Google Cloud improves security, adds CNAPP integration with Lacework 

Securing the cloud isn’t easy. Enterprises working in hybrid and multicloud environments have so many disparate systems and apps operating at once that it can be difficult to ensure there aren’t any vulnerabilities for cybercriminals to exploit. Let alone detecting active exploitation of these entry points.

This is a challenge that cloud-native application protection platforms (CNAPP) seek to address by monitoring and detecting cloud-based threats. 

One of the main CNAPP providers, Lacework, today announced an integration with Google Cloud Chronicle Security Operations, which will introduce CNAPP capabilities to Chronicle deployments. 

The solution will provide users with multicloud runtime alerts powered by anomaly detection via the Laceworks Polygraph Data Platform, so they can detect and respond to cloud breaches faster with the help of high quality alerts. 

Simplifying multicloud security 

The announcement comes as more and more security teams are struggling to manage the volume of alerts generated in multicloud environments. In fact, research shows that 70% of SOC analysts report being emotionally impacted by their work managing IT alerts. 

As cloud-driven enterprise environments generate ever more data, security teams need a more efficient way to identify breaches at scale. 

“Enterprises transforming their security strategies for the cloud require technologies that easily deliver comprehensive visibility across their multicloud environments,” said Sunil Potti, VP/GM of security at Google Cloud. 

The reality is that enterprises need more context to respond to cloud-based threats effectively. 

“Cloud threats are only becoming more sophisticated over time, so it’s critical for security teams to have the right context to make the right decisions to remediate issues quickly,” said Jay Parikh, co-CEO of Lacework. 

“Through our continued partnership with Google Cloud, we’re making it easier for joint customers to take advantage of the richness of Lacework data so they can get a better understanding of what’s happening across their multicloud environments and continue to innovate with confidence,” Parikh said. 

A look at the CNAPP market 

One of Lacework’s main competitors in the CNAPP space is cloud security provider Wiz. Wiz’s solution connects to services like AWS, Azure, GCP, Openshift and Kubernetes via API to provide a unified view of misconfigurations, secrets, vulnerabilities and identities across the entire cloud attack surface. Last year, Wiz announced raising $250 million in funding and achieved a $6 billion valuation. 

Another competitor is CrowdStrike, which introduced CNAPP capabilities to the Falcon platform earlier this year. Through the Falcon platform, organizations can monitor cloud security issues and conduct threat-hunting activities to identify and address runtime threats and misconfigurations, and conduct automated remediation actions. 

CrowdStrike most recently announced raising $431 million in revenue in fourth quarter fiscal 2022. 

The new partnership between Lacework and Google Cloud Chronicle Security Operations has the potential to differentiate the vendor from other vendors through combining its cloud detection and response capabilities with Google’s growing SOAR and SIEM product family.