We use the tool for two main purposes: vulnerability management and monitoring. We utilize it to scan all of our IAC scripts and configurations across our AWS and GCP environments. Additionally, we employ its agent to scan our compute nodes. This covers three main areas: cloud configuration, host systems, and IAC code, all essential for vulnerability management. We primarily focus on monitoring AWS CloudTrail to detect anomalous activities and risky behavior.
Fortinet FortiCNAPP
Fortinet Inc.External reviews
385 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Lacework enforces policies and monitors containers at runtime to prevent vulnerabilities
What do you like best about the product?
I love its capabilities like centralized administration, control groups, role-based access, and auditing. Additionally, the graphical user interface is easy to understand and clearly breaks down which resources are failing or passing which policies.
What do you dislike about the product?
I thought the initial setup process was a bit long, but we managed to do it with the help of the Lacework team. And I think some areas of the user interface require improvement.
What problems is the product solving and how is that benefiting you?
Lacework helps us with its ease of implementation, nice user interface, available CI/CD integration options and more! It also offers clear and practical recommendations to solve vulnerabilities and, at the same time, helps us make our CSPs more secure.
Perfect solution to protect your cloud environment
What do you like best about the product?
The tool is used daily to monitor vulnerabilities and threats in our environment. Lacework provides the functionality our team needs to protect the systems and data our business depends on every day. It is a wonderful solution for assets located in public cloud hosting environments.
What do you dislike about the product?
The truth is that there is nothing I don't like about Lacework, our team was looking for an easy-to-use solution that covered all our assets in the cloud and we are very happy with the results obtained thanks to this platform.
What problems is the product solving and how is that benefiting you?
We use Lacework primarily for user and entity behavior analysis. It allows us to be awere of any anomalies in our systems, whether it is a process, a user or a connection coming from an unusual location, etc.
Helps to scan all of IAC scripts and configurations across our AWS and GCP environments
What is our primary use case?
What is most valuable?
I find the cloud configuration compliance scanning mature. It generates a lot of data and supports major frameworks like ISO 27001 or SOC 2, providing reports and datasets. Another feature I appreciate is setting custom alerts for specific events. Additionally, I value the agent-based monitoring and scanning for compute nodes. It gives us deeper insights into our workloads and helps identify vulnerabilities across our deployed assets.
One key aspect of the agent that stands out is its capability to distinguish between active and inactive packages on compute nodes. This feature reduces the number of actionable vulnerabilities by focusing on packages actively running in the environment rather than all installed packages.
I noticed that it was quite noisy, with many alerts about things I wasn't particularly concerned about. However, over time, Lacework's anomaly detection improved by establishing baselines of normal activity. It now alerts us only when there are deviations from these baselines. Integrating with Slack was especially beneficial—I set up a dedicated Slack channel just for Lacework alerts. This allowed me to focus on the alerts that required attention.
What needs improvement?
The solution lacks a cohesive data model, making extracting the necessary data from the platform challenging. It uses its own LQL query language, and each database across different layers and modules is structured differently, complicating correlation efforts. Consequently, I had to create extensive custom reports outside Lacework because their default dashboards didn't communicate risk metrics. They're addressing these issues by redesigning their tools, including introducing the dashboard, which is a step closer to actionable insights but still needs refinement.
Regarding reporting features, the ability to create granular custom alerts remains limited. For instance, I could only filter alerts by source or type rather than selecting alerts based on specific IDs. This lack of granularity in alert management and reporting customization is a notable drawback.
For how long have I used the solution?
I have been using the product for one and a half years.
What do I think about the scalability of the solution?
The solution is scalable. I rate it a nine out of ten.
How are customer service and support?
One thing I appreciated about Lacework was the support I received from their team. I regularly met with them to provide feedback on what worked well and what didn't in their modules. They took my feedback seriously, often implementing it into features, hotfixes, and interface changes. Part of the reason for this was my clear and detailed communication style.
While some customers might say, "This sucks," I made sure to explain exactly why and how I would suggest fixing it. This approach was well-received by their product managers, who valued my input. As a premium customer, I have access to account managers. Its support is very good.
Sometimes, the support process was quite slow. While they acknowledged my tickets promptly, resolving issues could take weeks as they liaised back and forth with engineering to diagnose and determine solutions. However, the support I received from my account management and technical account management teams was very good.
Which solution did I use previously and why did I switch?
Lacework's advantage is its ability to differentiate between active and inactive packages through the agent. Most other CNAPP solutions don't offer this capability, and competitors like Wiz don't implement it as effectively.
I've used several other platforms, such as Wiz and Prisma, and they all cover similar functionalities, such as scanning for misconfigurations in the cloud against compliance standards, monitoring IAM configurations for risks, logging and anomaly detection, host-based vulnerability scanning, and IAC code scanning. Wiz offers better reporting and ease of data extraction from datasets.
