Recently active topics
Hello community! I’m working through an interesting scenario where I need to provision EKS audit logs...without using the LW provider. There are some internal constraints on how TF is used with the organization I’m working with. Curious if anyone has any perspective they’re willing to share, cheers! AgentN/APlatformDeploy Lacework/InstallationCloudAWS
In February 2024, Lacework rolled out several platform enhancements and new features:- Additional configuration options for Kubernetes Compliance integrations.- General availability of the Lacework Security in Jira integration for all geographic locations.- Active Package Detection (Code Aware Agent) is now generally available.- Introduction of identity management features for cloud permissions.- Support for transit gateway in attack path analysis.- New alert for potentially compromised Kubernetes users.- Detection of active and inactive Rust packages on hosts and containers.For detailed information on these updates, please visit the Docs page.
In January 2024, Lacework launched updates to enhance its security platform, including:- Crowdsourced risk analysis for improved alert insights.- Public preview features like exceptions for OCI compliance policies, a new composite alert for potentially compromised Kubernetes users, and Lacework AI Assist for chat-based alert guidance and remediation.- Enhanced support for detecting vulnerabilities on Microsoft Windows Servers, including detailed guidance and support for various Windows Server OS and applications.For a detailed overview of all these updates, visit the Docs page.
In December 2023, Lacework introduced updates aimed at broadening security capabilities and enhancing user experience. These updates include:- New data sources for Amazon EC2 and ElastiCache.- Improvements to the Cloud Compliance dashboard.- Introduction of view management features.- Extended attack path analysis for Azure assets.- Support for Oracle Cloud Infrastructure (OCI) in public preview.- Enhancements to resource groups.- Ability to create custom compliance and violation policies.For a comprehensive overview of all the updates, visit the Docs page.
In November 2023, Lacework unveiled significant updates to its platform, focusing on enhancing user experience and expanding security features. Key updates include:- Introduction of auto polling for JFrog registry integrations to streamline container scanning processes.- Enhancement of alert titles and descriptions for better clarity and actionability.- Implementation of tabbed views for Host and Container vulnerability pages to simplify navigation and analysis.- Launch of view management capabilities for creating, updating, and sharing customized views more efficiently.- Extension of attack path analysis to include Azure assets, providing comprehensive security insights across cloud environments.- Activation of active package detection for containers, improving visibility into container security.For more details on these updates, visit the Docs page.
In October 2023, Lacework introduced several enhancements to its platform, focusing on broadening its security capabilities. These updates aim to help users better identify and manage vulnerabilities and threats within their environments. Key highlights include:- Integration of CVEs for Java and NPM vulnerabilities via GitHub Security Advisory.- Enhanced container vulnerability scanning with support for Red Hat UBI 9 and Minimal Images.- Updated Google Cloud service account validation for improved permission checks.- Refined Agentless Workload Scanning documentation, including detailed IAM permissions.For a comprehensive overview of all the updates, visit the Docs page.
There are several ways to integrate Lacework with accounts in an AWS Organization. Lacework provides multiple Terraform modules for this purpose. In this post, we will focus on the aws_org_configuration module. Integration:The aws_org_configuration module offers seamless automation for integrating Lacework with AWS Configuration and CloudTrail. It simplifies the process by automatically configuring integration across the root account and all associated sub-accounts within the specified organizational unit (OU). Additionally, it creates an SNS topic and Lambda function, ensuring that any new AWS accounts added to the organization are seamlessly integrated with Lacework. The module will perform the following tasks:Create the CloudTrail integration at the root account level. Create AWS Configuration integration for each of the sub-accounts. Note that this is not the same as the AWS Config service. Lacework does not rely on the native AWS Config service.For Lacework to access configuration
Currently, Lacework doesn’t have a direct integration with Bitsight. With that being said - all of the data that Lacework ingests, Lacework should be able to have a comparison with overlapping areas, ultimately not needing Bitsight. A great way to do this would be leveraging Lacework’s compliance reports / dashboard where risks are easily identifiable and actionable. AgentN/APlatformUsing Lacework/OperationalizingCloudN/A
Login to the community
Login with SSOLogin with Saml2
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.