Cloudflare vs Lacework comparison

Cloudflare
Read 57 Cloudflare reviews
  • 655 Views
  • 567 Comparison Views
96% willing to recommend
Lacework
Read 9 Lacework reviews
  • 3,766 Views
  • 2,528 Comparison Views
90% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jun 21, 2023

We performed a comparison between Cloudflare and Lacework based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Features: Cloudflare offers features such as load balancing, and DDoS protection, while Lacework focuses on ease of use, machine learning anomaly detection, compliance reports, and agent-based vulnerability management. Cloudflare could enhance their reporting and support response time, and they require more servers for better traffic routing. On the other hand, Lacework needs to improve their visibility, data governance, and IAM security management controls. Lacework also lacks remediation features and needs to pursue a FedRAMP moderate authorization.

  • Service and Support: The reviews for Cloudflare were mixed, with some customers praising their technical support team, while others criticized their response times. On the other hand, Lacework received highly positive reviews for their customer service. Customers appreciated their proactive and responsive approach, as well as the good feedback and advice they offered.

  • Ease of Deployment: Cloudflare offers a quick and easy setup with instructions provided, while Lacework can take a few weeks or a mere 15 minutes with Terraform scripts.

  • Pricing: When considering setup costs between Cloudflare and Lacework, Cloudflare is more cost-effective with a custom pricing model for enterprise customers based on usage. Lacework has a higher licensing fee per year.

  • ROI: Cloudflare is praised for being cost-effective and preventing costly downtime, making it a valuable investment. On the other hand, Lacework reduces monitoring time and eliminates the need for a dedicated security team, but some users do not see a return on investment.

Comparison Results: Cloudflare is the preferred option over Lacework due to its comprehensive features, including load balancing, and DDoS protection, as well as automatic SSL certificate protection. Although Lacework has machine learning anomaly detection and ease of use, it lacks visibility and data governance. 

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cloudflare vs. Lacework Report (Updated: May 2024).
Buyer's Guide
Cloudflare vs. Lacework
May 2024
Download the complete report
Helped 787,779 peers since 2012
 

Categories and Ranking

Cloudflare
Ranking in Cloud Security Posture Management (CSPM)
13th
Average Rating
8.4
Number of Reviews
57
Ranking in other categories
CDN (1st), Distributed Denial of Service (DDOS) Protection (1st)
Lacework
Ranking in Cloud Security Posture Management (CSPM)
10th
Average Rating
8.8
Number of Reviews
9
Ranking in other categories
Vulnerability Management (10th), Container Security (10th), Cloud Workload Protection Platforms (CWPP) (10th), Cloud-Native Application Protection Platforms (CNAPP) (10th), Compliance Management (6th)
 

Mindshare comparison

As of June 2024, in the Cloud Security Posture Management (CSPM) category, the mindshare of Cloudflare is 2.4%, up from 0.7% compared to the previous year. The mindshare of Lacework is 1.5%, down from 4.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM)
Unique Categories:
CDN
23.5%
Distributed Denial of Service (DDOS) Protection
15.5%
Vulnerability Management
1.8%
Container Security
2.0%
 

