UPDATED 11:00 EST / AUGUST 19 2020

SECURITY

Cloud security firm Lacework launches new continuous host vulnerability monitoring

Cloud cybersecurity firm Lacework Inc. today announced new continuous host vulnerability monitoring, preflight checks and continuous integration and deployment automation workflows to its security offering.

The new features will allow existing customers to accelerate threat investigation and remediation as well as easily prioritize response to the most critical and active security threats, the company said.

Offering active vulnerability detection for ephemeral containers and hosts at scale, Lacework said, the additional functions address the security challenges of protecting modern, ephemeral container and host architectures and workflows. The service is designed to consolidate multiple tools and significantly ease the process of fixing vulnerabilities before they go into production with preflight host vulnerability scans, active vulnerability identification and enhanced CI/CD or continuous integration/continuous deployment tooling for DevOps workflows.

“Incumbent security offerings focus on vulnerabilities, but they do not capture or decipher the breadth of data—at scale—required to know whether you are truly vulnerable or not,” said Lacework Chief Executive Dan Hubbard said in a statement. ”Efficacy is crucial because not all vulnerabilities render you vulnerable. For example, one of our customers believed they had 51,000 vulnerable hosts but were able to narrow that down to 78 active machine images with Lacework.”

Founded in 2015, Lacework offers a cloud-based cybersecurity service that’s designed to protect applications in the cloud, including serverless, containers and Kubernetes workloads. The company supports cloud instances on Amazon Web Services Inc., Microsoft Azure and the Google Cloud Platform.

In an interview with SiliconANGLE’s video studio theCUBE in November, Vikram Kapoor (pictured), co-founder and chief technology officer of Lacework, said that the company is focused on making sure that security isn’t compromised, with much-needed threat detection that leverages teamwork between developer operations and security teams.

“If you look at the cloud ecosystem and Kubernetes now with containers, it’s very clear that it requires a new way to look at security,” Kapoor explained. “All the traditional security tools for the data center were really based on network, and then as we moved to the cloud, it’s very hard to take a hardware box to the cloud — even with the virtual boxes, it’s really not that clean and a good architecture.”

Kapoor added that the company views this as a big-data problem. “You collect a lot of data — you process it, you analyze it, you get people to cover compliance and governance and breach protection automatically,” he said.

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU