Lacework, the data-driven security platform, today announced new CIEM functionality that empowers teams to gain observability of all cloud identities, know precisely who can perform what actions, and easily identify which identities pose the greatest risk. Furthermore, Lacework's actionable approach to CIEM provides customers with recommendations on how to reduce their identity risk. By combining these new capabilities with cloud security posture management, attack path analysis, and threat detection into a single platform, Lacework gives customers a clear understanding of their cloud identity landscape, visibility into cloud identity and access management (IAM) misconfigurations and exposed secrets, and continuous discovery of identity threats.
The benefits of public cloud come with complex challenges in managing identity risk. With over 35,000 granular permissions across hyperscale cloud providers, organizations struggle to limit unnecessary access. Most cloud users and instances are granted far more permissions than they actually need, leaving organizations highly exposed to cloud breach, account takeover, and data exfiltration. And the fact that machine identities in the cloud typically outnumber humans by an order of magnitude intensifies the issue.
"Enforcing least privilege and having visibility of identities and entitlements is a top cloud security challenge for IDC clients. With this innovation from Lacework, security teams can automatically see which identities are overly-permissive, and zero in on the ones that pose the greatest risk," said Philip Bues, Research Manager for Cloud Security, at IDC. "Beyond prioritizing risks, this will also allow teams to confidently suggest policy changes and reduce their overall attack surface risk."
Preventing Cloud Identity Risk with New Entitlement Management Technology
Lacework dynamically discovers cloud user, resource, group and role identities and their net-effective permissions and then automatically correlates granted versus used permissions to determine identities with excessive privileges. The platform calculates a risk score for each identity, determines the riskiest identities based on attack path analysis, and auto-generates high-confidence recommendations for right-sizing permissions based on historical observations. This means Lacework not only informs customers of risky identities and entitlements, but also shows those identities that are hardly used or even need entitlements to begin with.
"CIEM is a vital facet of a comprehensive cloud security strategy," said Paolo del Mundo, Director of Application Security, The Motley Fool. "It's encouraging to see Lacework incorporating this into their well-rounded CNAPP solution, potentially providing a robust response to the challenge of managing cloud access permissions effectively."
Combined with Lacework's ability to prioritize risks from an attack path context, as well as detect user and entity behavior anomalies, customers are able to:
Continuously comply with IAM security and regulatory compliance requirements.
Identify cloud user, application and service identities, know exactly what actions each can take, and prioritize the identities that pose the greatest risk.
Limit the blast radius of compromised cloud accounts, achieve least privilege, and establish trust with engineering teams.
Continuously discover risky behavior, including lateral movement and privilege escalation, without needing to write rules or stitching together disparate alerts.
Rapidly detect insider threats associated with malicious or accidental abuse of permissions.
"Our customers need to know what entities are actually doing in their cloud and whether it's malicious or inappropriate, and it can't get in the way of their ability to move fast," said Adam Leftik, Vice President, Product, Lacework. "Now Lacework customers can address both sides of the identity security issue with a single platform that prevents identity risk exposure and detects identity threats at scale, with the context to quickly investigate, prioritize, and respond to identity alerts. It's the latest step in our mission to give enterprises the confidence to rapidly innovate in the cloud and drive their business forward."
Lacework offers the data-driven security platform for the cloud and is the leading cloud-native application protection platform (CNAPP) solution. Only Lacework can collect, analyze, and accurately correlate data — without requiring manually written rules — across an organization's AWS, Azure, Google Cloud, and Kubernetes environments, and narrow it down to the handful of security events that matter. Security and DevOps teams around the world trust Lacework to secure cloud-native applications across the full lifecycle from code to cloud. Get started at www.lacework.com.