Lacework scales up automated security across cloud workloads and containers
The rise in cloud adoption and the modernization of business IT infrastructure have increased the attack surface that cybercriminals can gain access to, and massive data breaches have become regular news.
Because the rule-based mechanisms that purported to identify and deter bad guys were not designed to monitor such dispersed hybrid environments, Lacework Inc. decided to develop an end-to-end security automation with a comprehensive view of risks across cloud workloads and containers. The idea is to enable enterprises to safely innovate in the cloud at the speed of DevOps, according to Adam Leftik (pictured, left), vice president of product at Lacework.
“Customers are aggressively moving more and more of their applications to the cloud, but they’re doing so with the same number of resources to secure that environment,” he said. “Lacework is designed to enable those builders to go faster without worrying about all the different intricacies and threats that they face out there on the internet.”
Lacework is helping organizations, including LendingTree Inc., automate security and compliance.
Leftik and Arun Sankaran (pictured, right), chief information security officer of LendingTree, spoke with Natalie Erlich, host of theCUBE, SiliconANGLE Media’s livestreaming studio, during the AWS Startup Showcase: The Next Big Things in AI, Security & Life Sciences. They discussed the key features of the Lacework security platform, how this solution is adopted by organizations like LendingTree and Lacework’s expectations for growth. (* Disclosure below.)
Leveraging security as a data problem
The rules-based model built in the past to protect systems against cyberattacks led IT teams to write a series of impossible-to-maintain rules that have atrophied over time and did not cover all the nefarious actors, according to for Leftik.
“So, one of the things that Lacework did from the very beginning was take a very different approach, which is leveraging security as a data problem,” he said. “And the way we do this is through what we refer to as our polygraph.”
A polygraph essentially analyzes all the exhaust telemetry that Lacework can ingest from cloud accounts and the underlying infrastructure and then creates a behavioral baseline of how the application should behave when it is normal. The company then leverages modern data science techniques to build machine learning models that can identify potential threats without requiring its users to write rules and, ultimately, play catch-up with all the different threats that they face.
“This is a really, really powerful capability because it allows our customers both to identify misconfigurations and remediate them, monitor all the activity to reduce the overall overhead on their security organization, and, of course, help them build faster and identify threats as they come into the system,” Leftik stated.
Lacework’s strategy is to serve DevOps teams and security teams wherever they are. In this way, all the information that the company captures, synthesizes and produces through its automation ultimately feeds into the different channels that users are leveraging – either through their ChatOps windows or their CICD pipeline.
“We give broad coverage both at build time as well as runtime and give them full visibility and insights and the ability to remediate those quickly,” Leftik explained.
Platform allows LendingTree to reduce alert noise
Lacework solutions have helped the online lending marketplace LendingTree to have a secure platform for lending operations. The business’s environment allows potential borrowers to connect with multiple loan operators to find optimal terms for loans, credit cards, deposit accounts, insurance, etc. The borrowers can shop and compare competitive rates and terms across an array of financial products.
“My primary responsibility is security,” Sankaran said. “But, frankly, there’s a lot of DevOps and tech use cases within the polygraph visualization tool, and understanding our environment and troubleshooting has frankly saved us quite a bit of time.”
In a 24-hour period, the LendingTree platform generates between 300 million and 400 million events, making it a very noisy environment. With Lacework, that number has been reduced to about 100 alerts per day, with five being critical and tending to be very actionable.
“From an alert fatigue perspective, we really rely on this to give us actionable data, actionable alerts that teams can really focus on and reduces that noise,” Sankaran said.
Another benefit was a 50% to 60% reduction in triage and response time for alerts. “There’s not a whole lot of active rules that we had to create or configuration that we had to do,” Sankaran added. “It’s kind of a learning system.”
LendingTree’s decision to adopt Lacework solutions resulted from the need for robust threat monitoring and detection capabilities in containerized environments. The business is a combination of multiple container technologies and multiple cloud platforms, and it needed something that had the greatest diversity of coverage across all environments.
“This was really the only solution that would work for us,” Sankaran said.
Another fundamental point for its decision was the possibility to scale cost-effectively. “In today’s world, it’s very important that we’re able to scale our capability 2-3x without a corresponding 2-3x in staff and resources,” Sankaran stated. “I think this is the kind of tool that’s going to help us get there.”
Massive revenue growth is likely to continue
After a strong increase in revenue last year following the digital transformation of businesses during the pandemic, Lacework will continue to experience massive growth, according to Leftik.
“As customers are moving into the cloud, they’re looking for tools to help them build a secure footprint but also enable them to go faster,” he said.
In January, Lacework announced a $525 million growth round with a valuation of $1 billion. Led by Sutter Hill and Altimeter Capital, and joined by D1 Capital Partners, Coatue, Dragoneer Investment Group, Liberty Global Ventures, Snowflake Ventures and Tiger Global Management, the round reflected Lacework’s accelerated adoption among digital businesses building on Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) and Kubernetes.
The investment round will be used to accelerate the strategies that drove Lacework’s 300%+ revenue growth in 2020, expand its go-to-market and partner ecosystem operations, and grow its engineering and R&D teams across the U.S. and Europe.
“IPO is just a point in time as opposed to it’s part of the journey. Lacework’s continuing to invest and really focus on fundamentally changing the security landscape,” Leftik concluded.
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the AWS Startup Showcase: The Next Big Things in AI, Security & Life Sciences. (* Disclosure: Lacework Inc. sponsored this segment of theCUBE. Neither Lacework nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU