• October 20, 2023
  • Gil Azaria

Release Spotlight: Lacework Connector

Navigating a city without a map or GPS can lead to unexpected dead-ends or hazardous zones. Similarly, managing your cloud infrastructure without clear insights or guidance can expose hidden vulnerabilities, much like the unseen obstacles in uncharted city alleys. Just as an updated city map or GPS assists tourists in sidestepping unpleasant surprises, cloud infrastructures necessitate precise tools to ward off potential pitfalls.  

This month, the Nucleus Security team reached another milestone with our newest integration addition, Lacework. This integration allows Nucleus Security to seamlessly ingest vulnerability data from Lacework’s renowned cloud-native application protection platform (CNAPP). By combining forces with Lacework, Nucleus Security makes staying current on your cloud infrastructure’s vulnerabilities more straightforward and accessible, like using a well-drawn map or GPS in a bustling city! 

Broadening the Horizon 

Effective vulnerability management is paramount in today’s intricate technological landscape. Integrating Lacework into the Nucleus platform underscores our commitment to addressing this challenge head-on. With this new integration, customers readily access insights on vulnerabilities identified by Lacework on virtual machines across AWS, Azure, and GCP. In addition, they gain visibility into container images scanned by Lacework.  

Lacework connector in connector setup menu in Nucleus console Lacework connector in connector setup menu in Nucleus console

The true strength of the Nucleus platform lies in its integrative approach. Beyond the Lacework data, Nucleus presents a unified dashboard where users can amalgamate insights from various vulnerability source tools ingested from any of our other native connectors or the FlexConnect framework, including those dedicated to code scanning. This consolidated perspective ensures that organizations comprehensively understand vulnerabilities that span their entire technological landscape. 

Put it to use 

The Lacework connector is currently in beta release, signifying that we’re still fine-tuning its features for optimal performance. If you want to explore its capabilities within your Nucleus organization, please contact support or your dedicated account representative. Once enabled for your organization, ingesting Lacework vulnerabilities is straightforward. Navigate to the ‘Import via Connector’ page, select the Lacework connector from the list, and schedule a job. You can choose ‘All Hosts,’ ‘All Container Images,’ or both, depending on your specific needs. 

What’s next 

Looking ahead, we’re excited about the evolution of the Lacework connector within the Nucleus platform. We plan to transition the connector from its beta phase to a general availability in the coming months. And that’s not all – our next development phase is already in motion. We’re incorporating cloud configuration compliance findings for various cloud resources. This enhancement aims to better understand security configurations and their adherence to best practices. We recognize the growing importance of container workloads, especially those managed by platforms like Kubernetes. Thus, tracking vulnerabilities specific to these containerized environments is also on our agenda.  

Stay tuned for these advancements as we make Nucleus even more comprehensive and adaptable to your security needs.