Lacework has introduced new agentless scanning for workloads that provides organisations with comprehensive and frictionless visibility into vulnerability risks across all active hosts, containers, and application language libraries in their environment. The Lacework Polygraph® Data Platform uses a combination of agentless and agent-based technologies to gather data from cloud environments in the most effective way. These new capabilities make it easy for organisations to quickly operationalise security and gain a comprehensive view of their security posture without the use of agents. This also gives customers the flexibility to add additional layers and agent-based runtime insights from the same platform for maximum value and security.
Cloud environments are dynamic in nature. New workloads, containerised applications, and serverless compute are added and removed at rapid speed, making it difficult to get a full view of security risks at any given moment. With new vulnerabilities, both known and unknown, emerging every day, security teams need to be able to quickly identify all risks that exist and understand which to prioritise and take action on.
Agents allow customers to unlock the most comprehensive level of workload security by providing continuous behavioural monitoring and threat detection capabilities. However, there are use cases where agents may not be preferred due to either the underlying technology or organisational limitations, leading to visibility gaps. By combining the Polygraph Data Platform’s agent-based technology with these new agentless capabilities for workloads, organisations can eliminate these gaps and implement the best approach to suit their environment.
For example, businesses leveraging AWS that want to quickly operationalise security can connect all their cloud accounts to Lacework for agentless workload scanning with a simple, one-time setup that leverages cloud-native capabilities to provision the necessary infrastructure to all regions. Once they set it up, Lacework streams snapshot data through a serverless analysis engine that scans for vulnerability risk within the entire environment. Agentless workload scanning can then easily be combined with Lacework agents should their needs shift, providing better visibility across their environment to identify, prioritise, and take action on all risks that exist.
Modern cloud security demands a combination of both agent-based and agentless security.
“The ongoing conversation around agent-based and agentless cloud security deployment models does a disservice to customers, creating confusion about the right approach to securing their cloud environments,” said Frank Dickson, IDC. “Organisations need comprehensive visibility across every part of their environment, but different roles such as cloud operations, security and DevOps have differing requirements for that visibility and how it is collected. Leveraging agent and agentless approaches provides the appropriate role-based visibility needed across the entire organisation.”
“Customers are building their business in dynamic cloud environments and they need security solutions to cover a wide range of cloud environments to ensure there are no visibility gaps,” said Adam Leftik, VP of Product, Lacework. “With its agent agnostic approach, the Polygraph Data Platform makes it easier for customers to collect all relevant data about their unique environment in the most efficient way. This helps customers identify security issues that truly matter to their business without worrying about the underlying infrastructure.”
Lacework helps customers understand what is happening in their cloud accounts and workloads with or without an agent. Using machine learning, behavioural analytics, and anomaly detection Lacework automates the identification of unusual activity to secure customer environments from build to runtime. Lacework is the only company that extends anomaly detection across AWS, Google Cloud, Microsoft Azure, and Kubernetes environments.