Lacework, on the other hand, is generally more cost-effective and becomes user-friendly once you're accustomed to its UI conventions. However, extracting specific data from Lacework can sometimes be challenging.
How was the initial setup?
The product is very straightforward to deploy across an entire AWS or GCP organization. They offer automation via Terraform and CloudFormation templates, which allow deployment across all accounts with the appropriate permissions. As for Azure, I'm unsure about its compatibility.
What was our ROI?
You can expect ROI from vulnerability management.
What's my experience with pricing, setup cost, and licensing?
My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz.
What other advice do I have?
I rate the overall product a seven out of ten.
Cloud Security Management simplified
What do you like best about the product?
Its diverse service offerings and ability to adapt to market needs - it's like the swiss army knife of cloud security tools, allowing us to consolidate different functions and needs all in one place
What do you dislike about the product?
Account management team has seen some flux in the last year
What problems is the product solving and how is that benefiting you?
The dynamic growth of our cloud infrastructure requires us to have automated posture analysis to mitigate and reduce risks, as on our scale manual remediation would be near impossible
Amazing Product To Find Out Hidden Vulnerability on Cloud
What do you like best about the product?
Saves a lot of time to find out something unusual which is not possible with manual finding on cloud
What do you dislike about the product?
Less integration on Azure I would say but recently they made good progress on it
What problems is the product solving and how is that benefiting you?
We are using it to detect violation on our cloud environment. We are aws & azure based & we have small team so its great to save time
Strong Security, But Takes Time to Master
What do you like best about the product?
Covers all our cloud security needs, protecting from end to end.
What do you dislike about the product?
Learning Curve: Setting up and getting the hang of it can be tricky and time-consuming for some.
What problems is the product solving and how is that benefiting you?
Lacework is solving the headache of keeping our cloud environment secure by automatically detecting threats and giving us clear insights into any security issues. This means we don't have to constantly monitor everything ourselves, freeing up our time.
Lacework: A Very Good Cloud Security Tool
What do you like best about the product?
Lacework is fully featured. It contains all of what we need for a cloud security platform, from alerting to CSPM.
What do you dislike about the product?
The Lacework global search does not always find what I need. I wish it were more intuitive to search for resources.
What problems is the product solving and how is that benefiting you?
Lacework helps us tremendously in tracking and responding to the drift in our cloud environments. It also has been substantially helpful with its container security and image vulnerability features.
Great Tool To Find Out Unusual Activity
What do you like best about the product?
Saves so much time to analyze something & we found a lot alerts on the environment which was unlnown to us. Don't think manucally this is something can be found
What do you dislike about the product?
Reporting might be sometimes confusing & lack of Azure integration but they are getting better
What problems is the product solving and how is that benefiting you?
Biggest challenge we have is visibity on the cloud environment so its hard to keep track of everything as our cloud environmnet is growing. Lacework really helped us with this
Good product with high fidelity alerting
What do you like best about the product?
Good UX and provides great visibility into cloud environments with intuitive and actionable insights. Also provides good contextual benefits for detections (events) that might amount to incidents, which is helpful if you need to triage and respond quickly. I also find the ability to easily deploy and integrate with various cloud services incredibly helpful for me and my team, especially when we're under tight time constraints to provide assurance back to the business on levels of visibility.
What do you dislike about the product?
I think the ability to build out automation workflows for more granular types of alerting could be helpful for organisations that have Lacework but don't yet have a SIEM and/or SOAR platform.
What problems is the product solving and how is that benefiting you?
Provides us with good visibility and security control over our multi-cloud estate as well as helps us satisfy a number of compliance related requirements.
We enhanced security and compliance
What do you like best about the product?
I like Lacework because its interface is very intuitive and can plug directly into the tools we are already using, such as AWS and Azure. Many features that have proven to be a great benefit to our company include the real time threat detection, which gives alert and comprehensive report. Another thing that needs a mention is the customer support, the service is always willing to help with various problems. Lacework has more than likely helped save time in our security aspects.
What do you dislike about the product?
A disadvantage of Lacework is that it can be somewhat complicated to set up at the beginning. This consumed more time and resources that could have been used in our work thus affecting it. Also the number of features available can be quite confusing and may take time to get used to, thus reducing the initial productivity rates. However, after some time, it was possible to notice the features that made the software useful.
What problems is the product solving and how is that benefiting you?
Lacework has been helpful in improving the cloud security since it has helped in the identification of threats and other inconsistencies. It aids in the management of security in various clouds in order to enhance on the performance that we do in our task. The frequent alerts and the comprehensive reports are more helpful in detecting and correcting the problem before the breach can be made. This has assisted in this aspect of security and also created some space for other things as well.
showing 21 - 30