Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Good vision, but the execution is lacking right now
What do you like best about the product?
Lacework is a good tool for smaller teams that can't afford a SIEM or lack the experience to set up a SIEM for Cloud environments. It is far less noisy than legacy tools. If you're just starting your security journey, Lacework may be a good fit to get you started. Our AE and our Solutions engineer are awesome and I feel like they care about us getting the most value out of Lacework. They have some of the best CLI tools and API's that I've ever worked with.
What do you dislike about the product?
There is very little that's unique about Lacework. It does not ingest cloud logs like VPC FLow Logs, Load Balancer logs, S3 Access Logs, etc. They don't ingest AWS security events like Guard Duty and instead rely on their IP to alert on. Lacework has missed indicators of compromise while undergoing penetration tests. We've found some issues and limitations with larger time ranges, monitoring network traffic, and anomaly detection for AWS metrics. Support has been poor lately. I've found that when I ask a question and it's not a positive answer they often answer a different question. Windows support is still developing. They don't have alerts for failed logins on Windows workloads and these must be configured by the customer. As your security matures over time, you'll need to reset the machine-learning models because it's been trained to ignore poor security practices.
What problems is the product solving and how is that benefiting you?
Lacework helped us solve the problem of not having an SIEM and how to gain visibility into behaviors in our cloud environments with minimal work on a very small team.
- Leave a Comment |
- Mark review as helpful
Amazing customer support and good product, on the expensive side and lacks open security integration
What do you like best about the product?
The interaction with the customer success and product manager has been extremely open and positive.
They are putting development efforts into the product. They have also demonstrated commitment to the roadmaps they promised at the beginning of the contract, developing the agentless scanning capabilities, custom privacy features and expanding coverage of different Cloud Service Providers.
The product and the SaaS portal (with European hosting available) are easy to integrate and use; the agents are seamless, and agentless scanning is catching up regarding features with the agent-based capabilities.
When we acquired it, Lacework was the only security and compliance product that could meet all of our requirements regarding support for hybrid public/private deployments, completely private Cloud, containers' introspection, European legislation, and privacy.
Their customer support is excellent. We had access to continuous technical deployment support throughout the whole run of the contract.
Finally, compliance and security vulnerability scanning coverage is impressive and vastly superior to the standard CSP service offerings.
They are putting development efforts into the product. They have also demonstrated commitment to the roadmaps they promised at the beginning of the contract, developing the agentless scanning capabilities, custom privacy features and expanding coverage of different Cloud Service Providers.
The product and the SaaS portal (with European hosting available) are easy to integrate and use; the agents are seamless, and agentless scanning is catching up regarding features with the agent-based capabilities.
When we acquired it, Lacework was the only security and compliance product that could meet all of our requirements regarding support for hybrid public/private deployments, completely private Cloud, containers' introspection, European legislation, and privacy.
Their customer support is excellent. We had access to continuous technical deployment support throughout the whole run of the contract.
Finally, compliance and security vulnerability scanning coverage is impressive and vastly superior to the standard CSP service offerings.
What do you dislike about the product?
The product is expensive, especially considering that competitive offerings are now available, which were not a couple of years ago. Depending on your use case, Lacework may be overkill. A simpler, cheaper alternative could fit your niche better - especially if you do not need to support hybrid deployments and private Clouds. If you focus on public Cloud and agentless scanning, competitive products will likely serve you better and will probably be cheaper.
Lacework was subject to a series of layoffs at the beginning of 2023. We have not noticed slow-downs or impacts from that.
For a long time, the major turn-off from Lacework was their inability to work in real-time unless you are investing into (or already have available) a Snowflake data lake. Logs and events are processed into 24-hour batches, and you receive daily email notifications of non-conformity or security issues. This behavior is sufficient for compliance but clearly unacceptable for security purposes. Although they integrate now with New Relics and Splunk, they can still not offer an open integration with other tools unless the events are channeled through a Splunk collector.
We have noticed that other security tools could leverage the information Lacework collects (or Lacework could introduce monitoring for such security events). For instance, they see all the web URLs accessed by a specific Cloud instance or container but do not act on them. They will identify whether a malicious IP is connected, but not in case of a malicious URL, although the information is present. Third-party tools could leverage this if integration were possible.
Lacework was subject to a series of layoffs at the beginning of 2023. We have not noticed slow-downs or impacts from that.
For a long time, the major turn-off from Lacework was their inability to work in real-time unless you are investing into (or already have available) a Snowflake data lake. Logs and events are processed into 24-hour batches, and you receive daily email notifications of non-conformity or security issues. This behavior is sufficient for compliance but clearly unacceptable for security purposes. Although they integrate now with New Relics and Splunk, they can still not offer an open integration with other tools unless the events are channeled through a Splunk collector.
