Google Cloud Adds CNAPP Integration with Lacework to Improve Security

Highlights –

• With the support of high-quality alerts, the solution will offer users multicloud runtime alerts driven by anomaly detection via the Laceworks Polygraph Data Platform, enabling them to identify and address cloud breaches more quickly.
• By fusing its cloud detection and response capabilities with Google’s expanding SOAR and SIEM product family, Lacework and Google Cloud Chronicle Security Operations may be able to set themselves apart from competing companies.

Cloud security is a difficult task. There are so many different systems and apps running simultaneously in hybrid and multi-cloud setups that it can be challenging to verify there are no vulnerabilities that fraudsters could take advantage of. Detecting the actual entry points would be even more difficult.

Cloud-Native Application Protection Platforms (CNAPP) aim to solve this problem by monitoring and spotting cloud-based threats.

Today, one of the significant CNAPP vendors, Lacework, announced integration with Google Cloud Chronicle Security Operations that will bring CNAPP capabilities to Chronicle deployments.

The solution will offer users multicloud runtime alerts driven by anomaly detection via the Laceworks Polygraph Data Platform, enabling them to identify and address cloud breaches more quickly with the support of high-quality alerts.

Multicloud Security Simplified

The announcement comes as security teams find it increasingly difficult to control the volume of alerts produced in multi-cloud environments. In fact, studies reveal that 70% of SOC analysts say their work managing IT alerts emotionally impacts them.

As cloud-driven organizational environments generate ever-increasing amounts of data, security teams require a more effective method to detect breaches at scale.

According to Sunil Potti, VP/GM of security at Google Cloud, “Enterprises transforming their security strategies for the cloud require technologies that easily deliver comprehensive visibility across their multi-cloud environments.”

In reality, enterprises require a greater context to respond to cloud-based threats appropriately.

According to Jay Parikh, co-CEO of Lacework, “Cloud threats are only becoming more sophisticated over time, so security teams must have the right context to make the right decisions to remediate issues quickly.”

“Through our continued partnership with Google Cloud, we’re making it easier for joint customers to take advantage of the richness of Lacework data so they can get a better understanding of what’s happening across their multi-cloud environments and continue to innovate with confidence,” according to Parikh.

Observations on the CNAPP market

Cloud security provider Wiz is one of Lacework’s primary competitors in the CNAPP market. Wiz’s solution connects to services such as AWS, Azure, GCP, Openshift and Kubernetes via API  to offer a comprehensive view of configuration errors, secrets, vulnerabilities, and identities across the whole attack surface. Wiz revealed receiving USD 250 million in investment and reaching a six billion dollars valuation last year.

Another rival is CrowdStrike, which added CNAPP capabilities to the Falcon platform earlier this year. Organizations can use the Falcon platform to monitor cloud security issues, engage in threat-hunting operations to find and fix runtime vulnerabilities and threats, and carry out automated remedial measures.

The most recent revenue announcement from CrowdStrike for the fourth quarter of fiscal 2022 was USD 431 million.

By fusing its cloud detection and response capabilities with Google’s expanding SOAR and SIEM product family, Lacework and Google Cloud Chronicle Security Operations may be able to set themselves apart from competing companies.