Lacework releases cloud-native application security service

Lacework releases cloud-native application security service

The cloud native application protection platform (CNAPP) capability for Lacework’s Polygraph Data Platform offers snapshot analysis of potential attack paths and insights into application workloads.

Credit: supplied

Cloud security vendor Lacework announced the availability of a cloud-native application protection platform (CNAPP) for its broader Polygraph Data Platform offering, providing an agentless, low-touch option for organizations looking to improve their application security posture.

There are two main components to the CNAPP release, according to Lacework, both of which require only that the user connect their cloud accounts with Lacework’s apparatus. 

The first is attack path analysis, which uses Lacework’s systems to analyze configurations, network topography and more to provide a visual representation of possible ways in which bad actors could compromise application workloads. 

The system searches for misconfigurations, open network access, identity management roles and known software vulnerabilities to create its diagnosis.

Lacework's CNAPP creates its own SBOM

The other main part of Lacework’s release is agentless workload scanning. This uses snapshot analysis of what’s going on in container images, hosts and libraries to create its own software bill of materials (SBOM) for a given environment. 

According to the company, this provides users with a deeper understanding of what’s going on in their cloud environment and highlights possible risks, and the agentless nature of the system means that there should be no performance impact on the user’s cloud applications.

It also makes the workload scanning system simpler to implement, according to ESG senior analyst Melinda Marks. 

While agentless scanning doesn’t allow for the kind of continuous, up-to-the-second monitoring provided by agent-based systems, the ease of use and smaller footprint are bigger considerations for many organizations.

“The ability to connect workloads without having to install agents enables broader coverage, which is important, thanks to the ephemeral nature of workloads,” she said. 

“It’s more efficient and more feasible than installing agents and being limited with monitoring only workloads with the agents installed.”

Agentless scanning, according to Marks, is arguably the bigger deal for enterprise customers, given the flexibility and ease of use. Currently, the market for this type of application security is a patchwork, with vendors making the case for their proprietary technology, whether that’s agentless or not.

“The goal is to collect the most information and telemetry while surfacing alerts on what needs attention to reduce security risk and protect the applications, and do so in a way that doesn’t impact application performance,” she said.

Both the workload scanning and attack path analysis features are available immediately to Lacework customers, the company said.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Product News


EDGE 2023

EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.


ARN has celebrated gender diversity and recognised female excellence across the Australian tech channel since first launching WIICTA in 2012, acknowledging the achievements of a talented group of female front runners who have become influential figures across the local industry.

ARN Innovation Awards 2023

Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.

Brand Post

Channel Roadmap

The Channel Roadmap is a bespoke content hub housing strategic priorities from technology vendors for 2022 and beyond, partners can find the guidance on the key technologies and markets to pursue, to help build a blueprint for future success.

Show Comments