In September, Lacework launched a suite of upgrades to its threat detection capabilities including improvements to reporting times, better context into specific threats, and upgrades to its composite alerting capabilities. Full context into the launch is over on the Lacework Blog.
Among the launched enhancements, the composite alert upgrades earn special focus as Lacework uniquely differentiates in its ability to provide these updates. Launched in February, composite alerts allow Lacework users to find big threats in small signals by correlating multiple low severity security events into a meaningful notification.
Composite alerts allow Lacework users to more easily identify past and present attacks such as cloud ransomware, cryptomining, and compromised credentials.
September’s composite alert updates:
- Improve the alert UX to include a detailed events view with MITRE ATT&CK tagging, and a more comprehensive supporting evidence summary
- Expand the technology’s capabilities to detect potentially compromised Google identities.
For more on how composite alerts work at Lacework, check out the guided tour here.