Lacework Extends CNAPP Capabilities with Attack Path Analysis and Agentless Workload Scanning
November 2022 by Marc Jacob
Lacework® announced new cloud-native application protection platform (CNAPP) capabilities for the Polygraph® Data Platform that provide improved attack path analysis and agentless workload scanning for secrets and vulnerabilities. These capabilities provide better visibility into today’s increasingly complex security environment, enabling organizations to instantly understand what matters so they can triage and respond faster.
According to the latest Lacework Cloud Threat Report, attackers are rapidly increasing in sophistication, with a particular focus on infrastructure. Attackers constantly seek paths of least resistance to compromise a system, hiding in the complexity of seemingly disparate risks and exploiting them whenever possible. Despite cloud adoption becoming nearly ubiquitous across industries, many enterprises still lack the visibility needed to truly manage and understand these sophisticated vulnerabilities present or emerging in their own cloud environments. Even most modern security solutions fall short here, relying on rules-based approaches that don’t account for the dynamic uniqueness of each organization’s cloud environment.
In response to these challenges, Lacework has introduced attack path analysis, which combines a visual representation of potential attack paths with deep runtime insight from the Polygraph Data Platform. These visual attack paths tie together different attack vectors, including vulnerabilities, misconfigurations, network reachability, secrets, and identity and access management (IAM) roles for every host in the environment. This is provided as an additional layer of context for every alert to clearly show which assets could be attacked and why. As cloud threats continue to grow in volume and sophistication, this critical context enables security teams to identify and prioritize remediation based on risk and actively watch for exploits before they become a problem, all from a single platform.
With the addition of agentless workload scanning, customers benefit from more flexibility to build layered security, broader coverage across environments, and faster time to value through vulnerability and secrets discovery in runtime environments without the use of agents. Customers can now assess vulnerabilities and exposed secrets in container images, hosts, and language libraries and deliver a software bill of materials for their runtime environment. This enables:
A better understanding of the cloud environment and potential risks with an up-to-date inventory of software components and information about vulnerabilities and exposed secrets in the production environment
The ability to scan more resources without an agent for more complete coverage of the runtime environment and to stay compliant with security standards and business needs
More flexibility and choice to build layered security with continuous monitoring
Lacework is the only security platform that combines the ability to see potential risks from the lens of an attacker with the knowledge of what’s actively happening to uncover attacks without needing to write a single rule. This enables customers to prioritize mitigating the most impactful attack vectors and automatically detect if or when they are exploited.
Attack path analysis and agentless vulnerability scanning are now generally available to Lacework customers. Visit our website to get started today.