Skip to main content
TrustRadius
Lacework

Lacework

Overview

What is Lacework?

Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.

Read more
Recent Reviews

TrustRadius Insights

Lacework is a versatile product that has proven to be invaluable in various use cases. Customers have praised its ability to perform …
Continue reading
TrustRadius Insights
TrustRadius Insights

Solid Product

10 out of 10
December 18, 2021
We are using Lacework to keep an eye on our cloud environments. Lacework gives us a single pane of glass to see across all of our cloud …
Continue reading

Help improve your cloud security

8 out of 10
December 08, 2021
The detailed visibility of all our containers across multiple accounts is great. Anomaly-based detection allows us to focus our efforts …
Continue reading
Read all reviews
Return to navigation

Pricing

View all pricing
Lacework

Lacework

N/A
Unavailable

What is Lacework?

Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

3 people also want pricing

Alternatives Pricing

Snyk

Snyk

Free
What is Snyk?

Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and helps security teams to collaborate with their development teams. It boasts a developer-first approach that ensures organizations can secure all of the critical components of their applications from code to…

Return to navigation

Product Demos

Partner Integration on Twitch: Lacework

YouTube

Introduction to Lacework — Data-Driven Security Platform for the Cloud | Demo & Tutorial

YouTube

Lacework Demo from 2018 Re:Invent

YouTube
Return to navigation

Product Details

What is Lacework?

Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.

Lacework Video

Lacework Polygraph Data Platform Overview

Lacework Integrations

Lacework Competitors

Lacework Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.

Aqua Cloud Native Security Platform, Wiz, and Snyk are common alternatives for Lacework.

The most common users of Lacework are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(7)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Lacework is a versatile product that has proven to be invaluable in various use cases. Customers have praised its ability to perform behavioral analysis of the AWS infrastructure layer, server host processes, and user activities within AWS and the server itself. This comprehensive visibility enables security teams to monitor and alert on security risk and compliance issues within cloud environments efficiently.

Users also appreciate Lacework's vulnerability assessment and malware detection capabilities for Docker container images. By providing vulnerability scanning for production instances with centralized logging and event analysis, Lacework helps organizations identify potential security flaws proactively. Additionally, the platform's integration with ticketing systems automates the creation of tickets when anomalous behavior is detected, streamlining incident response efforts.

Furthermore, Lacework's intrusion detection capabilities play a vital role in monitoring cloud workloads for malicious behavior. The platform acts as a single pane of glass, offering detailed visibility of all containers across multiple accounts. This feature has been highly valued by users as it allows security and DevOps teams to improve their company's security posture in the cloud environment.

Integrations with popular tools such as Jira and Slack are effortless to configure, enhancing workflow efficiency for users. Moreover, customers have reported positive experiences with the Lacework team's support throughout the purchase process.

Overall, Lacework's ability to establish a baseline of usual behavior in systems and provide timely alerts regarding anomalies makes it an essential tool for monitoring vulnerabilities, threats, and compliance in cloud environments. Daily alerts ensure that incident response teams can prioritize and address urgent issues promptly.

Ease of Implementation: Users have found it easy to set up the agent in their cloud workloads, indicating that the implementation process is straightforward and hassle-free. This sentiment was expressed by multiple reviewers.

Comprehensive Visibility: Reviewers highly value the product's ability to provide detailed visibility of all container workloads across multiple accounts. This feature allows users to have comprehensive insights into their container environment, facilitating effective monitoring and management. Several users have mentioned this as a key advantage.

Threat Detection Capabilities: The product's detection of threats and utilization of machine learning models has been praised by users. This shows that the advanced technologies employed by the product enable proactive identification of potential security issues and anomalies, allowing for efficient resource allocation. A number of reviewers have highlighted this aspect as valuable.

Poor Product Support: Some users have expressed dissatisfaction with the product support, particularly in terms of alert handling and scanning capabilities. They feel that there is room for improvement in these areas.

Insufficient Data in Runtime Behavior Alerts: Several reviewers have mentioned that not all runtime behavior alerts provide enough data to determine whether something is malicious. They suggest providing more detailed information, such as identifying the process responsible for a specific action.

Complicated User Interface: Many users find the user interface complicated and have difficulty locating information. They recommend making the web GUI more user-friendly and improving the clarity of where to click to find desired information.

Users have provided several recommendations for Lacework based on their experiences. The most common recommendations include:

  1. Understand your needs: It is important to understand what you want out of the tools before talking to Lacework. This will help you effectively communicate your expectations and ensure that the tool aligns with your needs.

  2. Test the solution: Users suggest testing the solution during a Proof of Concept (PoC) to see its value in action. By conducting a PoC, you can evaluate how Lacework performs and determine its suitability for your organization's security needs.

