Venture funded Lacework Inc. emerged from stealth mode in 2017 with the industry’s first zero-touch cloud workload security platform. As it has grown adoption of its services in companies large and small, Lacework has seen many of its customers struggle with the challenge of melding sound security practices within a fast-moving DevOps culture.

“Every company that they’re buying is cloud-born, they’re moving at a very quick rate, and they’re leaving security behind,” said Dan Hubbard (pictured), chief executive officer of Lacework Inc. “Development groups and applications are moving to the cloud at a very rapid rate. Security people need to get involved with developers to figure out how they can coexist in an environment that allows them to deliver both security and speed.”

Hubbard spoke with Peter Burris (@plburris), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, in Palo Alto, California. They discussed the importance of integrating security into modern DevOps services and the challenge facing large traditional companies that have cloud-first mandates (see the full interview with transcript here). (* Disclosure below.)

Integrated support

Lacework focuses on cloud infrastructure and provides a software-as-a-service platform that monitors operational data from applications for signs of security trouble. The company’s approach is not to surround enterprise applications and development activity, but to become an integral part of the DevOps infrastructure and monitor potential threats.

“Our service integrates directly into Jira and PagerDuty and Slack, real modern ways that DevOps work,” Hubbard said. “Security needs to be a service that isn’t surrounding, it’s actually integrated directly. It’s got to be really baked into the solution.”

Lacework works with a number of large Fortune 50 companies that have embarked on an organization-wide “cloud first” mandate, even though there remain legacy systems and traditional applications not built for cloud operating environments.

“This means that everything new has to be cloud native and it has to be delivered as a service,” Hubbard said. “What we’re seeing in a lot of companies is a shift over to security as a governance and tooling organization with security engineering, which is baked within DevOps teams. Down the road, as people deploy things like Kubernetes and services that are built a little bit better with resiliency into them, it’s going to be a more secure place.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s CUBE Conversations. (* Disclosure: Lacework Inc. sponsored this segment of theCUBE. Neither Lacework nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE