Enhanced threat intelligence feeds—Lacework announces enhanced threat intelligence feeds for critical threat categories (CnC, Malware, Command and Control Server for improving overall efficacy for security monitoring. Based on your environment and exposure factor, you may potentially see additional threat intelligence alerts. Please contact the Lacework customer success team for further details.
Configurable option for new Lacework policies—You can choose to automatically enable future Lacework default policies when they are introduced. You can also select which severities to enable. Existing policies are not affected. This option is available under General Settings.
AWS GovCloud ECR integration support—The Lacework Console container registry integration supports AWS GovCloud ECR. Navigate to Settings > Container Registry and create a new integration using the existing Amazon Container Registry (ECR) registry type.
Search capability added to container resource groups—When defining container resource groups, you can use multiple methods to add container tags and container labels. The tag and label fields now support search and add from dropdown menus. The fields also allow you to manually enter tags and labels.
Additional details for suspicious logins from multiple geographies events—These events’ dossiers now contain additional information about source IP address, country name, number of successful and failed logins, etc.