Lacework Maintains Triple Year-over-Year Revenue Hypergrowth by Migrating to Amazon EKS

Cloud security company Lacework has been quickly growing globally since its 2015 inception. The company maintained triple year-over-year revenue growth after launching publicly. The Lacework team knew that continuing its hypergrowth phase would require a technological infrastructure that could handle hundreds of new customers, so the company turned to Amazon Web Services (AWS). By abstracting Kubernetes control plane management to Amazon Elastic Kubernetes Service (Amazon EKS)—which starts, runs, and scales Kubernetes applications in the cloud or on premises—Lacework’s engineers can now focus on higher-value work.

With more companies shifting operations to the cloud, Lacework emerged in 2017 offering solutions to new security problems, such as basic visibility of cloud activity for auditing or compliance reporting. “We’re able to build a temporal-visual map of all cloud and workload activity, processed against configuration, vulnerability, and threat information for up to 180 days,” says Michael Musselman, senior director of technology and strategic alliances at Lacework. “It’s really the magic of our unsupervised machine learning to detect not only what users and machines are doing in the cloud but also what’s changing.” Lacework’s solution uses that combination of visibility and anomaly detection to deliver contextual notifications of potential security threats and focus on what matters rather than typical alert noise.

Lacework’s operations need to be able to quickly and reliably ingest and process a massive amount of information while delivering only the most relevant alerts. The company has used AWS services to produce these results since its formation, and its cloud security environment is built entirely on AWS. Using Amazon Kinesis Data Streams (Amazon KDS), a scalable and durable near-real-time data streaming service that can continuously capture gigabytes of data per second from hundreds of thousands of sources, Lacework’s data ingestion rates peak at 4 GB per second, and the company stores around 8.2 PB of data just in hot data storage on AWS.

Polygraph, the patented machine learning engine fueling Lacework’s solution, detects meaningful new behaviors and activities that are occurring in a customer’s personalized AWS environment and creates behavioral maps to illustrate what happened and where to focus.

When Lacework began looking for a service to manage its Kubernetes control plane, Amazon EKS was a natural choice. “AWS offers a breadth of services that are very well integrated with each other,” says Yousef Alam, lead engineer for production engineering at Lacework. “Amazon EKS works very well alongside all the other AWS services.”

Lacework’s operations team decided to migrate its Kubernetes control plane to Amazon EKS in May 2020 to save engineers time. “When we started looking at Amazon EKS, Lacework was at the very beginnings of its hypergrowth phase as a startup,” says Alam. “That’s the point when engineering and operations teams start to think, ‘What can we do better than anyone else?’ and try to focus on that.”

As a result of the migration to Amazon EKS, Lacework’s engineers can now prioritize innovation. “Before, we were spending too much time just maintaining the Kubernetes cluster,” says Kai Paro, Lacework’s DevSecOps team lead. “By using Amazon EKS, we can focus on other higher-value work and evolve our architecture.” Making use of AWS Support has also decreased the frequency of internal inquiries. “The availability of AWS Support has generally reduced the queries that come to us as an operations team,” says Alam. “It can help us filter out some of the Kubernetes-specific questions we get from engineers who are less familiar with Kubernetes.”

Beyond improving staff productivity, Lacework’s use of Amazon EKS has also increased scalability and functional efficiency. This improvement of performance is transferred directly to users of Lacework’s product. “The quarter after our move to Amazon EKS, we saw a 68 percent decrease in alerts related to production workloads,” says Alam. This decrease in alerts is related to the automatic healing capabilities of Kubernetes augmented by the Amazon EKS control plane. Through the implementation of Amazon EKS, Lacework’s control plane can recognize and correct for minor operational errors in and between Kubernetes clusters that otherwise would need to be filtered out manually.

When it adopted Amazon EKS, Lacework also began to use Amazon Elastic Compute Cloud (Amazon EC2) Spot Instances, which let companies take advantage of unused Amazon EC2 capacity on AWS. By using Spot Instances for 53 percent of its computing workload—particularly in its development environment, where workloads are fault tolerant—Lacework is saving 66 percent on computing costs.

The efficiency and scalability of AWS has facilitated Lacework’s continued global expansion. Lacework has gone from $0 to more than $15 million in marketplace transactions and has seen nine straight quarters of sequential revenue growth. The company has also seen growth in its customer base by more than a factor of five in 2021 alone, with more than half involving a competitive replacement. These customers range in size from large enterprises to cloud native startups and everything in between.

By using AWS and Amazon EKS, Lacework was able to launch an entire European region just 3 months after its first hire in Europe. “If we had built our own control plane or tried to manage all of Kubernetes ourselves, there’s no way we could have done that,” says Alam. As it continues to grow, Lacework has expanded into the Asia-Pacific marketplace and is hiring teams for new data centers in Australia. Lacework will continue to rely on AWS to expand into that region. “We know AWS can handle this,” says Alam. “It’s only natural that we keep relying on it.”