Cloud cybersecurity firm Lacework Inc. today announced new continuous host vulnerability monitoring, preflight checks and continuous integration and deployment automation workflows to its security offering.

The new features will allow existing customers to accelerate threat investigation and remediation as well as easily prioritize response to the most critical and active security threats, the company said.

Offering active vulnerability detection for ephemeral containers and hosts at scale, Lacework said, the additional functions address the security challenges of protecting modern, ephemeral container and host architectures and workflows. The service is designed to consolidate multiple tools and significantly ease the process of fixing vulnerabilities before they go into production with preflight host vulnerability scans, active vulnerability identification and enhanced CI/CD or continuous integration/continuous deployment tooling for DevOps workflows.

“Incumbent security offerings focus on vulnerabilities, but they do not capture or decipher the breadth of data—at scale—required to know whether you are truly vulnerable or not,” said Lacework Chief Executive Dan Hubbard said in a statement. ”Efficacy is crucial because not all vulnerabilities render you vulnerable. For example, one of our customers believed they had 51,000 vulnerable hosts but were able to narrow that down to 78 active machine images with Lacework.”

Founded in 2015, Lacework offers a cloud-based cybersecurity service that’s designed to protect applications in the cloud, including serverless, containers and Kubernetes workloads. The company supports cloud instances on Amazon Web Services Inc., Microsoft Azure and the Google Cloud Platform.

In an interview with SiliconANGLE’s video studio theCUBE in November, Vikram Kapoor (pictured), co-founder and chief technology officer of Lacework, said that the company is focused on making sure that security isn’t compromised, with much-needed threat detection that leverages teamwork between developer operations and security teams.

“If you look at the cloud ecosystem and Kubernetes now with containers, it’s very clear that it requires a new way to look at security,” Kapoor explained. “All the traditional security tools for the data center were really based on network, and then as we moved to the cloud, it’s very hard to take a hardware box to the cloud — even with the virtual boxes, it’s really not that clean and a good architecture.”

Kapoor added that the company views this as a big-data problem. “You collect a lot of data — you process it, you analyze it, you get people to cover compliance and governance and breach protection automatically,” he said.

Photo: SiliconANGLE