Lacework

Version: Lacework.

Lacework is a cloud security platform that offers a range of features and capabilities to help organizations secure their cloud workloads across platforms like Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and multi-cloud and hybrid environments. It includes misconfiguration alerts and compliance monitoring along with corresponding details per application. Lacework delivers end-to-end visibility into what’s happening across your cloud environment, including detecting threats, vulnerabilities, misconfigurations, and unusual activity. Logs can be forwarded to Netsurion Open XDR using the Lacework API integration.

Netsurion Open XDR manages logs from Lacework. The alerts, reports, dashboards, and saved searches in Netsurion Open XDR are enhanced by capturing important and critical activities of Lacework cloud security.

The following are the key Data Source Integration available in Netsurion Open XDR.

Alerts

TypeNameDescription
SecurityLacework – Vulnerability detectedGenerated whenever the lacework detects the critical or high severity vulnerability.
SecurityLacework – Policy violation detectedGenerated whenever the lacework detects the critical or high severity policy violation.
SecurityLacework – Potential intrusion detectedGenerated whenever the lacework detects the critical or high severity potential intrusion.

Reports

TypeNameDescription
ComplianceLacework – Audit activitiesProvides details of all user management activities performed in the lacework console.
SecurityLacework – Alerts overviewProvides the details of all alerts generated by lacework and its related content.

Dashboards

TypeNameDescription
SecurityLacework – User management activities by usernameDisplays the data about user management activities.
SecurityLacework – Critical cloud activitiesDisplays all the cloud related critical activities.
SecurityLacework – Alert status by severityDisplays the count of all open status alerts.
SecurityLacework – Alert types by policyDisplays the data about various alert types by policies.

Saved Search

TypeNameDescription
ComplianceLacework – Audit activitiesProvides the details of all user management activities performed in Lacework console.
SecurityLacework – Alerts overviewProvides the details of all alerts generated by Lacework and its related content.

Documentation

The configuration details are consistent with Netsurion Open XDR 9.3 and later, and Lacework.

Download the Integration Guide for configuration instructions and more information.