Lacework®, the data-driven cloud security company, announced new capabilities that enable organizations to uncover more critical threats to their infrastructure and empower teams to collaborate more efficiently in alert investigation and response. Lacework has added fully automated time series modeling to the existing anomaly detection capabilities of the Polygraph® Data Platform.
Using automated learning and behavioral analytics, the time series model builds a baseline of the volume and frequency of activity within a customer’s environment and actively monitors for spikes that deviate from that unique baseline to detect potential threats such as cryptominer attacks and compromised accounts with accuracy. Organizations can also proactively discover increased cloud usage due to misconfigurations — gaining a better understanding of their environment to help control costs. Lacework does this without the need for constant tuning of thresholds, significantly reducing both manual work and false positive alerts. Lacework has also upgraded its alerting experience with features that empower teams to collaborate more efficiently in alert investigation and response.
Also Read: Zyte to Host Fourth Annual Web Data Extraction Summit
The enormous amount of activity in the cloud and adoption of new technology makes it difficult to gain visibility into risks, investigate alerts efficiently, and take action, especially when teams are siloed into different workstreams and tools. Signature and rules-based approaches can’t keep pace with this dynamic environment and often overwhelm security teams with thousands of contextless alerts across a range of environments.
Polygraph, the Lacework cloud behavioral analytics engine, uses dozens of models to build a baseline of normal behaviors in the cloud. The time series model introduces a new dimension of analysis by tracking changes in activity frequency and volume over time in a cloud environment. It works with the existing models to uncover more anomalies with fewer alerts.
Lacework also automatically adjusts the severity of alerts based on continuous learning and a fine-grained understanding of how much the observed behaviors deviate from the predicted baseline for improved accuracy. According to Cybersecurity Ventures, the number of unfilled cybersecurity jobs worldwide grew by 350% between 2013 and 2021 with no sign of relief in the next five years. By consolidating alerts into only those that matter and providing security teams with more context about what is happening across their environment, Lacework allows these overburdened teams to uncover more risks and deal with them more efficiently.