Lacework FAQ
Product Capabilities
Does Lacework work in all datacenter and cloud environments?
The Lacework agent works in all public clouds (AWS, Azure, Google), private datacenters and hybrid environments.
Does Lacework perform enforcement?
Lacework is a breach detection and investigation tool. It provides information on when and how a breach happened, including the users, machines and applications involved in the breach.
How is Lacework Polygraph different from micro-segmentation?
Micro-segmentation is a firewall technology where every machine must be tagged and multiple policies must be created to allow or block communication. Lacework Polygraph is a zero-touch breach detection system that automatically tags workloads. It works at the application/container level and is more precise than micro-segmentation, which looks at only network connectivity. Lacework Polygraph monitors application behaviors and alerts if any anomaly is detected. It does not require manually creating rules or policies.
Can I use Lacework for micro-segmentation?
Lacework's machine communication polygraph provides workload-level communication patterns, which can be used to construct micro-segmentation policies.
How long is data stored by Lacework?
Lacework stores data for 90 days by default. If you need to store data for longer, contact us at info@lacework.net.
Does Lacework Polygraph support Containers?
Lacework Polygraph accesses information from Docker environments to facilitate breach detection and incident investigation. Lacework is fully container-aware and is available as a Docker container.
Are CVSS scores available for Amazon Linux?
Amazon Linux AMI security advisories combine CVEs. This results in no CVSS score or multiple CVSS scores from the Amazon Linux Security Center. Lacework shows N/A when a CVSS score is not available.
Where and how can I check the service status of Lacework?
Lacework provides real-time updates of performance and overall system status. You can retrieve this information from https://status.lacework.net/. You can also subscribe to updates from the status web page, which sends notifications and updates to all registered email subscribers.
Having issues getting emails from Lacework or using the links from the Lacework login email?
If your organization uses Microsoft Office 365 Exchange Email server, Lacework recommends adding the Lacework sending domain (lacework.net) to your Office 365 Exchange Email allowlist. For more information, see Lacework Console Login Issues.
Data Security
Is the data encrypted when in transit?
The Lacework agent encrypts all data when in transit to our SAAS service.
Does Lacework Polygraph collect any PII or sensitive data?
Lacework collects only metadata. Lacework does not collect packet payloads or PII data.
How is the data stored at the Lacework site?
All data stored by the Lacework Polygraph SAAS is encrypted at rest.
Is customer data shared with other customers?**
Each customer’s data is stored in a separate database, and no data sharing occurs. Lacework has a multi-tenant architecture where processing is done by a common application.
How are usernames and password kept safe?
Lacework does not store customer usernames or passwords in our system. The only way to log in to the Lacework is by using Google OAuth or receiving a magic link via email.