Skip to main content
TrustRadius

Overview

What is Lacework?

Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.

Read more
Recent Reviews

TrustRadius Insights

Lacework is a versatile product that has proven to be invaluable in various use cases. Customers have praised its ability to perform …
Continue reading

Solid Product

10 out of 10
December 18, 2021
We are using Lacework to keep an eye on our cloud environments. Lacework gives us a single pane of glass to see across all of our cloud …
Continue reading
Read all reviews
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Lacework?

Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

3 people also want pricing

Alternatives Pricing

What is Snyk?

Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and helps security teams to collaborate with their development teams. It boasts a developer-first approach that ensures organizations can secure all of the critical components of their applications from code to…

What is Aqua Cloud Native Security Platform?

The Aqua Platform is an integrated Cloud Native Application Protection Platform (CNAPP), that prioritizes risk and automates prevention while also focussing on detection and response across the lifecycle. It aims to stop current and prevent future cloud native attacks.

Return to navigation

Product Demos

Partner Integration on Twitch: Lacework

YouTube

Introduction to Lacework — Data-Driven Security Platform for the Cloud | Demo & Tutorial

YouTube

Lacework Demo from 2018 Re:Invent

YouTube
Return to navigation

Product Details

What is Lacework?

Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.

Lacework Video

Lacework Polygraph Data Platform Overview

Lacework Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.

Aqua Cloud Native Security Platform, Wiz, and Snyk are common alternatives for Lacework.

The most common users of Lacework are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(7)
Loading...

Reviews

(1-7 of 7)
Companies can't remove reviews or game the system. Here's why
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We mainly use Lacework for User and Entity Behavior Analytics. It allows us to be aware of any anomalies in our systems, be it a process, a user or a connection coming from an unusual location etc. The beauty of it is that the platform takes care of establishing a baseline of what is usual behavior in the systems, and once that is done, it becomes humanly possible to sift through the incoming alerts of what is considered out of the norm.
  • installation at the OS level and containers.
  • Queries for the latest vulns (e.g log4j, ksmbd...) to scan the systems.
  • Alerts and notifications
  • The Web GUI could be more user friendly
  • The information fetched from AWS services (like CloudTrail specifically) could be more verbose.
Lacework is cloud native. If you have workloads running in any of the major cloud providers, I think it would make security management and compliance easier.
For on-prem environments, it would definitely work. But I think it would be an overkill, as you would not be using all it has to offer.
Score 5 out of 10
Vetted Review
Verified User
Incentivized
We used Lacework as a service that performed behavioral analysis of the AWS Infrastructure layer (Cloudtrail, AWS Config), the server host processes, and user activities within AWS and the server itself. We also used Lacework Container Security to deliver end-to-end visibility of Docker container images by providing vulnerability assessments and malware detection. Vulnerability scanning for production instances with centralized logging and event analysis is a ‘must-have’ for customers from any product in the Commercial/GxP state.
  • Easy to implement in our environments
  • Good with alert handling
  • Good with compliance
  • Assurance of protection against the latest vulnerabilities and threats
  • Improve product support
  • Improve alert handling
Lacework is well suited for behavioral analysis. One thing to consider thought is in the early stages there will be quite a bit of noise generated by Lacework. There will be a higher volume alerts generated initially - until a good baseline is generated. Overall Lacework is good with alert handling - integration with Slack is good.
Score 10 out of 10
Vetted Review
Verified User
Lacework solutions help our company improve significantly our security posture in our cloud environment. We were looking for an easy-to-use solution and covered all our cloud assets. The tool is used on a daily basis to monitor vulnerabilities, threats in our environment, our posture against CIS benchmark... Security and DevOps teams are using the solution every week.
  • Detection of threats and Machine learning model
  • Ease of use
  • Support and contact with vendor
  • Alerting capabilities
  • Roles and permissions for Lacework users
This solution is perfect to protect your cloud environment, especially if you have difficulties with AWS services. To handle a scalable environment and give exhaustive visibility of our environment to our DevOps team. The solution is really plugging and playing for vulnerability detection and compliance. You need to wait a few days or weeks to have good detection capabilities to detect threats on your assets and network
Richard Russell | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
We utilize Lacework to monitor and alert on Security Risk and Compliance issues within our Cloud Infrastructure environments. Similar to a SIEM in functionality without the overhead in resources of a traditional solution, Lacework provides the function that our team needs to protect the systems and data our company depends on daily.
  • Ease of deployment
  • Log and event correlation and alerting
  • Vulnerability & Compliance scanning
  • Addition of scanning of on-prem[ise] assets
  • Addition of SaaS resource scanning
Lacework is a wonderful solution for assets located in public cloud hosting environments, however not suited for those assets in private datacenters or on premises.
December 18, 2021

Solid Product

Score 10 out of 10
Vetted Review
Verified User
We are using Lacework to keep an eye on our cloud environments. Lacework gives us a single pane of glass to see across all of our cloud workloads. It also helps baseline to determine if there is an anomaly in our network. Daily alerts helps our Incident response team prioritize and tackle urgent issues.
  • Single pane of glass for all cloud instances.
  • Easy to use UI
  • Seamless integration
  • Windows Agent still missing
Lacework easily integrates with all the major cloud platforms to provide you an overall health picture. The user interface is easy to navigate, and provides actionable data. They are constantly updating and improving the over all experience. The machine learning allows Lacework to "learn" what a baseline is for our environment, and can then provide alerts when an anomaly occurs.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We are using Lacework's Intrusion Detection capabilities to monitor our cloud workloads (mostly k8s clusters) for malicious behaviour. Lacework is integrated with our ticketing system and automatically creates tickets when anomalous behaviour is detected. Because alerting is based on anomaly detection, we are able to focus our efforts on alerts that have a higher probability of being malicious, compared to other IDS solutions we used before.
  • Easy to set-up the agent in cloud workloads.
  • Easy integration with ticketing and messaging tools.
  • Detailed visibility of all our container workloads across multiple accounts.
  • Not all runtime behaviour alerts offer enough data to decide whether or not something is malicious. Having even more data (e.g., what process is doing a specific action) would help.
Lacework is working great when you have multiple workloads running on different cloud environments, especially because deploying the agent is very easy. The Lacework interface then gives a great overview of all workloads being monitored and will create automated alerts when it detects anomalous behaviour. The integrations with ticketing and messaging then allow you to make these alerts actionable.
Score 8 out of 10
Vetted Review
Verified User
The detailed visibility of all our containers across multiple accounts is great. Anomaly-based detection allows us to focus our efforts and time on other events. Integrations with Jira, Slack, etc. are very easy to set up. The lacework team is very helpful before and during purchase.
  • The detailed visibility of all our container across multiple accounts is great.
  • Anomaly-based detection allows us to focus our efforts and time on other events. Integrations with Jira, Slack, etc. are very easy to set up.
  • The lacework team is very helpful before and during purchase.
  • UI can be complicated and hard to know where to click to find information.
  • Ability to create and manage cases or tickets from events that trigger.
As a SOC, Lacework enables us to filter millions of events down to actionable items, which in turn frees up our time for more important activities.
Return to navigation