Skip to main content

Lacework AI Assist, an assistive generative AI technology developed internally at Lacework, is a powerful new tool designed to help teams better understand cloud environments, gain insights faster and level up cybersecurity skills.

Launched today, Lacework assistive technology that provides customers with the capability to ask questions in clear language such as:

  • Why should I look at this alert? 
  • What Lacework tools can I use to further investigate this? 
  • How do I fix this misconfiguration using the AWS CLI?
  • Does this violation affect my SOC2 compliance?

Output from the tool is delivered in a simple, concise format designed to be both understood by the entry-level security analyst and with the technical depth to be actionable. Here’s what this conversation would look like with Lacework AI Assist: 

“Why does this alert matter?” 
“This alert is important because it involves enabling Role Based Access Control (RBAC) for Azure Key Vault, which is a crucial aspect of managing access permissions to your key vaults and the secrets stored within them. RBAC allows you to delegate specific permissions to Azure Active Directory user accounts or system-managed identities. This way you can define what data and what actions are permissible by users, groups, or applications.

When RBAC is not enabled for your Azure Key Vaults, it may result in unauthorized access or manipulation of your secrets, keys, and certificates. This can pose serious threats to your Azure resources, including data breaches and unwanted changes. Therefore, ensuring RBAC is enabled for Azure Key Vault is essential to maintain strong access control security. This alert signifies that RBAC for the Azure Key vault is currently not enabled, which poses a security risk.”

 

“How can I remediate this using cloud security provider CLI?”
“Since this alert involves enabling Role Based Access Control for Azure Key Vault, you will need to use Azure command-line interface (CLI) for remediation:

  1. First, you need to login to your Azure account using the Azure CLI. Run the following command and follow the instruction:
    az login
  2. Once logged in, you can view all your subscriptions with:
    az account list - output table
  3. If you have multiple subscriptions, set the relevant subscription where your Key Vault resides
    az account set - subscription ‘your-subscription-id’
  4. ETC…

 

More on how Lacework AI Assist works including in depth examples is available in this launch blog or in the below demo video.

 

Be the first to reply!