CIO Influence
CIO Influence News Security

Lacework Unifies Entitlements Management and Threat Detection for Simplified Cloud Security

Lacework Unifies Entitlements Management and Threat Detection for Simplified Cloud Security

Lacework, the data-driven security platform, announced new CIEM functionality  that empowers teams to gain observability of all cloud identities, know precisely who can perform what actions, and easily identify which identities pose the greatest risk. Furthermore, Lacework’s actionable approach to CIEM provides customers with recommendations on how to reduce their identity risk. By combining these new capabilities with cloud security posture management, attack path analysis, and threat detection into a single platform, Lacework gives customers a clear understanding of their cloud identity landscape, visibility into cloud identity and access management (IAM) misconfigurations and exposed secrets, and continuous discovery of identity threats.

The benefits of public cloud come with complex challenges in managing identity risk. With over 35,000 granular permissions across hyperscale cloud providers, organizations struggle to limit unnecessary access. Most cloud users and instances are granted far more permissions than they actually need, leaving organizations highly exposed to cloud breach, account takeover, and data exfiltration. And the fact that machine identities in the cloud typically outnumber humans by an order of magnitude intensifies the issue.

CIO INFLUENCE: CSI Adds IT Governance to Advisory Services Offering as Cybersecurity, Regulatory Landscapes Grow in Complexity

“Enforcing least privilege and having visibility of identities and entitlements is a top cloud security challenge for IDC clients. With this innovation from Lacework, security teams can automatically see which identities are overly-permissive, and zero in on the ones that pose the greatest risk,” said Philip Bues, Research Manager for Cloud Security, at IDC. “Beyond prioritizing risks, this will also allow teams to confidently suggest policy changes and reduce their overall attack surface risk.”

Preventing Cloud Identity Risk with New Entitlement Management Technology

Lacework dynamically discovers cloud user, resource, group and role identities and their net-effective permissions and then automatically correlates granted versus used permissions to determine identities with excessive privileges. The platform calculates a risk score for each identity, determines the riskiest identities based on attack path analysis, and auto-generates high-confidence recommendations for right-sizing permissions based on historical observations. This means Lacework not only informs customers of risky identities and entitlements, but also shows those identities that are hardly used or even need entitlements to begin with.

CIO INFLUENCE: SEEQC Unveils Italy’s First Quantum Computing System

“CIEM is a vital facet of a comprehensive cloud security strategy,” said Paolo del Mundo, Director of Application Security, The Motley Fool. “It’s encouraging to see Lacework incorporating this into their well-rounded CNAPP solution, potentially providing a robust response to the challenge of managing cloud access permissions effectively.”

Combined with Lacework’s ability to prioritize risks from an attack path context, as well as detect user and entity behavior anomalies, customers are able to:

  • Continuously comply with IAM security and regulatory compliance requirements.
  • Identify cloud user, application and service identities, know exactly what actions each can take, and prioritize the identities that pose the greatest risk.
  • Limit the blast radius of compromised cloud accounts, achieve least privilege, and establish trust with engineering teams.
  • Continuously discover risky behavior, including lateral movement and privilege escalation, without needing to write rules or stitching together disparate alerts.
  • Rapidly detect insider threats associated with malicious or accidental abuse of permissions.

“Our customers need to know what entities are actually doing in their cloud and whether it’s malicious or inappropriate, and it can’t get in the way of their ability to move fast,” said Adam Leftik, Vice President, Product, Lacework. “Now Lacework customers can address both sides of the identity security issue with a single platform that prevents identity risk exposure and detects identity threats at scale, with the context to quickly investigate, prioritize, and respond to identity alerts. It’s the latest step in our mission to give enterprises the confidence to rapidly innovate in the cloud and drive their business forward.”

CIO INFLUENCE: HP Chooses RISE with SAP to Help Drive Digital Transformation, Optimization and Efficiency

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

CompTIA ISAO Adds Real-time Cybersecurity Threat Analysis and Intelligence Resources from Sophos

CIO Influence News Desk

Hakkōda Brings Cloud Innovation to the Public Sector

PR Newswire

Ceragon Provides Hometown Internet with End-to-End Fixed Wireless Network Under a Long-Term, Managed Services Contract

PR Newswire