Cloud Security and Compliance
Provides a lightweight, agentless method of collecting the following data sources, enabling the resultant Lacework Feature(s).
| Use Cases | Lacework Feature(s) | Data Source |
|---|---|---|
| Cloud Security Posture Management (CSPM) Cloud Infrastructure Entitilement Management (CIEM) | Compliance Dashboard and Reports Cloud Infrastructure Entitilement Management Dashboard Attack Path Analysis and Exposure Polygraph | AWS Cloud Configuration Google Cloud Configuration Azure Cloud Configuration |
| User Entity Behaviour Analytics (UEBA) | Cloud Anomaly Detection Cloud Drift Detection Cloud Audit Polygraph | AWS Cloud Audit Logs Google Cloud Audit Logs Azure Cloud Audit Logs |
| Vulnerability Management | Vulnerability Management Dashboard | ECR GCR GAR ACR AWS Agentless Workload Scanning Google Cloud Agentless Workload Scanning |
| User Entity Behaviour Analytics (UEBA) | Kubernetes Audit Log Dashboard Kubernetes Anomaly Detection Kubernetes Audit Log Polygraph | EKS Audit GKE Audit |
At a high-level integrating your cloud audit, cloud configuration and agentless machine data into Lacework is a fundamental first step. Lacework supports AWS, Google Cloud and Azure integration via Terraform and additionally, in the case of AWS, CloudFormation.
In the following sections we will review each of the cloud providers and their specific deployment requirements.