Hi,Looking for some advice.Basically with-in lacework kubernetes , looking to see which pods & nodes are accessible from internet ( inbound from internet). What i found so far is we can use Resources → Kubernetes → Pod Network → External connections . You can select all columns and download a CSV. There is a similar view for actual nodes as well. Node→ Kubernetes → Node Network → Node External Connections I am not 100% sure if this is accurate. Also this does not tell what ports are open for inbound connections ( some of the ports listed are >65k which seems to be odd as well)Wondering if anyone had figured out the correct way to “Identify Internet accessible nodes and container pods ( inbound from internet)?”. Thanks in advanceAgentLinux 6.6XPlatformUsing Lacework/OperationalizingCloudGCP
I only want to see vulnerabilities for hosts that have been running in last 8 hours in my vulnerability reports. How can I craft my API calls to achieve this? AgentN/APlatformN/ACloudN/A
The api.lacework.net agent url will retire on October 31, 2023, and will be replaced with agent.lacework.net.Is there a way to have the agent change its own target? Is there a way to get a report on which IP addresses are using the old endpoint before the retirement?AgentN/APlatformUsing Lacework/OperationalizingCloudAWS
I know that GenAI is a very popular topic in the security industry right now. But I am curious, how does everyone see this technology becoming useful in the security (or even more specifically the cloud security) world? To me, it’s about helping security teams do more with less. Using the technology to automate response to tasks that take up the time of engineers. Or it could be the first level of triage for an alert that can response and know a specific action to take. Other thoughts? AgentN/APlatformUsing Lacework/OperationalizingCloudAWS
I found the solutions brief: https://www.lacework.com/resource/solution-brief/cloud-infrastructure-entitlement-management-ciem/ and video: https://www.lacework.com/resource/video/lacework-cloud-infrastructure-entitlement-management-ciem/ AgentN/APlatformN/ACloudN/A
What are the specific ways the agentless workload scanning actually works to gather data? AgentAgentlessPlatformCurrentCloudGCP
AgentN/APlatformCurrentCloudN/A AgentN/APlatformCurrentCloudN/A
AgentN/APlatformCurrentCloudN/A
Once you are logged in the Lacework platform, List of active containers can be found via navigating to Resources > Containers > List of active containers under the Polygraph. AgentLinux 6.6XPlatformCurrentCloudHybrid
AgentLinux 6.6XPlatformCurrentCloudAWS
For us visual learners 😎 AgentN/APlatformCurrentCloudN/A
It is purely around separating enviornments, or anything else to consider? AgentN/APlatformN/ACloudAWS
I cannot find the answer. AgentLinux <5.0x< />>PlatformN/ACloudGCP
AgentN/APlatformCurrentCloudAWS
After I completed my Lacework CSPM integration into AWS, it does not list my AWS accounts by name, only numbers when viewing the data in the platform. How can I see the names per integrated account? AgentN/APlatformCurrentCloudAWS
Details
Already have an account? Login
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.