Featured Reviews

reviewer9207524 - PeerSpot reviewer
Oct 11, 2023
Secure, reliable, and performs well
We use the solution to personalize content and suggestions for cloud environment and database administration We're creating and editing a service connection to SaaS data or third-party REST endpoints, which has been an intrinsic process to moderate governance and network discovery.  There's also…
Read full review
Carlos Vitrano - PeerSpot reviewer
Aug 30, 2023
Provides quick visibility and significantly reduces alerts
Its integrations with third-party SIEMs can be better. That is one of the things that we discussed with them. We have integrations, for instance, with Splunk. The data that we are receiving in Splunk is huge, and it is valid because Lacework has a bunch of data that they can provide to you. However, to be able to import the data and create alerts, we needed to do some work, so integration is one of the things that they can improve. For container security, how they scan images and how they provide results is something that they need to continue improving in terms of visibility. We already have visibility to several artifacts, but they can take that to the next level and see what else they can do. There can be better integrations with CI/CD pipelines. There can be improvements in terms of how we can take action or how we can report from the number of inventories they are providing to us.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We're using dynamic components to build flexible pages to create and manage Git merge requests for code and reviews."
"The most valuable feature of Cloudflare is the GUI. You are able to control the solution very well through the interface. There is a lot of functionality that is embedded in the service."
"Cloudflare is a security SaaS provider that provides security and protects us from any application layer attack."
"The UI is good."
"Cloudflare has many features."
"The web application firewall brought us good security and a view of the accesses/blocks of the entire domain and subdomain that were accessed both by region (country) and IPs."
"Many websites require an SSL certificate because they sell stuff and want SSL. Cloudflare comes with an SSL certificate built in. It's automatic. You sign yourself up for Cloudflare, and an SSL certificate automatically protects your website. You don't necessarily need a certificate if you have a connection between your website and your host, the server, Cloudflare, and the host."
"The DDoS protection is the most valuable aspect of the solution."
More Cloudflare pros
"For the most part, out-of-the-box, it tells you right away about the things you need to work on. I like the fact that it prioritizes alerts based on severity, so that you can focus your efforts on anything that would be critical/high first, moderate second, and work your way down, trying to continue to improve your security posture."
"The best feature, in my opinion, is the ease of use."
"Lacework is helping a lot in reducing the noise of the alerts. Usually, whenever you have a tool in place, you have a lot of noise in terms of alerts, but the time for an engineer to look into those alerts is limited. Lacework is helping us to consolidate the information that we are getting from the agents and other sources. We are able to focus only on the things that matter, which is the most valuable thing for us. It saves time, and for investigations, we have the right context to take action."
"There are many valuable features that I use in my daily work. The first are alerts and the event dossier that it generates, based on the severity. That is very insightful and helps me to have a security cap in our infrastructure. The second thing I like is the agent-based vulnerability management, which is the most accurate information."
"The most valuable feature, from a compliance perspective, is the ability to use Lacework as a platform for multiple compliance standards. We have to meet multiple standards like PCI, SOC 2, CIS, and whatever else is out there. The ability to have reports generated, per security standard, is one of the best features for me."
"The most valuable aspects are identifying vulnerabilities—things that are out there that we aren't aware of—as well as finding what path of access attackers could use, and being able to see open SSL or S3 buckets and the like."
"The compliance reports are definitely most valuable because they save time and are accurate. So, instead of relying on a human going through and checking or providing me with a report, I could just log into Lacework and see for myself."
"Polygraph compliance is a valuable feature. In our perspective, it delivers significant benefits. The clarity it offers, along with the ability to identify and address misconfigurations, is invaluable. When such issues arise, we promptly acknowledge and take action, effectively collaborating with our teams and the responsible parties for those assets. This enables us to promptly manage problems as soon as they arise."
More Lacework pros
 

