Lacework is a cloud security platform that brings automation, speed, and scale to cloud security, enabling software businesses to innovate safely. Designed from the ground up for born-in-the-cloud applications, Lacework self adapts to each customer’s cloud architecture and ever-changing configurations, services, and workloads. Lacework automates the toil associated with understanding software built on AWS, GCP, and Azure, empowering teams to continuously keep cloud environments secure and compliant without sacrificing agility.
In this edition of TFiR Insights, Lacework CEO Dan Hubbard sheds light on some of the trends regarding modern cloud security. Even though the biggest challenge for most cloud-native companies is how to move fast, stay compliant, and fend off breach, security is becoming a function of the go-to-market strategy. He explains, “Customers are starting to ask, ‘If we’re going to put our data in your service, how secure is it?”
Aside from the usual software bugs and misconfigurations, he enumerates the other factors that affect security, including visibility into the infrastructure. There is also increasing adoption of the principle of least privileges to minimize the threat and the attack surface. He believes the shared responsibility model is important not just between the cloud provider and the company, but also within the company. “Making sure you have that right operating model for the size of your company and getting security specialists or, at least, overlays in the engineering teams is really important.”