Skip to main content

Windows Agent Overview

The Lacework Windows agent provides threat detection, file and Windows registry integrity monitoring, and host-based intrusion detection for your cloud or on-premises Windows Server OS-based workloads.

After you install the agent on a Windows host, the agent and the Lacework server (API endpoint) communicate with each other. The agent scans your host and streams select metadata to the Lacework server to build a baseline of normal behavior. From this, Lacework provides alerts for anomalous behavior.