  3. Request feature updates: Users recommend making use of the tool to its full potential and requesting feature updates for company growth. By actively engaging with Lacework and suggesting improvements, you can help shape the tool to better meet your evolving security requirements.

Overall, users highly recommend considering Lacework as a security tool due to its ease of setup, structured approach, and ability to provide a comprehensive view of corporate infrastructure. They emphasize the importance of being prepared to make changes in your cloud environment when using Lacework and putting in the work to achieve the targets it provides. Additionally, users find value in Lacework's ability to bring awareness to previously unknown alerts while monitoring IDS and suggest testing its user interface and requesting needed features from the product roadmap.

Reviews

(1-3 of 3)
Companies can't remove reviews or game the system. Here's why
January 18, 2023

Lacework - Coud native UEBA platform

Verified User
Technician in Information Technology
Information Technology & Services Company, 501-1000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We mainly use Lacework for User and Entity Behavior Analytics. It allows us to be aware of any anomalies in our systems, be it a process, a user or a connection coming from an unusual location etc. The beauty of it is that the platform takes care of establishing a baseline of what is usual behavior in the systems, and once that is done, it becomes humanly possible to sift through the incoming alerts of what is considered out of the norm.
Pros and Cons
  • installation at the OS level and containers.
  • Queries for the latest vulns (e.g log4j, ksmbd...) to scan the systems.
  • Alerts and notifications
  • The Web GUI could be more user friendly
  • The information fetched from AWS services (like CloudTrail specifically) could be more verbose.
Likelihood to Recommend
Lacework is cloud native. If you have workloads running in any of the major cloud providers, I think it would make security management and compliance easier.
For on-prem environments, it would definitely work. But I think it would be an overkill, as you would not be using all it has to offer.
Most Important Features
  • Alerting and Notifications.
  • Queries for the latest vulnerabilities (log4j, ksmbd...)
  • UEBA
Return on Investment
  • Better security
  • More visibility from a security/compliance perspective
December 25, 2021

Best security solution to protect your cloud environment easily

Verified User
C-Level Executive in Information Technology
Retail Company, 501-1000 employees
Score 10 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
Lacework solutions help our company improve significantly our security posture in our cloud environment. We were looking for an easy-to-use solution and covered all our cloud assets. The tool is used on a daily basis to monitor vulnerabilities, threats in our environment, our posture against CIS benchmark... Security and DevOps teams are using the solution every week.
Pros and Cons
  • Detection of threats and Machine learning model
  • Ease of use
  • Support and contact with vendor
  • Alerting capabilities
  • Roles and permissions for Lacework users
Likelihood to Recommend
This solution is perfect to protect your cloud environment, especially if you have difficulties with AWS services. To handle a scalable environment and give exhaustive visibility of our environment to our DevOps team. The solution is really plugging and playing for vulnerability detection and compliance. You need to wait a few days or weeks to have good detection capabilities to detect threats on your assets and network
Most Important Features
  • Cloud Compliance
  • Vulnerability management
  • Behavior detection
Return on Investment
  • Less operations task to maintain and deploy a vulnerability management solution
  • Detection of threats in our cloud without the need to check millions of lines of logs
December 23, 2021

Lacework - The Road to Security Risk Reduction and Partners that we all have been looking for

Richard Russell | TrustRadius Reviewer
Richard Russell
Director of Information Security & IT Infrastructure
Built Technologies (Financial Services, 201-500 employees)
Score 10 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
We utilize Lacework to monitor and alert on Security Risk and Compliance issues within our Cloud Infrastructure environments. Similar to a SIEM in functionality without the overhead in resources of a traditional solution, Lacework provides the function that our team needs to protect the systems and data our company depends on daily.
Pros and Cons
  • Ease of deployment
  • Log and event correlation and alerting
  • Vulnerability & Compliance scanning
  • Addition of scanning of on-prem[ise] assets
  • Addition of SaaS resource scanning
Likelihood to Recommend
Lacework is a wonderful solution for assets located in public cloud hosting environments, however not suited for those assets in private datacenters or on premises.
Most Important Features
  • Ease of deployment
  • Ease of operation
  • Relevance of reported information
  • Dependability
Return on Investment
  • Being a FinTech company, financial institutions who partner with us want to know that we are appropriately maintaining a Security, Risk and Compliance program that maintains a level of comfort for their vendor management. Lacework gives us the ability to monitor and maintain a level of security for our infrastructure that puts our partners at ease, reduces the revenue cycle for new partners and opens doors to the future.
Alternatives Considered
Ease of deployment and use.
Return to navigation