The platform is extending support on its CSPM, APA and vulnerability management offerings. Credit: G-Stock Studio / Shutterstock Cloud security services provider Lacework has added a suite of new capabilities and support for its multicloud offerings to help customers secure cloud workloads and improve operational efficiency. The new enhancements on the platform include extended support on various enterprise-grade offerings including cloud security posture management (CSPM), attack path analysis (APA), and risk management ticketing system. “These optimizations and integrations are useful to drive efficiency and better collaboration across teams,” said Melinda Marks, senior analyst at ESG. “Gaining full visibility, ensuring you have coverage with comprehensive monitoring to catch issues, and then streamlining operations is difficult due to the complexity of cloud-native environments and the relationships between assets and resources, so it is important to continue these incremental enhancements.” Lacework adds support for OCI The platform has expanded its cloud security posture management offering to include support for Oracle Cloud Infrastructure (OCI), promising teams’ visibility into their OCI resources and their associated risks. Lacework’s CSPM currently supports Amazon Web Services, Google Cloud, and Azure, and the inclusion of OCI is expected to further centralize enterprise security control. “My research study on CSPM earlier this year showed that supporting multiple public cloud services is a top challenge and need, as 40% of organizations use 4 or more CSPs,” Marks said. “Also, Oracle is increasing its initiatives with OCI security and developer platform, so it is helpful to provide flexibility supporting customers cloud adoption.” Additionally, Lacework has expanded its “attack path analysis” feature to support Google Cloud and Microsoft Azure. The feature offers an attacker’s view to identify how a threat can be exploited to breach a cloud environment. “Lacework and other cloud security platforms pull data and alerts from multiple sources, but having the context from attack path analysis helps security teams prioritize needed action items to prevent incidents or respond quickly to a threat or incident,” Marks added. Boosting risk management with Jira and ServiceNow integrations Lacework has onboarded capabilities to help improve the vulnerability risk management process by streamlining response efforts between teams. To this end, the company is integrating its cloud security platform with Jira and ServiceNow ticketing systems, enabling security teams to manage incidents and response on their familiar channels. “Lacework’s integration with ServiceNow Vulnerability Response offerings for infrastructure and container applications is currently available in the ServiceNow marketplace,” Lacework said in a press statement. “Lacework’s integration to Security in Jira is in private preview.” In addition to the new capabilities, Lacework has also upgraded its existing workload scanning engine to allow checking customer workloads every five minutes for new instances. Lacework’s ticketing system integrations follow within its efforts to allow teams to operate with the platform via their known environments. They are an addition to Lacework’s existing development and CI integrations. “We have a number of integrations into several different tech stacks such as developer tools (e.g. GitHub, GitLab, Bitbucket, and other code repos), CI tools (e.g. Jenkins, GitHub Actions, GitLab Pipelines, etc.) so they can fix things in the pipeline, and of course deep integration with major cloud providers ecosystems like AWS, Google Cloud, and Azure,” said Tim Chase, field chief information security officer at Lacework. Related content news AT&T suffers critical breach impacting 73 million customers Data released on the dark web impacts 7.6 million existing account holders and 65.4 million past subscribers. By Shweta Sharma 01 Apr 2024 4 mins Data Breach feature Recruit for diversity: Practical ways to remove bias from the hiring process Changing the wording on job descriptions and introducing a diverse hiring panel are some of the ways to remove bias when hiring cybersecurity professionals. By Aimee Chanthadavong 01 Apr 2024 8 mins Careers feature The CSO guide to top security conferences Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you. By CSO Staff 01 Apr 2024 17 mins Technology Industry IT Skills Events news Top cybersecurity product news of the week New product and service announcements from Bedrock Security, GitGuardian, Legit Security, Nametag, and Cybereason and Observe By CSO staff 29 Mar 2024 70 mins Generative AI Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe