Lacework: Meet the Creators of Industry’s First Zero-Touch Cloud Workload Security Platform

“Our solutions provide security for dynamic datacenter, cloud and container workloads without requiring any policies, rules or manual tagging.”

A creation of specialists in security, data analytics, and artificial intelligence area, Lacework was founded in 2015 and since then the company is mapping a new and innovative course for cloud security. After nearly two years of devoted development and testing, Lacework left stealth on April 24, 2017 and launched Polygraph, the industry’s first zero-touch, cloud workload security platform that provides breach detection, insider threat management, workload insights, and investigation analysis.  The company is a venture-funded startup in Mountain View, CA, and is strongly stimulated by the power and velocity of the cloud.

Initially Lacework faced the challenge of standing out in today’s crowded field of security players, but today the company has found a way to deal with it more powerfully with Polygraph. Polygraph is simple to obtain and equally simple to set-up and use, customers can experience the power of Polygraph with a low initial time investment. And finally, Lacework’s technology has applications beyond security. Many of their early customers use Polygraph to give their DevOps teams the insights they need to support continuous application delivery.

Information security is an unbelievably complex and diverse domain. And in this vast domain, Lacework Polygraph protects cloud-based operations that deliver information services to external and internal users, organizations, or machines. By “information services,” they mean the web sites, application programming interfaces, backends for mobile apps, Internet of Things platforms, or other services delivered using the network. These cloud operations can be privately owned, hosted on a service offered to the public (e.g. Amazon Web Services or Microsoft Azure), or a combination of public/private clouds (known as a “hybrid” cloud).

At Lacework, they not only find, but also notify, track, and analyze any unwanted, unauthorized, or unusual activity in the cloud operation. These threats typically come from rogue insiders or external cybercriminals who aim to disrupt operations, upload confidential information, or steal digital assets.

While, their other security approaches includes SIEM, intrusion detection, or other security defenses - target specific security vulnerabilities with purpose-built tools designed to stop attacks based on predefined rules, policies, and assumptions about how an attack will progress. Polygraph’s protection isn’t limited to specific vulnerabilities or attack vectors. Instead, Polygraph’s Deep Temporal Baseline allows them to sense attacks by looking for abnormal cloud activity of any kind.

The company strongly believes that their solution is perfect for high velocity distribution for mid-to-large Enterprise with 100+ VMs in Public Cloud. Also, it can ideally fit for industries like Healthcare & Media. Over the years, the company has gained trust of big industry players such as HP Enterprise, Verizon, Snowflake, Wavefront (VMware).

Offering Uniqueness through ‘Polygraph’

Lacework’s flagship offering ‘Polygraph’ has been built to considerably condense the breach detection cycle, reduce false positives, provide high precision alerts, and simplify investigation analysis. Lacework’s solution provides security for dynamic datacenter, cloud and container workloads without requiring any policies, rules or manual tagging.

Polygraph uses Lacework’s Deep Temporal Baseline to incessantly compare a comprehensive set of data center entities and activities to a known-good state, this allows it to instantaneously recognize deviations from the baseline to significantly compress the breach detection cycle, reduce false positives, simplify the investigative process, and provide high-precision alerts.

Delivering better results, faster, than the competition, with Polygraph customers can buy and install it easily, without ever talking to a salesperson or creating a multi-month rollout plan and once installed, Lacework produces actionable information in a matter of hours. Lacework automatically adapts to the changes and updates that characterize modern cloud solutions - without the drag of policy and rule maintenance and breaches are detected immediately, without the need to chase endless false positives.

Happy Customers Speak

“Lacework offers us speed and the ability to focus on what we do. I’d definitely recommend it to other IT professionals or product companies that are building a cloud-based application.” - Stan Leong, R&D leader at Hewlett Packard Enterprise, Mergers, Acquisitions and Divestitures Practice.

“It’s nothing short of revolutionary. It’s making a change in how security teams are thinking about their environment and what they’re doing on a daily basis.” - Mario Duarte, Director Security Snowflake Computing.

“Lacework allows you to tell the story of a breach and document it fully, quickly. That’s a quantum leap in my book.” - Ian O’Brien, IT Security Lead, Large Networking Firm.

Meet the Dynamic Trio

Jack Kudale, CEO- A passionate global enterprise software leader, entrepreneur and mentor, Jack carries unique experience in startup ecosystems, global market strategy, field sales execution, and product management. Jack currently holds the title of President and CEO at Lacework Inc., where he has lead the company out of stealth and into the security market to offer the industry’s first zero-touch breach detection and investigation platform.

Prior to this, Jack spent more than 16 years at CA Technologies, successively Senior VP in Service Assurance, Global Cloud Service Providers and Global DevOps Sales. He has also led WW field operations at SnapLogic, Gartner iPaaS magic quadrant leader, doubling new logos, bookings and revenue each year over 2 years. Over his 24-year career in enterprise software, Kudale has built a successful track record in hyper-growth strategies, global sales execution and entry into new verticals and markets.

Sanjay Kalra, Founder & Chief Product Officer- At Lacework, Sanjay sets the agenda for Lacework’s product and go-to-market strategies, drawing on more than 20 years of success and innovation in the cloud, networking, analytics, and security industries. Before joining Lacework, Sanjay worked for Guavus, a leading provider of big data analytics solutions, as the VP and GM of the Application Services Group. There he guided the company to market leadership, customer satisfaction, and a successful exit. Before Guavus, Sanjay served as Senior Director of Security Product Management for Juniper Networks, where he spearheaded the company’s continued innovation in the firewall, unified threat management, intrusion detection, and security information/event management markets. Sanjay has also held senior positions at Cisco Systems and ACC. He holds 12 invention patents in the fields of networking and security. He earned a B.S. from NIT Warangal, an MSEE from USC, and an MBA from Santa Clara University.

Vikram Kapoor, Founder & Chief Technology Officer- An entrepreneur at heart, prior to founding Lacework, Vikram was Senior Director of Engineering at Bromium where he was responsible for managing the engineering team as well as creating and driving strategies in alignment with Bromium’s vision and business goals. Prior to joining Bromium, he managed the Database Storage Engine group within Oracle RDBMS. He was lead architect for several key Exadata technologies such as Exadata Hybrid Columnar Compression. He was also Development Manager for the protocols group at Oracle where he designed and implemented major components of the NFSv4 server and led the team responsible for protocol development. He has held senior engineering roles at Pillar Data Systems and Valicert. He is a prolific inventor who holds several patents.

“Two years ago we saw the future and realized the cloud was going to need faster, more capable security. So we founded Lacework and started building it.”