In the cloud, organizations can innovate faster than ever before.

For businesses seeking the shortest time to market, security is still too slow. DevOps already benefits from automated tools to release new code to production. It is time for cloud security teams to embrace automation and adopt new approaches explicitly designed for the cloud.

The Lacework Cloud Security Platform addresses the unique demands of the cloud: speed, scale and automation. Polygraph, our platform’s technology backbone, combines active cloud resource monitoring, advanced analytics and smart visualization. Security teams can minimize security risks, detect threats and close compliance gaps without slowing down the pace of innovation.

Why Polygraph?

Polygraph tackles the scale and velocity of the cloud with innovative technology that:
  • Ingest large volumes of data representing every activity of every cloud component at every layer, all the time: applications, processes, workloads, VMs or containers, machines, networks, users, files and more
  • Visualize your cloud and compare it to a behavioral baseline using Lacework’s powerful dashboard and smart graphical tools
  • Detect anomalies and all related events: every cyberattack or insider threat betrays itself with a trail of anomalous behaviors. Polygraph automatically detects and correlates these
  • Isolate attacks in progress with powerful global search that exposes attackers wherever they are
Polygraph succeeds because it leverages far more data than conventional security and automatically finds anomalies in data sets that are far too large and complex for human analysis. Polygraph leaves no place for cybercriminals to hide.

Cloud Operating Model

Cloud Operating Model
Cloud computing forces IT to rethink how it operates and secures resources.

There’s a new demarcation of responsibility: cloud providers deliver the infrastructure layer – network, storage and servers – while customers are responsible for access rights, workloads and data. Each party must secure the items under their control.

The Lacework platform bridges this new division of responsibility. Our solution automatically integrates with the cloud provider’s security layer while simultaneously securing customer accounts, workloads and data with speed and scale.

Threat Insights

Threat insights
In cloud environments, the attack surface and threat vectors are different than traditional data centers.

However, every cyberattack or insider threat still betrays itself with a trail of anomalies.

With unprecedented visibility into all activities of all cloud components at all layers, Lacework leaves no place for threats to hide. We automatically detect the first anomaly and deliver actionable insights to remediate incidents. Our powerful search capability gives investigators a global view of everything – across your entire cloud – related to each specific attack.

Security Automation

Security Automation
In the cloud, fast-paced DevOps processes are setting the pace.

There is no room for repetitive, labor-intensive security processes. Lacework enables security to keep up by automating many tasks, including:

  • Discovery of cloud workloads and resources that need protection
  • Continuous compliance with on-going assessment of your configuration for security best practices and customizable reporting and alerts
  • Analysis of billions of events; detection and scoring of anomalies; global search to easily find related events across your cloud
  • Correlation of suspicious activities with third-party threat intelligence databases

The Lacework approach also eliminates time-consuming activities – manual maintenance of rules or manual correlation of logs across systems.


Lacework is specifically designed to work with cloud providers’ security services.

On AWS, for example, we integrate with native services like AWS CloudTrail and AWS Config. We analyze the large volume of AWS logged events and automatically uncover anomalies that would take hours for a human analyst to discover. Lacework turns raw data into qualified and actionable insights.

As a SaaS service, the Lacework Cloud Security Platform deploys in minutes, immediately delivering demonstrable value. There’s no need for hardware, right-sizing, or configuration. You simply deploy it and it starts discovering and compiling insights for you!

How it Works

How it Works
Lacework processes and organizes the billions of events that happen every hour in your cloud.

Polygraph detects deviations from your cloud’s normal behavior and automatically assesses the severity of each anomaly. Starting with the alert messages on our dashboard, you can follow the trail of anomalies across the cloud layers using our graphical mapping and global search of your environment.