This topic provides links to configure the different portions of Lacework. For an overview of Lacework, see Lacework Overview.
Configure Lacework for Compliance Reporting
Compliance identifies any configuration best practice violations that exist in your environment and notifies you through your chosen method. To start sending data about your environment to Lacework for compliance reporting analysis, complete one or more of the following cloud integration configuration procedures using the Lacework Console. For a link to your Lacework Console, see the link provided in the Lacework Trial email.
- Integrating and using Lacework for AWS
- Integrating and using Lacework for Google Cloud Platform
- Integrating and using Lacework for Microsoft Azure
WARNING: As part of the initial Lacework deployment, if you configure Lacework Cloud Account Integrations, you may see a surge of alerts while Lacework is in the initial learning-mode. This is due to changes in the environment and is the expected behavior.
Configure Lacework for Workload Security
The workload portion of Lacework provides process-aware threat and intrusion detection for your cloud environment and notifies you through your chosen method of any events. After you install the Lacework agent on hosts, Lacework scans those hosts and streams select metadata to the Lacework data warehouse to build a baseline of normal behavior, which is updated hourly.
To start sending data to Lacework for workload security analysis, install the Lacework agent on your hosts. For more information, see Install the Lacework agent and use the Lacework polygraph.
WARNING: As part of the initial Lacework deployment, if you install the Lacework agents on hosts for Workload Security, you may see a surge of alerts while Lacework is in the initial learning-mode. This is due to changes in the environment and is the expected behavior.
Configure Lacework for Container Security
Lacework provides the ability to scan, identify, and report vulnerabilities found in the operating system managed software packages in a container image before the container image is deployed. This means you can identify and take action on software vulnerabilities in your container images and manage that risk proactively.
To scan, identify, and report vulnerabilities found in the operating system managed software packages in a container image, you must create a Container Registry Integration. For more information, see Container Vulnerability Assessments.
Configure the Forwarding of Events
Lacework can be optionally configured to forward Lacework events to third-party tools such as Splunk, Slack, ServiceNow and more. For more information, see Alert Routing.
Read the FAQs
For more information, see Lacework - FAQs.