Parasoft announces the opening of its new office in Northeast Ohio.
Lacework Releases High-Fidelity, Composite Alerts for Polygraph Data Platform
February 27, 2023
Lacework announced the release of high-fidelity composite alerts on the Lacework Polygraph® Data Platform, to help customers detect compromised credentials, cloud ransomware, and cryptomining that would otherwise go unnoticed.
By combining human intelligence with the automatic correlation of disparate alerts, Lacework generates a single, evidence-based composite alert with full context and actionable data that makes it easy for SOC teams to quickly respond to specific cloud threats across data sources.
"I'm excited to see Lacework continuing to bring new features to market that will help give our security team better context to make decisions," said Alberto Silveira, Head of Engineering at LawnStarter. "We value Lacework as a partner because they're continually innovating the Polygraph Data Platform to bring us more value and help keep our business safe."
Enterprises are inundated with alerts, leading to slower response times and a lack of understanding about the nuances of potential risks or attack scopes. Security teams must spend countless hours manually correlating weak signals that appear insignificant when presented in isolation, but can indicate a dangerous, genuine threat when associated with other events. Lacework does this investigative work for customers. Composite alerts combine human intelligence from Lacework Labs about prevalent attack sequences and tactics with automatic correlation of numerous events, including low criticality data from disparate sources. In a single, opinionated composite alert, Lacework describes a suspected exploit so security teams can perform faster, more effective investigations and remediations —without excessive querying and significant expertise.
"Production environments can be very noisy and delivering actionable and highly precise alerts in quickly changing, complex environments is often a challenge," said Niels Provos, Head of Security Efficacy at Lacework. "With composite alerts, we combine many potentially noisy data points into highly actionable and opinionated alerts. We tell customers precisely about the specific security threat they face and provide all the evidence needed to underpin how we reached our verdict. This enables our customers to quickly and with confidence remediate the problem before it grows out of control."
The benefits for the enterprise are saved time and costs, as there's no need for SOC teams to manually link events and spend hours trying to determine what is happening. Customers also see improved security efficacy, as the technology automatically ties together seemingly disparate and often lower severity events that were previously not being investigated, recognizes important patterns, and adds context about the type of attack happening.
Industry News
May 02, 2024
Postman released v11, a significant update that speeds up development by reducing collaboration friction on APIs.
May 02, 2024
Sysdig announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks.
May 02, 2024
Nokod Security announced the general availability of the Nokod Security Platform.
May 02, 2024
Drata has acquired oak9, a cloud native security platform, and released a new capability in beta to seamlessly bring continuous compliance into the software development lifecycle.
May 01, 2024
Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
May 01, 2024
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
May 01, 2024
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
May 01, 2024
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
May 01, 2024
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
April 30, 2024
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
April 30, 2024
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
April 30, 2024
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
April 29, 2024
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
April 29, 2024
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.