Cons

"I think the APIs are a little bit hard for us to work with. The APIs could be more open so that we could integrate better with our SolarWinds or our monitoring solution."
"Even if I wanted to, I wouldn't be able to buy Cloudflare in my country."
"We are a product integrator and reseller, and we would like to have a better partner relationship, similar to a channel sales relationship. Sometimes we are on our own or get diverted by Cloudflare because they have direct sales, which competes with us and makes it difficult to build a relationship with this company since we want to be an MSP or a managed service provider for the solution."
"The solution could work at being less expensive. It costs a lot to use it."
"Latencies are always a problem."
"If they improve on the placement of their data centers, it would be better. I'm living in a remote area. I would like to connect to them without any kind of lag."
"It would be beneficial for us if Cloudflare could offer a scrubbing solution. This would involve taking a snapshot of my website and keeping it live during a DDoS attack, ensuring uninterrupted service for our users. DDoS attacks are typically short in duration, and having Cloudflare maintain the site's availability from its secure network would enhance the overall user experience. I would appreciate it if Cloudflare could consider implementing this feature. Many organizations already utilize similar capabilities in their CDN platforms, where a static snapshot of the web page is displayed during DDoS attacks. In terms of features, Cloudflare needs to enhance its resilience and stay more focused on adopting new technologies. For instance, solutions like F5 XC Box, Access Solution, and Distributed Cloud Solution have impressive features, and Cloudflare should strive to match and exceed those capabilities. There's a need for improvement in areas like AI-based DDoS attacks and Layer 7 WAF features. Cloudflare should prioritize enhancements in areas such as behavioral DDoS and protection against SQL injection attacks, considering the prevalent trend of public exposure to the internet for business reasons. Overall, Cloudflare needs to invest more in advancing its feature set."
"For the free and Pro plans, Cloudflare could use a simple bot to provide information to users. This would improve support, especially for less advanced users who utilize the free components."
More Cloudflare cons
"Lacework lacks remediation features, but I believe they're working on that. They're focused on the reporting aspect, but other features need to improve. They're also adding some compliance features, so it's not worth saying they need to get better at it."
"The biggest thing I would like to see improved is for them to pursue and obtain a FedRAMP moderate authorization... I don't believe they have any immediate plans to get FedRAMP moderate authorized, which is a bit of a challenge for us because we can only use Lacework in our commercial environment."
"I would like to see a remote access assistance feature. And the threat-hunting platform could be better."
"Visibility is lacking, and both compliance-related metrics and IAM security control could be improved."
"A feature that I have requested from them is the ability to sort alerts and policies based on a security framework. Right now, when you go into alerts, you have hundreds and hundreds of them that you have to manually pick. It would be useful to have categories for CIS Benchmark or SOC 2 and be able to display all the alerts and policies for one security framework."
"The configuration and setup of alerts should be easier. They should make it easier to integrate with systems like Slack and Datadog. I didn't spend too much time on it, but to me, it wasn't as simple as the alerting that I've seen on other systems."
"There are a couple of the difficulties we encounter in the realm of cybersecurity, or security as a whole, that relate to potentially limited clarity. Having the capacity to perceive the configuration aspect and having the ability to contribute to it holds substantial advantages, in my view. It ranks high, primarily due to its role in guaranteeing compliance and the potential to uncover vulnerabilities, which could infiltrate the system and introduce potential risks. I had been exploring a specific feature that captured my interest. However, just yesterday, I participated in a product update session that announced the imminent arrival of this feature. The feature involves real-time alerting. This was something I had been anticipating, and it seems that this capability is now being integrated, possibly as part of threat intelligence. While anomaly events consistently and promptly appear in the console, certain alerts tend to experience delays before being displayed. Yet, with the recent product update, this issue is expected to be resolved. Currently, a comprehensive view of all policies is available within the console. However, I want a more tailored display of my compliance posture, focusing specifically on policies relevant to me. For instance, if I'm not subject to HIPAA regulations, I'd prefer not to see the HIPAA compliance details. It's worth noting that even with this request, there exists a filtering mechanism to control the type of compliance information visible. This flexibility provides a workaround to my preference, which is why it's challenging for me to definitively state my exact request."
"Its integrations with third-party SIEMs can be better. That is one of the things that we discussed with them."
More Lacework cons
 

Pricing and Cost Advice

"The pricing for the service is reasonable, neither excessively cheap nor prohibitively expensive. It aligns well with the value of their solution."
"The solution has many features but there are ones that you need to pay for. Sometimes you have to find out which is available for free and which you have to pay for."
"I think the pricing is competitive. I think as far as licensing is concerned it's pretty straightforward because it's based on domain. It's just that sometimes domains could be tricky with some customers."
"We don't have any issues with the price."
"So far I use free tier and happy with it. You can subscribe to business package if needed."
"The product's pricing is cheap."
"For Cloudflare, I recommend it heavily for small businesses with revenue under a couple of million dollars. Onboarding is easy, and they even have a free plan. This makes it simple for businesses in the $100,000-$500,000 range to try it out and see its value, allowing them to scale up their infrastructure as needed."
"It's a premium model. You can start at zero and work your way up to the enterprise model, which has a very high pricing level."
More Cloudflare pricing and cost advice
"It is slightly expensive. It depends on how big your environment is, but it is expensive. Right now, we are spending a lot of money. We have covered all of the cloud providers and most of our colocation facilities as well, so we cannot complain, but it is slightly expensive. It is not super expensive."
"The pricing has gotten better. That scenario was somewhat unstable. They have a rather interesting licensing structure. I believe you get 200 resources per "Lacework unit." It was difficult, in the beginning, to figure out exactly what a "resource" was... That was a problem until about a year or so ago. They have improved it and it has stabilized quite a bit."
"The licensing fee was approximately $80,000 USD, per year."
report
See which vendors are best for you
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
See recommendations
787,779 professionals have used our research since 2012.
 

