Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Very good
What do you like best about the product?
Dashboard, easy to Navigate the options and account settings
What do you dislike about the product?
Not much particularly but dashboard can be improvised.
What problems is the product solving and how is that benefiting you?
Cloud related issues
Recommendations to others considering the product:
NA
- Leave a Comment |
- Mark review as helpful
Great product!
What do you like best about the product?
Great help to a security team. Drastically reduced the number of false-positive alerts.
What do you dislike about the product?
There few things to add to the functionality, but those are niceties and are on the road map.
What problems is the product solving and how is that benefiting you?
Vulnerability management, IDS
Recommendations to others considering the product:
The seamless experience of deployment and usage across multiple types of infrastructure.
Increases visibility really effectively, growing in all the right ways.
What do you like best about the product?
The cross cloud, cross data center visibility from the app level and the ability to weave a lot of data into a simpler process. Their roadmap is awesome, and features are malleable. They bring some intelligence data to the view as well. We get visibility from agents in concert with kubernetes and our cloud providers that makes actions much more meaningful. Filtering views is also a very nice feature - you can review how a pod communicates within a system with clever use of filtering.
What do you dislike about the product?
Lacework collects the data to provide many more features that would make compliance and security reviews significantly easier, but they are still growing and road mapping things. There is incredible potential in this tool. My only dislike is that we have to wait, but I am satisfied with the tremendous progress.
What problems is the product solving and how is that benefiting you?
Lacework can help reveal interactions between microservices you weren't expecting. It can help with detecting intrusion. It helps you get visibility when bad actors are hitting your services. Overall its wholistic view is very powerful and really helps contextualize network movement in an increasingly complex world of orchestrated deployments.
High fidelity and observability into our environment!
What do you like best about the product?
The high fidelity of the alerts with little noise to sort though. Also love the visualization.
What do you dislike about the product?
The sales process seemed to be very drawn out and not transparent as to pricing structure
What problems is the product solving and how is that benefiting you?
Small security team and a lack of deep visibility and intelligence into our environment. Provided us with the tools we need to effectively protect and monitor our environment.
Streamlined setup, Quick to start gaining value out of detections.
What do you like best about the product?
The setup and documentation is very easy to navigate. There were a variety of up to date templates depending on your orchestration. I could easily run terraform plans to setup the cloud posture and they had provided chef cookbooks handle the agents. Basically however I wanted to deploy the agent, they had codified modules I could use and fold into my code base.
The network diagrams (polygraphs) are really helpful when responding to an alert or just doing Threat modeling, Its nice to be able to very quickly visualize communications between your services.
Integrating into the container registry was really easy and provides us Vuln visibility prior to deployments. The mapping of containers in the registry to containers at runtime is very intuitive, helps you prioritize which items to look at first.
The network diagrams (polygraphs) are really helpful when responding to an alert or just doing Threat modeling, Its nice to be able to very quickly visualize communications between your services.
Integrating into the container registry was really easy and provides us Vuln visibility prior to deployments. The mapping of containers in the registry to containers at runtime is very intuitive, helps you prioritize which items to look at first.
What do you dislike about the product?
The vulnerability management at runtime only updates once per day and a vuln must be cleared for at-least 24 hours before it will no longer show in the platform. This makes closing out issues after a code change or dependency update a more drawn out process. Would be nice if it could be done on demand.
Lacework has nice documentation on how to remediate findings in AWS, however they only provide details on how to do it in the AWS console, it would be helpful if they could also provide terraform samples, as that could greatly increase the speed of remediation.
Lacework has nice documentation on how to remediate findings in AWS, however they only provide details on how to do it in the AWS console, it would be helpful if they could also provide terraform samples, as that could greatly increase the speed of remediation.
What problems is the product solving and how is that benefiting you?
Vulnerability Management - Host and Containers
AWS Cloud Compliance
Threat Hunting
The lacework setup allows us to easily run a Vulnerability Management program on our AWS images, Instances, and our Container fleet both at run and build-time.
The Automatic network diagrams allow us to look at all network connections between our systems and compare them to our baselines.
AWS Cloud Compliance
Threat Hunting
The lacework setup allows us to easily run a Vulnerability Management program on our AWS images, Instances, and our Container fleet both at run and build-time.
The Automatic network diagrams allow us to look at all network connections between our systems and compare them to our baselines.
I can’t imagine managing infrastructure security and compliance without Lacework
What do you like best about the product?
I can’t pick just one thing.
The team at Lacework is incredible – they are easy to work with, proactive, and always ready to help.
Installing their agents on all of our servers and connect services like AWS CloudTrail was a breeze and shortly after we did we were able to get valuable insights almost immediately.
The team at Lacework is incredible – they are easy to work with, proactive, and always ready to help.
Installing their agents on all of our servers and connect services like AWS CloudTrail was a breeze and shortly after we did we were able to get valuable insights almost immediately.
What do you dislike about the product?
Sometimes I wish there was more details available.
