Lacework Stiffens Cloud Security Posture Management
Lacework has added additional cloud security posture management (CSPM) capabilities to its platform to make it possible to create fine-grained custom policies using the Lacework query language (LQL) to ensure configurations align with organizations’ specific requirements.
In addition, the company has added support for the Center of Internet Security (CIS) benchmarks along with hundreds of other additional controls written by the Lacework Labs team.
Finally, Lacework has also added the ability to build custom reports that span multiple cloud accounts.
Kate MacLean, senior director of product marketing for Lacework, said the Lacework CSPM offering is designed to make it simpler to identify misconfigurations of cloud services. Initially available for workloads deployed on Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP), MacLean said the Lacework platform is unique in that it is designed from the ground up to support multiple cloud computing platforms.
LQL makes it possible to create, for example, a policy for a publicly accessible storage bucket or database by first defining what conditions and behaviors are allowed. Cybersecurity teams can set status alerts for specific cloud configurations and receive an alert each time a resource fails to comply with a specific policy. That approach allows cybersecurity teams to take advantage of LQL to define a set of granular policies for the multiple cloud platforms, each of which have unique sets of resources that need to be secured, noted MacLean.
As more workloads are deployed across multiple clouds, Lacework is making a case for a centralized approach that ultimately helps lower the total cost of security because it eliminates the need to deploy and master separate security frameworks for each cloud, said MacLean.
Most organizations today are deploying workloads on multiple clouds. However, most cybersecurity teams are still playing catch-up in their ability to make those workloads as secure as those running in on-premises IT environments. At the heart of all this cloud insecurity is how cloud infrastructure is provisioned. Developers with little to no cybersecurity expertise typically provision cloud resources and then deploy applications. That makes it almost certain mistakes will be made.
In contrast, most deployments of applications in on-premises IT environments are handled by a centralized team that typically reviews settings for misconfigurations. Many organizations that deploy applications in the cloud have not yet been able to define and maintain a similar set of best practices. The truth is, in their rush to meet application deployment deadlines, many developers skip (or at least minimize) the amount of time that should be devoted to ensuring cloud security. Cybersecurity teams are then asked to discover all the potential misconfigurations that those developers might have inadvertently created. The challenge, of course, is that many of them still lack the tools required to achieve that goal.
One way or another, cloud security issues will come to a head in the coming year. The only thing left to determine is how much of the effort to secure those workloads will be proactive versus reacting after the fact to an inevitable breach.
