VMblog: As a KubeCon 2018 sponsor, how can people find you at the show?
Lacework: We'll be at Booth: S/E38, a 6x6 kiosk space. And we'll be sending our Chief Product Officer and members of our sales team.
VMblog: Is there anything interesting or unique about your booth? Do you have a theme?
Lacework: Security Rocks (our shirts and stickers will all reflect this theme)
VMblog: If an attendee likes what they see and hear at your booth... what message about your product can you send them back with to sell their boss on your technology?
Lacework: The main concept we want them to understand is that we provide complete insight, analysis, and anomaly detection for workload and container security, and cloud account security.
VMblog: What are some of the reasons why you believe a KubeCon attendee should add you to their MUST SEE list?
Lacework: Attendees will have an opportunity to see how Lacework emphasizes Kubernetes security and insight into orchestration.
VMblog: Have you sponsored KubeCon before? What about this event grabbed your attention?
Lacework: Lacework is being used by many customers who specifically want help securing containers. This is our first time at Kubecon, but we really want to connect with practitioners and those who are responsible for security of their cloud environments.
VMblog: Can you give VMblog readers a sneak peek as to what you will be showing off at your booth? What should attendees expect to see and hear at your booth?
Lacework: We'll be demonstrating how to:
- Assess your AWS Configuration for security best practices (CIS Benchmark and more);
- Get interactive reports with recommendations on how to fix violations (Is MFA enabled for all users? Which S3 buckets are open?);
- Detect abnormal account activities with automated analysis of CloudTrail events;
- Test Lacework for Workload and Container Security; ensure compliance with our Host-based IDS.
VMblog: Thinking about your company, give readers a few reasons why your product or service is considered unique.
Lacework: Lacework did the hard stuff first; we've built an incredibly robust analysis engine into the product that identifies behavior that deviates from normalized activity. It gives a more accurate picture of the cloud activity, but it also provides better, more actionable alerts (and fewer alerts).
VMblog: How does your company and product fit within the container or cloud ecosystem?
Lacework: Lacework identifies container security, and an approach for it, that is embedded with these concepts:
- Workload-to-workload attacks:container orchestration tools like Kubernetes make use of flat networking space. This raises the risk of one compromised application attacking a neighbor.
- Overloaded containers:containers deployed with a lot more than what's needed unnecessarily increasing risks.
- APIs:containers that access data through APIs that have no authentication requirements.
- Hosts that are not secured :securing containers is more complex than VMs as the host is shared.
VMblog: What are you looking forward to most at this year's event?
Lacework: Connecting with practitioners, getting to know the issues that are top of mind, and learning about trends in container management and security.
VMblog: What do you hope to come away with from exhibiting at KubeCon? What does event success look like to you?
Lacework: We'd really like to spend time with container practitioners and learn about their challenges with container security. Ultimately, we'd like to learn from attendees and get feedback on how Lacework can help their cloud security posture.
VMblog: Attendees always enjoy a good trade show tchotchke. Are you guys giving away anything special or interesting this year?
Lacework: Yes! We will be distributing awesome shirts and stickers with the "Security Rocks" theme.