An example of this would be that we receive alerts for outbound HTTP connections to an IP address but can’t tell what process in our container made the call. It would be nice to get even more insights like the verb, path, etc.
An example of this would be that we receive alerts for outbound HTTP connections to an IP address but can’t tell what process in our container made the call. It would be nice to get even more insights like the verb, path, etc.
What problems is the product solving and how is that benefiting you?
Security and compliance is important to us but manually monitoring and audits are incredibly time consuming.
Lacework takes care of all of this for us and all we need to do is review alerts every now and then saving us a ton of time. Generating audits is as easy as clicking a button.
Lacework takes care of all of this for us and all we need to do is review alerts every now and then saving us a ton of time. Generating audits is as easy as clicking a button.
Recommendations to others considering the product:
I was able to get everything setup and see value during the sales process with no commitment – I highly recommend you do that too.
Great for first pass compliance reviews. Still very Beta for containers and registry integration.
What do you like best about the product?
It basically is like me hiring 6 DevSecOps team members and allows me to save so much time by instantly giving me visibility into the state of my security posture across all my AWS organizations. Even across my container workloads. I could not manage my accounts from a security standpoint without Lacework, not without hiring an entire team of senior AWS security experts.
What do you dislike about the product?
Consistent errors with the UI, container agent integration in wildly unstable, the documentation needs help and to date, we still can't fully integrate our DTR or Artifactory registries. The UI could be more intuitive. It takes some getting used to but it's worth it once you get over that hurdle.
Documentation on the website needs to be improved but luckily Lacework has made up for this by being super responsive to support tickets.
Documentation on the website needs to be improved but luckily Lacework has made up for this by being super responsive to support tickets.
What problems is the product solving and how is that benefiting you?
I am better prepared for PCI audits, I can vet recent teams cloud migrations, I can ensure that security related items are visualised then actually prioritised because Lacework makes it evident WHERE the problems are and how critical they are. It's really helped our org shift security left.
Recommendations to others considering the product:
Run a PoC and you won't be disappointed.
Lacework enables Reltio to focus on what matters.
What do you like best about the product?
Lacework provides a robust and ubiquitous view of security across all systems in AWS, GCP, and our microservices architectures. There is very little noise to signal which helps Security Analysts get alerted to and investigate potential issues. Vulnerability management runs continuously as do compliance checks which helps focus efforts to reduce risk. Having agents deployed as code means that the security team focuses less time on building security infrastructure and more time consuming information about current state of security. API and UI capabilities are used heavily by security engineering and operations teams. As a CISO, I don't need a special decoder ring or PhD in Lacework to benefit from the platform. Rollup summaries from the platform are now part of monthly reporting to all employees and quarterly reporting to the executive committee, security steering committee, and Board of Directors.
What do you dislike about the product?
I would not use the term dislike. Rather, there are a few areas of innovation where Lacework could focus such as with IAM (Identity and Access Management) permissions checks or other IAM policies.
What problems is the product solving and how is that benefiting you?
My goal was to gain a ubiquitous view of security across all systems regardless of deployment type or cloud service provider. Lacework was not only a significant part of achieving that goal, it also displaced several other lesser performing technologies.
A second set of eyes when it comes to security
What do you like best about the product?
With the growth of instances and containers, it is difficult to monitor and review every log or activity. By using Lacework, we've been able to use the Lacework AI to net down patterns, violations, and compliance activity all in a single dashboard saving time and resources.
More importantly, historical charts and reports are extremely helpful for audits to demonstrate alerting, notification and review.
More importantly, historical charts and reports are extremely helpful for audits to demonstrate alerting, notification and review.
What do you dislike about the product?
In my opinion, I think the natural progression for Lacework is to tie into or build its own SIEM. They have a great AI algorithm that can be expanded into security logs overall.
What problems is the product solving and how is that benefiting you?
* Leveraging compute to monitor and secure our environment
* Saving time and resources by avoiding manual review
* Reporting for audits
* Defining custom patterns to detect and alert
* Saving time and resources by avoiding manual review
* Reporting for audits
* Defining custom patterns to detect and alert
Recommendations to others considering the product:
The value of Lacework shines when you start seeing alerts that you weren't aware of. It is very thorough and keeps our attention on a day to day, hour by hour basis.
The product is excellent, the people are even better
What do you like best about the product?
The entire team I've met from Lacework are incredible. Anjali Hedge and Andrew Dang I have worked with for a year and find them to be the easiest, most pleasant customer liaisons I have worked with. The product is very plug and play, and gives us excellent insights into our cloud environment. They integrate with a lot of tools so we can action on items we find.
What do you dislike about the product?
I wish the logging was better - they give you the option for alerts, but I'd love all logs to be ingested into our Splunk environment for better threat hunting.
What problems is the product solving and how is that benefiting you?
Understanding our cloud architecture better - the compliance piece gives us configurations to change in our AWS environment while the events give us alerts into our environment.
Recommendations to others considering the product:
Be prepared to make changes to your cloud! Haha
showing 321 - 330