Lacework this week revealed it has acquired Soluble, a provider of a platform for remediating code that was created to provision infrastructure.
At the same time, Lacework has added an inline vulnerability scanner to its namesake platform that makes it possible to identify vulnerable container images and update them before they are deployed. Designed to be integrated with continuous integration platforms like Jenkins, the inline vulnerability scanner makes it possible for developers to discover and address issues before they are discovered by cybersecurity teams in a production environment.
As part of an ongoing effort to secure cloud-native application environments, Lacework is also adding an admission controller for Kubernetes that will automatically block container images from being deployed in a production environment if they fail to meet security standards.
The company also revealed its tools can now also take advantage of extended Berkeley packet filter (eBPF) technology in the Linux kernel that enables security and networking tools to capture and analyze larger volumes of data.
Finally, Lacework has also added risk-based scoring tools to help cybersecurity teams better prioritize vulnerability remediation efforts.
DevOps teams today use a range of infrastructure-as-code (IaC) tools to provision cloud infrastructure. The challenge is that few developers have extensive cybersecurity expertise, so many cloud services are rife with misconfigurations that cybercriminals now routinely discover using scanning tools. Soluble employs static code analysis alongside inspection tools to assess risk, impact, cost and policy deviations to enable IT teams to detect and fix misconfigurations created by developers using tools such as Terraform and CloudFormation, or platforms such as Kubernetes that can be programmatically configured by developers.
James Brown, senior director of product at Lacework, said as the volume of applications deployed on the cloud continues to increase, cybersecurity teams are finding it challenging to keep pace. The Lacework platform is being updated to prevent mistakes from occurring in what has become a highly dynamic application environment—traditional monolithic applications running alongside emerging cloud-native applications that are being updated more frequently.
At the core of the Lacework platform is Polygraph, a self-learning engine that identifies optimal configurations for cloud environments and then uses that information to identify any behavioral anomalies. That capability is required because IT has reached a level of complexity that is beyond the ability of any team to manage without the aid of some form of artificial intelligence (AI), Brown noted. At the end of the day, cybersecurity is really a big data issue that platforms such as Lacework have been purpose-built to address, said Brown.
In general, Brown said cybersecurity teams are still primarily responsible for cloud security. However, as cloud security becomes more of a shared responsibility with development teams—thanks, in part, to the rise of DevSecOps best practices—organizations will require cybersecurity platforms that enable policies to be enforced regardless of what type of application is deployed. Responsibility for security is shifting further left, but Brown said workflows across both groups will eventually become more intertwined.