Comparison Review

it_user68487 - PeerSpot reviewer
Nov 6, 2013
CloudFlare vs Incapsula: Web Application Firewall
CloudFlare vs Incapsula: Round 2 Web Application Firewall Comparative Penetration Testing Analysis Report v1.0 Summary This document contains the results of a second comparative penetration test conducted by a team of security specialists at Zero Science Lab against two cloud-based Web…
Read full review
 

Top Industries

By visitors reading reviews
Educational Organization
38%
Computer Software Company
11%
Financial Services Firm
8%
Manufacturing Company
4%
Computer Software Company
20%
Financial Services Firm
13%
Manufacturing Company
6%
Retailer
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Cloudflare. We are moving from Akamai prolexic to Cloudflare. Cloudflare anycast network outperforms Akamai static GRE tunnels. We have decreased site load times on Mobile 3G from 8 to 1,6 seconds ...
See all answers
What do you like most about Cloudflare?
Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications.
See all answers
What is your experience regarding pricing and costs for Cloudflare?
The tool's pricing is moderate. I rate the product’s pricing a five out of ten, where one is cheap, and ten is expensive.
See all answers
How would you compare Wiz vs Lacework?
Wiz and Lacework sucks... Buy Orca.
See all answers
What do you like most about Lacework?
Polygraph compliance is a valuable feature. In our perspective, it delivers significant benefits. The clarity it offers, along with the ability to identify and address misconfigurations, is invalua...
See all answers
What is your experience regarding pricing and costs for Lacework?
It is slightly expensive. It depends on how big your environment is, but it is expensive. Right now, we are spending a lot of money. We have covered all of the cloud providers and most of our coloc...
See all answers
 

Comparisons

Akamai vs Cloudflare Logo
Akamai vs Cloudflare
Compared 12% of the time
Azure Front Door vs Cloudflare Logo
Azure Front Door vs Cloudflare
Compared 11% of the time
Imperva DDoS vs Cloudflare Logo
Imperva DDoS vs Cloudflare
Compared 8% of the time
AWS Shield vs Cloudflare Logo
AWS Shield vs Cloudflare
Compared 6% of the time
Microsoft Azure Application Gateway vs Cloudflare Logo
Microsoft Azure Application Gateway vs Cloudflare
Compared 5% of the time
More Cloudflare Competitors
Wiz vs Lacework Logo
Wiz vs Lacework
Compared 30% of the time
Prisma Cloud by Palo Alto Networks vs Lacework Logo
Prisma Cloud by Palo Alto Networks vs Lacework
Compared 9% of the time
AWS GuardDuty vs Lacework Logo
AWS GuardDuty vs Lacework
Compared 9% of the time
Snyk vs Lacework Logo
Snyk vs Lacework
Compared 8% of the time
Amazon Inspector vs Lacework Logo
Amazon Inspector vs Lacework
Compared 1% of the time
More Lacework Competitors
 

Product Reports

Buyer's Guide
Cloudflare
June 2024
Cloudflare reportDownload Cloudflare product report
Buyer's Guide
Lacework
June 2024
Lacework reportDownload Lacework product report
 

Also Known As

No data available
Polygraph
 

Learn More

Cloudflare
Video not available
Lacework
 

Overview

Cloudflare is a highly-regarded Content Delivery Network (CDN) and a Distribution Denial of Service (DDoS) protection solution. The robust global cloud platform that is Cloudflare ensures users are able to connect to the internet quickly, securely, and reliably. Cloudflare is one of the world's largest networks in the marketplace today. Using Cloudflare, businesses, educational entities, NGOs, vloggers, bloggers, and anyone else with an internet presence can use the solution and experience more secure, faster websites and applications.

Currently, there are millions of internet locations on Cloudflare, and the Cloudflare network continues to grow every day by the thousands. The solution is able to fulfill the requests for millions of websites seamlessly and serves on average 45 million HTTP requests per second.

Cloudflare has safe, secure data centers in close to 300 cities worldwide to ensure every client request is filled as quickly as possible. It is Cloudflare’s edge network that makes this possible by keeping content and other services as close to each client as possible, so the information requests are always only seconds away.

Many organizations that work in democracy, civil society, human rights, or the arts are able to access Cloudflare highest levels of protection for free via Project Galileo. Additionally, official election websites can be secured from hacking and fraud through Cloudflare’s Project Athenian, also at no additional cost.

Cloudflare can also help organizations of all sizes develop a robust zero-trust strategy to ensure the highest levels of productivity and profitability. Employees, stakeholders, and end-users have a greater level of satisfaction and overall improved user experience, which can, in turn, result in higher revenues and overall ROI. Zero-trust and BYOD ( bring your own device) access ensure end-users and employees always have the best resources and technology available to them at all times.



