Lacework, the data-driven security platform, has announced new CIEM functionality to address the complex and growing challenges in managing identity threats and unnecessary risks within public cloud environments. 

With over 35,000 granular permissions across hyperscale cloud providers, organisations can struggle to maintain an overview and manage access and identities securely.

Most cloud users and instances are granted far more permissions than they require, exposing unnecessary vulnerabilities to cloud breaches, account takeover, and data exfiltration. This issue is then intensified by machine identities in the cloud, which typically outnumber humans by an order of magnitude.

New CIEM capabilities

Lacework delivers real-time monitoring of all cloud identities across complex multi-cloud environments

Lacework’s new CIEM capabilities extend the company’s broad identity security offerings with powerful new automation that calculates risks and prioritises action for security teams. Lacework delivers real-time monitoring of all cloud identities across complex multi-cloud environments.

This has been combined with its sophisticated system and behavioural analysis to identify exposed secrets, IAM misconfiguration, and over-provisioning of permissions, and to prioritise any necessary action according to risk.

Simplifying cloud identity security

These new capabilities augment Lacework’s existing anomaly detection technology that actively monitors human and non-human activity to detect behaviour that may be a sign of an attack in progress.

Unifying these capabilities at scale bridges the gap between IAM and SecOps teams to simplify cloud identity security.

Our customers need to know what entities are doing in their cloud and whether it’s malicious or inappropriate, and it can’t get in the way of their ability to move fast,” said Adam Leftik, Vice President, of Product, Lacework. 

Identifying risk via a single platform

Customers can address both sides of the identity security issue with the context to investigate, prioritise, and respond 

Adam Leftik adds, “Now Lacework customers can address both sides of the identity security issue with a single platform that prevents identity risk exposure and detects identity threats at scale, with the context to quickly investigate, prioritise, and respond to identity alerts."

He continues, "It’s the latest step in our mission to give enterprises the confidence to rapidly innovate in the cloud and drive their business forward.”

New entitlement management technology

Lacework dynamically discovers all cloud user, resource, group, and role identities and their net-effective permissions, and automatically correlates granted versus used permissions to determine identities with excessive privileges.

The platform calculates a risk score for each identity, determines the riskiest identities based on attack path analysis, and auto-generates high-confidence recommendations for right-sizing permissions based on historical observations.

Customer benefits 

Combined with Lacework’s ability to prioritise risks from an attack path context, as well as detect user and entity behaviour anomalies, customers can:

  • Continuously comply with IAM security and regulatory compliance requirements.
  • Identify all cloud user, application, and service identities, know exactly what actions each can take, and prioritise the identities that pose the greatest risk.
  • Limit the blast radius of compromised cloud accounts, achieve the least privilege, and establish trust with engineering teams.
  • Continuously discover risky behaviour, including lateral movement and privilege escalation, without writing rules or stitching together disparate alerts.
  • Rapidly detect insider threats associated with malicious or accidental abuse of permissions.

Easy risk detection

Enforcing least privilege and having visibility of identities and entitlements is a top cloud security challenge for IDC clients. With this innovation from Lacework, security teams can automatically see which identities are overly-permissive, and zero in on the ones that pose the greatest risk,” said Philip Bues, Research Manager for Cloud Security, at IDC.

He adds, “Beyond prioritising risks, this will also allow teams to confidently suggest policy changes and reduce their overall attack surface risk.”

Download PDF version Download PDF version

In case you missed it

How can the industry do a better job of promoting emerging technologies in physical security environments?
How can the industry do a better job of promoting emerging technologies in physical security environments?

By all accounts, technology development is moving at a rapid pace in today's markets, including the physical security industry. However, market uptake of the newest technologies ma...

Dahua & KITT Engineering's LED screen innovations
Dahua & KITT Engineering's LED screen innovations

About a year and a half ago, Peter de Jong introduced Dahua to Fred Koks, General Manager of KITT Engineering. Since then, Dahua, KITT Engineering, and Ocean Outdoor have complete...

Protect assets with BCD's hybrid cloud NVR solutions
Protect assets with BCD's hybrid cloud NVR solutions

Like any retail franchise, car dealerships that have multiple locations nationwide require comprehensive, reliable, and scalable video surveillance solutions to protect their busin...

Quick poll
What is the most significant challenge facing smart building security today?