More Related Content Similar to Lacework AWS Security Week Presentation (20) Lacework AWS Security Week Presentation2. ©2018 Lacework, Inc. Confidential and Proprietary. 2
Lacework Polygraph
Threat Intelligence
and Reputation
Alerting
SIEM
SOC
InvestigationCompliance DetectionVisibility
Enforcement via APIs
Cloud
Infrastructure
Workloads Accounts
VMs ContainersFilesApps Insiders Config Logs
Use cases
Security Platform for the Cloud
3. ©2018 Lacework, Inc. Confidential and Proprietary.
Get started by simply configuring your AWS
CloudTrail and AWS Config Accounts. Then
deploy our agent. We support all modern
deployment methods: Kubernetes, Docker,
Puppet/Chef, etc…
Capture Relevant Activity
Ingested data is used to build relationships
between key activities: CloudTrail data,
API user and account behavior, machines,
containers, applications, processes and
network behaviors.
Build Relationships
Security for your Public Cloud
Data Analysis at Scale
4. ©2018 Lacework, Inc. Confidential and Proprietary.
Ingested data (not samples) runs through
detection algorithms to detect known
threats. Are you failing compliance? Do you
have high risk configuration changes? Have
you been breached? Is data being actively ex-
filtrated to known bad sites, are brute-force
password attacks occurring?
Identify Known Threats
Once a baseline of known behaviors for your
cloud is established, we detect outliers and
potential security threats automatically. Our
”Polygraph” then provides real-time insights
into unknown attacks.
Identify Unknown Risks & Threats
5. ©2018 Lacework, Inc. Confidential and Proprietary.
Upon discovering known or unknown
attacks, alerts are created with context
and supporting evidence combined with
severity levels.
Deliver Alerts / Insights
Upon discovering known or unknown
attacks alerts are created with context
and supporting evidence combined with
severity levels.
Integrated Workflow
6. ©2018 Lacework, Inc. Confidential and Proprietary.
Our core value proposition: auditing of your
public cloud configuration for compliance, threat
prevention, log correlation, and storage in a sub-
second query interface to all the data.
Compliance, Intrusion Prevention,
Container Security, & Analytics
Editor's Notes Lacework becomes the brain of your cloud security – components.
We have the ability to operate better than any other solutions because of the visibility we have in the cloud. The cloud operating model is fundamentally different – to show this I used a slide from Amazon illustrating the shared responsibility model