Lacework makes it easy to monitor malicious behaviour within our multi-cluster cloud environment!
December 10, 2021

Lacework makes it easy to monitor malicious behaviour within our multi-cluster cloud environment!

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Lacework

We are using Lacework's Intrusion Detection capabilities to monitor our cloud workloads (mostly k8s clusters) for malicious behaviour. Lacework is integrated with our ticketing system and automatically creates tickets when anomalous behaviour is detected. Because alerting is based on anomaly detection, we are able to focus our efforts on alerts that have a higher probability of being malicious, compared to other IDS solutions we used before.
  • Easy to set-up the agent in cloud workloads.
  • Easy integration with ticketing and messaging tools.
  • Detailed visibility of all our container workloads across multiple accounts.
  • Not all runtime behaviour alerts offer enough data to decide whether or not something is malicious. Having even more data (e.g., what process is doing a specific action) would help.
  • Intrusion Detection System.
  • Integrations.
  • Actionable alerts.
  • Our previous open-source IDS resulted in thousands of alerts that weren't actionable. As Lacework only alerts when it detects anomalous behavior, the amount of alerts is lower, and the probability is higher that something malicious is happening.
Compared to Sysdig Falco (the free open-source IDS), Lacework helps security teams by providing actionable alerts and a user-friendly interface that gives you an overview of all workloads being monitored, and detailed insights into these workloads if needed. Falco requires you to build your own integration and interface around it, including a mechanism to whitelist certain alerts. This made it harder for the security team to focus their time on potential intrusions.

Do you think Lacework delivers good value for the price?

Not sure

Are you happy with Lacework's feature set?


Did Lacework live up to sales and marketing promises?


Did implementation of Lacework go as expected?


Would you buy Lacework again?


Lacework is working great when you have multiple workloads running on different cloud environments, especially because deploying the agent is very easy. The Lacework interface then gives a great overview of all workloads being monitored and will create automated alerts when it detects anomalous behaviour. The integrations with ticketing and messaging then allow you to make these alerts actionable.