Headlined by continuous threat exposure
management, the capabilities give customers access to continuously
updated resource configuration data
MOUNTAIN
VIEW, Calif., June 11,
2024 /PRNewswire/ -- Lacework, the data-driven
security company, today announced a range of visibility updates to
its platform headlined by Continuous Threat Exposure Management
(CTEM). The company unveiled its newest features at AWS re:Inforce,
further cementing its role as a pioneer in CTEM and next-generation
code security. These advancements provide customers with continuous
visibility, real-time threat detection, and streamlined
vulnerability management for cloud-native applications.
Continuous Threat Exposure Management (CTEM)
The
Lacework platform's CTEM functionality offers continuous visibility
into cloud resources, delivering event-driven architecture. This
cutting-edge technology allows security teams to detect and manage
risks in real time, reducing the mean time to remediate and
enhancing overall security posture.
Empowering teams to innovate safely
with CTEM
"When it comes to cloud security, our vision
centers around platform–not point–solutions. Lacework is committed
to empowering organizations to innovate rapidly while maintaining
the highest standards of security," said Adam Leftik, Lacework Vice President of
Product. "Our CTEM and enhanced code security features are
designed to complement each other and provide a holistic view of
security threats, enabling teams to respond with speed and
precision."
Enhanced Code Security Features
The updated Lacework
Code Security solution includes several innovative features
designed to ensure comprehensive security throughout the
application lifecycle:
- Smart Fix: Integrated with the Software Composition
Analysis (SCA) tools from Lacework, Smart Fix for third-party
software streamlines remediation by automatically determining the
optimal upgrade path for vulnerable dependencies at the package
level. This dramatically reduces the workload for developers and
enhances the security of cloud applications.
- Secrets detection + static application security testing
(SAST): Beyond SCA, new tools from Lacework now offer powerful
detection capabilities that safeguard against potential breaches
and leaks. SAST provides longer, more detailed code analysis by
scanning compiled code for targeted application weakness
exploitability as well as tracing the full path of untrusted data
across call chains and control paths. From there, SAST customizes
rules to meet specific codebase needs. Secrets detection, another
new feature from Lacework, scans all text files (i.e. source code)
in repositories to identify known patterns for dozens of different
secrets types.
The Technical Alliance Program
To be the best
cloud security platform, integration with a business's cloud
ecosystem is essential. For instance, the Lacework platform's
continuous visibility functionality is possible through its Amazon
Web Services (AWS) integrations (specifically AWS Cloudtrail). The
integrations enrich downstream security tooling with actionable
insights to improve incident response, integrate with DevOps tools
to embed security in the SDLC, and provide custom security
analytics, reporting, and data routing. This enables developers
– like those at Buildkite – to build with security in mind and
safely innovate. For these reasons, Lacework is launching its
Technical Alliance Program to enable companies to build, certify,
and co-sell integrations for the Lacework platform. Interested
partners can send an email to alliances-partnership@lacework.net or
reach out to their account manager to register.
A platform solution for today's threats
The integrated
platform offered by Lacework not only identifies and prioritizes
vulnerabilities, but also provides evolving insight into threat
detection, an approach that is crucial for development and security
teams. These new visibility enhancements allow Lacework customers
to benefit from deeper insights into threat potential, enabling
them to prioritize vulnerabilities more intelligently based on
actual runtime exposure data. The unified platform approach
ultimately allows for a more effective allocation of resources and
faster resolution of potential threats, ensuring that applications
are both secure and compliant with industry standards.
Further resources
Read more about Lacework CTEM
Read more about Lacework Code Security
Read more about SCA
Learn more about Lacework SAST
Become a Lacework partner
About Lacework
Lacework keeps organizations secure in the cloud, allowing them
to innovate faster with confidence. Cloud security requires a
fundamentally new approach and the Lacework platform is designed to
scale with the volume, variety, and velocity of cloud data across
an organization's cloud environment: code, identities, containers,
and multi-cloud infrastructure. Only Lacework provides Security and
Development teams with a correlated and prioritized end-to-end view
that pinpoints the largest risks and handful of security events
that matter most. Learn more at www.lacework.com.
CONTACT: press@lacework.net
View original content to download
multimedia:https://www.prnewswire.com/news-releases/lacework-announces-continuous-visibility-capabilities-to-give-businesses-real-time-insight-into-resource-inventory-302169552.html
SOURCE Lacework