Introducing Asset Discovery for AWS Environments
April 22, 2021
With the explosive growth of cloud activity, and the ephemeral nature of applications running in the cloud, it has become increasingly difficult to maintain visibility. Twitter is full of AWS users lamenting about the difficulties of identify cloud assets and tracking how they have changed over time. But if you don’t know what applications and assets are running in your cloud environment, how can you hope to protect them?
If you can’t see it, you can’t protect it
Lacework is pleased to announce Asset Discovery for AWS as part of our cloud security platform. With this recent addition to our platform, Lacework’s customers can quickly see all of the assets in their AWS environments and achieve full visibility into how they have changed over time. This enables them to:
- Discover all of the assets in your AWS environment, without needing to log into the AWS console
- Achieve visibility into the change history of your AWS assets, even if they no longer exist
- Understand how your AWS assets have changed, when they changed, and who changed them
- Recognize how configurations have changed so you can understand how and when they fell out of compliance
- Optimize and validate usage-based billing by understanding which assets (essential and non-essential) are being used, by whom, and when.
- Take a snapshot of assets at the interval that makes most sense for your organization (the standard default is every 24 hours, but can be as often as every 4 hours)
- Automatically store resource activity for up to 180 days
Helping customers understand inventory and track resource configuration changes over time
Lacework customers running on AWS automatically get access to the Asset Discovery capability as a key component of our cloud security platform. This allows them to effectively and efficiently secure AWS environments of all sizes.
Webflow is just one of the many Lacework customers leveraging the new Asset Discovery capability. If you need comprehensive visibility into your AWS environment, it’s time to look into Lacework!
Interested in learning more about how Lacework can help you discover all of your AWS assets? Watch the Asset Discovery demo video or visit our AWS security web page.
For more information about the other AWS-related capabilities that Lacework recently announced, visit the blog “Lacework Expands Security, Visibility, and Automation Across AWS Environments”.
Following is a transcript of the embedded video “Discovering your AWS Assets with Lacework”
Recently Lacework introduced the ability to store view and understand changes of the resources within your AWS cloud enviornment for all the way up to 180 days. As you can see, this isn’t limited to a single account, so there’s no logging into multiple accounts to try to draw out what your configuration is or what changes are happening within the accounts. This is all integrated into one place so you can quickly view and understand what’s happening.
As you can see here we’re still looking at a lot of resources. So if I want to trim this down and find something specific, I can easily build out filters that will help me hone in on exactly what I’m looking for.
Here we’ll see that I’ve got some security groups and network interface. We know that recently something stopped working, and we know that this security group was involved. All I have to do is click on this and, not only will I get the current configuration, but I will actually see it diff between what the previous and the current versions are.
It doesn’t matter what resources still exists, if they’ve been removed, or how many times they’ve been changed. Lacework stores all of the historical configurations for you so you can quickly get to the information that you’re looking for.
This is yet another way that Lacework is helping reduce the time needed to investigate and understand the rapid changes within your environment.