An Intellyx Brain Candy Brief
In today’s hybrid IT, multi-cloud, containery world, developers are increasingly expected to specify the IT operational architecture their software runs workloads on.
Commonly available tools, reference architectures and build specs from the open source community and cloud service providers can ease the burden of wearing the IT Ops hat for the developer, yes, but this also makes fulfilling the latest security requirements very tricky. Hackers can use the same readily available resources to keep their malware ahead of the vulnerabilities.
Lacework offers to make short work of this challenge, allowing developers to easily bake in an expert risk analysis and monitoring function when deploying software at the cloud service provider, container or workload/microservice layer.
“The roles of development and security are changing. While the CISO may still select tools, 90 percent of the alerts land with the DevOps team to remediate,” said Lacework CEO Dan Hubbard. “If you want to be SOC2 compliant, you need developers to buy into security at every build and runtime event.”
Newly discovered vulnerabilities, insecure delivery and authorization practices, and known threat behaviors are assessed and reported across all nodes in the environment. The company strategically partners with APM, ITSM and alerting vendors, major cloud service providers (AWS, Azure, GCP) to use their native tracing frameworks, and is an active contributor in CNCF and Kubernetes open source efforts.
©2019 Intellyx LLC. Intellyx advises companies on their digital transformation initiatives, and helps vendors communicate their agility stories. At the time of this writing, Microsoft (Azure) is a former customer. None of the other organizations mentioned in this article are Intellyx customers. To be considered for a Brain Candy article, email us at pr@intellyx.com.
