Lacework makes it easy to monitor malicious behaviour within our multi-cluster cloud environment!
December 10, 2021
Lacework makes it easy to monitor malicious behaviour within our multi-cluster cloud environment!
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Lacework
We are using Lacework's Intrusion Detection capabilities to monitor our cloud workloads (mostly k8s clusters) for malicious behaviour. Lacework is integrated with our ticketing system and automatically creates tickets when anomalous behaviour is detected. Because alerting is based on anomaly detection, we are able to focus our efforts on alerts that have a higher probability of being malicious, compared to other IDS solutions we used before.
Pros
- Easy to set-up the agent in cloud workloads.
- Easy integration with ticketing and messaging tools.
- Detailed visibility of all our container workloads across multiple accounts.
Cons
- Not all runtime behaviour alerts offer enough data to decide whether or not something is malicious. Having even more data (e.g., what process is doing a specific action) would help.
- Intrusion Detection System.
- Integrations.
- Actionable alerts.
- Our previous open-source IDS resulted in thousands of alerts that weren't actionable. As Lacework only alerts when it detects anomalous behavior, the amount of alerts is lower, and the probability is higher that something malicious is happening.
Compared to Sysdig Falco (the free open-source IDS), Lacework helps security teams by providing actionable alerts and a user-friendly interface that gives you an overview of all workloads being monitored, and detailed insights into these workloads if needed. Falco requires you to build your own integration and interface around it, including a mechanism to whitelist certain alerts. This made it harder for the security team to focus their time on potential intrusions.
Do you think Lacework delivers good value for the price?
Not sure
Are you happy with Lacework's feature set?
Yes
Did Lacework live up to sales and marketing promises?
Yes
Did implementation of Lacework go as expected?
Yes
Would you buy Lacework again?
Yes
Comments
Please log in to join the conversation