] assets
- Addition of SaaS resource scanning
December 18, 2021
Solid Product
Score 10 out of 10
Vetted Review
Verified User
We are using Lacework to keep an eye on our cloud environments. Lacework gives us a single pane of glass to see across all of our cloud workloads. It also helps baseline to determine if there is an anomaly in our network. Daily alerts helps our Incident response team prioritize and tackle urgent issues.
- Single pane of glass for all cloud instances.
- Easy to use UI
- Seamless integration
- Windows Agent still missing
December 10, 2021
Lacework makes it easy to monitor malicious behaviour within our multi-cluster cloud environment!
We are using Lacework's Intrusion Detection capabilities to monitor our cloud workloads (mostly k8s clusters) for malicious behaviour. Lacework is integrated with our ticketing system and automatically creates tickets when anomalous behaviour is detected. Because alerting is based on anomaly detection, we are able to focus our efforts on alerts that have a higher probability of being malicious, compared to other IDS solutions we used before.
- Easy to set-up the agent in cloud workloads.
- Easy integration with ticketing and messaging tools.
- Detailed visibility of all our container workloads across multiple accounts.
- Not all runtime behaviour alerts offer enough data to decide whether or not something is malicious. Having even more data (e.g., what process is doing a specific action) would help.
December 08, 2021
Help improve your cloud security
Score 8 out of 10
Vetted Review
Verified User
The detailed visibility of all our containers across multiple accounts is great. Anomaly-based detection allows us to focus our efforts and time on other events. Integrations with Jira, Slack, etc. are very easy to set up. The lacework team is very helpful before and during purchase.
- The detailed visibility of all our container across multiple accounts is great.
- Anomaly-based detection allows us to focus our efforts and time on other events. Integrations with Jira, Slack, etc. are very easy to set up.
- The lacework team is very helpful before and during purchase.
- UI can be complicated and hard to know where to click to find information.
- Ability to create and manage cases or tickets from events that trigger.