The most valuable feature is Lacework's ability to distill all the security and audit logs. I recommend it to my customers. Normally, when I consult for other customers that are getting into the cloud, we use native security tools. It's more of a rule-based engine.
The compliance reports are definitely most valuable because they save time and are accurate. So, instead of relying on a human going through and checking or providing me with a report, I could just log into Lacework and see for myself.
Please share with the community what you think needs improvement with Lacework. What are its weaknesses? What would you like to see changed in a future version?
Chief Information Security Officer at a tech services company with 201-500 employees
Jul 10, 2022
Visibility is lacking, and both compliance-related metrics and IAM security control could be improved. This is what Ermetic does. IAM security management controls, as well as detection of deviations and misconfigurations, are critical but not fully developed in Lacework. There is no data governance or data visibility. It's a little bit different, in the vector of cloud security management, but Lacework does not yet support this. I would like to see some sort of data mapping or detection. The ability to pinpoint the exact location of data. Something similar to what Flow Security is currently doing. And that is what some other companies are attempting to do with data detection capabilities. Cloud Data Detection.
The configuration and setup of alerts should be easier. They should make it easier to integrate with systems like Slack and Datadog. I didn't spend too much time on it, but to me, it wasn't as simple as the alerting that I've seen on other systems.
If you were talking to someone whose organization is considering Lacework, what would you say? How would you rate it and why? Any other tips or advice?
Chief Information Security Officer at a tech services company with 201-500 employees
Jul 10, 2022
Currently, it is determined by your capabilities and the size of your environment. In general, I would not recommend Lacework right now. There are more mature solutions that would be a better fit. It is very dependent on the specific environment in which you operate. Lacework isn't necessarily bad; it's just that the more mature solutions on the market have significantly more capabilities. Prisma Cloud, for example, or Rapid7 Clouds, I believe, have more capabilities and support. In the cloud environment, better support and different security use cases are available. However, it is similar to the situation with automobiles. You are not required to drive a Ferrari. You could buy, a simpler car and seat it for your needs. It depends on what you want to accomplish. I would rate Lacework an eight out of ten. It has some technical capabilities, which are not bad, but it is currently lacking some technical features. It's also prone to false positives, which I believe is due to an over-reliance on some AI detection models. But the precision of those things isn't always good.
Lacework hasn't helped reduce our alerts. That's because we weren't alerting before Lacework in terms of security and compliance. If anything, it has increased our alerts, but that's just because we didn't have it before. So, overall, through time, after we implemented it and started addressing those alerts, for sure, they've been reduced. We've reduced our alerts by 70% to 80%, and there is more and more reduction. I would rate it a 10 out of 10.
The most valuable feature is Lacework's ability to distill all the security and audit logs. I recommend it to my customers. Normally, when I consult for other customers that are getting into the cloud, we use native security tools. It's more of a rule-based engine.
The compliance reports are definitely most valuable because they save time and are accurate. So, instead of relying on a human going through and checking or providing me with a report, I could just log into Lacework and see for myself.
The best feature, in my opinion, is the ease of use.