Lacework is a cloud security platform that offers a range of features and capabilities to help organizations secure their cloud workloads across platforms like Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and multi-cloud and hybrid environments. It includes misconfiguration alerts and compliance monitoring along with corresponding details per application. Lacework delivers end-to-end visibility into what’s happening across your cloud environment, including detecting threats, vulnerabilities, misconfigurations, and unusual activity. Logs can be forwarded to Netsurion Open XDR using the Lacework API integration.
Netsurion Open XDR manages logs from Lacework. The alerts, reports, dashboards, and saved searches in Netsurion Open XDR are enhanced by capturing important and critical activities of Lacework cloud security.
The following are the key Data Source Integrations available in Netsurion Open XDR.
|Security||Lacework – Vulnerability detected||Generated whenever the lacework detects the critical or high severity vulnerability.|
|Security||Lacework – Policy violation detected||Generated whenever the lacework detects the critical or high severity policy violation.|
|Security||Lacework – Potential intrusion detected||Generated whenever the lacework detects the critical or high severity potential intrusion.|
|Compliance||Lacework – Audit activities||Provides details of all user management activities performed in the lacework console.|
|Security||Lacework – Alerts overview||Provides the details of all alerts generated by lacework and its related content.|
|Security||Lacework – User management activities by username||Displays the data about user management activities.|
|Security||Lacework – Critical cloud activities||Displays all the cloud related critical activities.|
|Security||Lacework – Alert status by severity||Displays the count of all open status alerts.|
|Security||Lacework – Alert types by policy||Displays the data about various alert types by policies.|
|Compliance||Lacework – Audit activities||Provides the details of all user management activities performed in Lacework console.|
|Security||Lacework – Alerts overview||Provides the details of all alerts generated by Lacework and its related content.|
The configuration details are consistent with Netsurion Open XDR 9.3 and later, and Lacework.
Download the Integration Guide for configuration instructions and more information.