We have noticed that other security tools could leverage the information Lacework collects (or Lacework could introduce monitoring for such security events). For instance, they see all the web URLs accessed by a specific Cloud instance or container but do not act on them. They will identify whether a malicious IP is connected, but not in case of a malicious URL, although the information is present. Third-party tools could leverage this if integration were possible.
What problems is the product solving and how is that benefiting you?
Monitor multi-Cloud Service Providers respecting privacy legislation and compliance.
Extremely Helpful In Terms Of Security And Notification
What do you like best about the product?
- Its usability. - Email notification and integration with Slack. - Easy set-up.
What do you dislike about the product?
Nothing that I have found so far. I have used it already for 2 months or so.
What problems is the product solving and how is that benefiting you?
It is mostly solving security-related issue that we were unaware of before and also compliance-related stuff that we were not bothered at all.
Lacework has supported us through our vision to SecOps automation and visibility
What do you like best about the product?
Centralised visibility
Easy to navigate/integrate into BAU
It isn't just a security product but supports the ops teams with day-to-day visibility
Automation is what sets it apart from competitiors
Easy to navigate/integrate into BAU
It isn't just a security product but supports the ops teams with day-to-day visibility
Automation is what sets it apart from competitiors
What do you dislike about the product?
haven't found one yet. The platform integrates into our day to day with ease and supports our security operations. It is a silet agent with no impact to our environment.
What problems is the product solving and how is that benefiting you?
Ensuring we maintain security standards inline with ISO
Ensuring our IAC code isn't susceptible to vulnerabilities
Real-time anomalies detection and activity across our entire environment
Ensuring our IAC code isn't susceptible to vulnerabilities
Real-time anomalies detection and activity across our entire environment
Powerful, comprehensive visibility for your resources at AWS.
What do you like best about the product?
Sometimes we have resources created to solve a specific issue at AWS. Those resources are forgotten and pose a threat. No more forgotten vulnerabilities. It's all right there for you to see with recommendations on mitigation or best practices. Integration with Slack lets us see threats in near real time.
What do you dislike about the product?
Lacework collects so much data that it's sometimes hard to present in a way that is easy to understand or research possible implications. I'm not sure this is an easily solvable problem. I guess I'd rather have the data than not.
What problems is the product solving and how is that benefiting you?
We see resources that are out of compliance with best practices and are able to see preferred approaches to solving problems in AWS. Seeing the vulnerabilities on all of our hosts in one place is also a huge benefit.
Best tool to get detailed container vulnerability report
What do you like best about the product?
A detailed description of the vulnerabilities in criticality, introduced layer, and fixed versions. Helps to mitigate the security risks with ease based on the generated report
What do you dislike about the product?
Nothing much to dislike. UI could have been improved. Always it's hard to set the required filters among the results, and configuring the filter was too overwhelming.
What problems is the product solving and how is that benefiting you?
Lacework helps in mitigating security risks with the help of periodic scans and generating the scan report. This allows us to deliver images with free of potential CVEs
Great cloud monitoring
What do you like best about the product?
- accurate monitoring of our AWS cloud environment
What do you dislike about the product?
- many follow-up tasks that need to be taken care of
What problems is the product solving and how is that benefiting you?
For ISO27001 and other IT Security related certifications we need a proper monitoring
All in 1 product for security and vulnerability scan.
What do you like best about the product?
Detailed insight about each event/trigger and remediation to it
What do you dislike about the product?
It is over all a good product. There isn't anything to dislike
What problems is the product solving and how is that benefiting you?
Gives us a full insight into our AWS account, EC2 instances and dockers running on it.
Lacework is a great product
What do you like best about the product?
Lacework provide indepth asset invetory of cloud resource. You can protect only if you know what you have.
What do you dislike about the product?
K8s detection needs more improvement. I think lacework team is working on it to improve it
What problems is the product solving and how is that benefiting you?
cloud posture management, vulnerability management
Great cloud compliance tool
What do you like best about the product?
It has many different frameworks which you can assess your cloud environment against. Being able to flip off certain checks also enables the user to tailor it to their needs.
What do you dislike about the product?
The UI can be somewhat cumbersome to navigate. There tends to be a lot of clicks to get to where you need and the filtering is almost too complicated. But Once you learn the system it's not hard.
What problems is the product solving and how is that benefiting you?
Securing ECS Fargate containers with their deployable agent. This feature has allowed us visibility into what is going on inside the container, as you cannot get that information from AWS.
showing 201 - 210