Cloudflare Benefits

Cloudflare has many benefits. Some of its most valuable benefits include:

  • Faster load times
  • Robust DNS security
  • Intuitive cloud Web Application Firewall (WAF)
  • Free universal SSL
  • Image Enhancement
  • Automatic Browser Caching
  • Next-generation cloud load balancer
  • Accelerated Mobile Pages (AMP)
  • Rate Limiting
  • Minification
  • Zero-trust capabilities 
  • Cost-effective
  • Reduced carbon footprint

Reviews from Real Users

“Many websites require an SSL certificate because they sell stuff and want SSL. Cloudflare comes with an SSL certificate built in. It's automatic. You sign yourself up for Cloudflare, and an SSL certificate automatically protects your website. If you have a connection between your website and your host, the server, Cloudflare, and the host, you don't necessarily need a certificate.”  Spencer M., Owner at Tech Exchange

“What I like best about Cloudflare is that my company can use it to trace and manage applications and monitor traffic. The solution tells you if there's a spike in traffic. Cloudflare also sends you a link to check your equipment and deployment and track it through peering, so it's a valuable tool.” Daniel P., Network engineer at Ufinet

The most valuable feature of Cloudflare is the GUI. You are able to control the solution very well through the interface. There is a lot of functionality that is embedded in the service.” A PeerSpot user who is a Competence Center Manager at a tech services company. 

Lacework is a cloud security platform whose Polygraph Data Platform automates cloud security at scale so customers can innovate with speed and safety. Lacework is the only security platform that can collect, analyze, and accurately correlate data across an organization’s AWS, Azure, GCP, and Kubernetes environments, and narrow it down to the handful of security events that matter. As a breach detection and investigation tool, Lacework provides information on when and how a breach happened, including the users, machines, and applications involved in the breach. By using machine learning and behavioral analytics, the solution can automatically learn what's normal for your environment and reveal any abnormal behavior. In addition, Lacework gives you continuous visibility to find vulnerabilities, misconfigurations, and malicious activity across your cloud environment.

Lacework Features

Lacework has many valuable key features. Some of the most useful ones include:

  • Dashboards
  • Reports
  • Workflow management
  • Administration console
  • Governance
  • Policy enforcement
  • Auditing
  • Access control
  • Workflow management
  • Compliance monitoring
  • Anomaly detection
  • Data loss prevention
  • Cloud gap analytics
  • Host compliance

Lacework Benefits

There are many benefits to implementing Lacework. Some of the biggest advantages the solution offers include:

  • Security visibility: Get deep observability into your cloud accounts, workloads, and microservices to give you tighter security control.
  • Threat detection: By using Lacework, your organization can identify common security events that target your cloud servers, containers, and infrastructure-as-a-service (IaaS) accounts so you can take action on them quickly.
  • Flexible deployment: With Lacework, you have the option to deploy the way you prefer - either agent or agentless - which provides the visibility needed to have maximum security for cloud accounts and systems. Because Lacework offers an easy-to-deploy layered approach, you gain quick time to value.
  • Configuration compliance: With the Lacework solution, you can easily spot IaaS account configurations that are non-compliant and identify opportunities to apply security best practices.
  • Synced teams: Lacework allows your teams to operate smarter and bridge the gap between security, Dev, and Ops regardless of your team's size or experience level.
  • Gain meaningful security insights: Lacework provides meaningful security insights, alerting you of issues before they reach production from your existing workflows. This way you can build apps quickly and confidently.
  • Increased revenue streams: Because the solution has built-in security from the first line of code early on, it helps users unlock higher revenue streams.
  • Helps avoid development delays: The Lacework solution helps you better prioritize security fixes by making security information accessible to DevOps and security teams for earlier risk mitigation that speeds innovation.
  • Increased productivity: Lacework provides alerts with all the context you need and eliminates data silos and costly investigations, enabling you to boost productivity.
  • Correlate and contextualize behaviors: Lacework can take attributes and data points from your unique environment and correlate them together into behaviors.
  • Simplified cloud security posture and compliance: With the Lacework platform, you can get comprehensive visibility and continuous tracking to reduce risks and meet compliance requirements so you can improve your bottom line.
  • Address vulnerabilities before it is too late: Lacework enables you to limit your attack surface so you can address the riskiest vulnerabilities early in the development cycle.
 

Sample Customers

Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.
J.Crew, AdRoll, Snowflake, VMWare, Iterable, Pure Storage, TrueCar, NerdWallet, and more.
Buyer's Guide
Cloudflare vs. Lacework
May 2024
Free Report: Cloudflare vs. Lacework
Find out what your peers are saying about Cloudflare vs. Lacework and other solutions. Updated: May 2024.
DOWNLOAD NOW
787,779 professionals have used our research since 2012.
See our Cloudflare vs. Lacework report.
See our list of best Cloud Security Posture Management (CSPM) vendors.

We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.