Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

1/15/2021
07:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Lacework Closes a $525 Million Growth Round to Scale Up Infrastructure Security for the Cloud Generation

San Jose, CA – January 7, 2020 –  Lacework, the security platform for the cloud generation, today announced a $525 million growth round with a valuation of over $1 billion. Led by Sutter Hill Ventures and Altimeter Capital, and joined by D1, Coatue, Dragoneer Investment Group, Liberty Global Ventures, Snowflake Ventures and Tiger Capital, the round reflects Lacework’s accelerated adoption among digital businesses building on Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and Kubernetes.

Lacework is trusted by cloud-based businesses such as Brightcove, LendingTree, Veeva Systems, and Pure Storage. The investment round will be used to accelerate the strategies that drove Lacework’s 300%+ revenue growth in 2020, expand its go-to-market and partner ecosystem operations, and grow its engineering and R&D teams across the US and Europe.

Constant Changes in the Cloud Require a Fundamental Shift In Security with Data Processing at Scale

Applications built on cloud infrastructure services are complex and change constantly, which makes securing cloud workloads and services at scale impossible when relying on manual tasks and disparate tooling. With the worldwide adoption of public cloud infrastructure as a service forecasted to grow from $51 Billion in 2020 to $82 Billion in 2022, comes a heightened demand for cloud security and compliance. Gartner, Inc. also anticipates that “99% of all cloud security failures will be the customer’s fault through at least 2023,” with 50% of companies unintentionally exposing components of their own cloud applications and infrastructure to the internet in 2021, up from 25% in 2018.

Lacework was built to see and understand cloud changes at scale without requiring manual interventions by security teams every time a new cloud service or technology is adopted. It gives customers the visibility, context, and telemetry needed to quickly assess cloud security postures, prove compliance, secure cloud workloads, and investigate anomalous activity or answer an auditor’s question all in one place.

Lacework is built on Snowflake, and its Polygraph™ security architecture understands and detects threats in cloud applications and infrastructure by applying automation and machine learning to tackle the massive scale of security data processing required to record and analyze constant changes in the cloud. As a result, Lacework customers are able to reduce false positives by up to 98% and investigation time by over 90%. With functionality that reaches across the Cloud Security Posture and Cloud Protection Platform markets, 80% of new Lacework customers replaced two or more point products in 2020.

The next phase of Lacework’s growth will focus on extending its market-leading SaaS security platform and expanding into new adjacent spaces, all with a focus on enabling customers to innovate in the cloud with speed and safety. Furthermore, the investment will enable Lacework to deliver additional integrations across the devops toolchain and into security data lake initiatives for Snowflake customers.

Quotes

  • Dan Hubbard, CEO, Lacework: “Building on cloud is the biggest shift the IT industry has ever witnessed. Constant cloud changes require a new approach to security critical for our customers adapting and scaling as fast as clouds innovate. This round will allow us to extend our product differentiation leadership which is critical in a transformative market driven by both fast-moving builders and sophisticated attackers”.
  • Christian Kleinerman, SVP Products, Snowflake: "The best way to understand the security of any business is to have data for all activity and process it with the lowest latency, regardless of scale. Lacework’s automation of manual processes and ability to map and analyze cloud changes with their Polygraph demonstrates the power of modern data processing on Snowflake.”
  • Mike Speiser, Managing Director, Sutter Hill Ventures: “We invest in companies that leverage and drive fundamental technological shifts in massive markets. Lacework is a better approach to security built on Snowflake's powerful data platform to deliver radically better security to our enterprise customers. And, like Snowflake at a similar point in its evolution, Lacework is growing revenue at over 300% per year making Lacework one of Sutter Hill Ventures' most important and promising portfolio companies."
  • David Christensen, Director of Global Information Security Engineering and Operations, WEX: “Lacework enabled Wex to accelerate our AWS migration with a proactive view of activity while keeping our configuration house in order without the cost and toil of trying to do the same thing with a SIEM. We are also supporting container projects without having to manage and scale additional infrastructure, enabling more resources for collaboration and product development.”
  • Terence Runge, CISO, Reltio: "Our business infrastructure runs on thousands of servers constantly scaling up and down. Lacework has enabled our security team to shift from building and managing security infrastructure to security practitioners who collaborate on near real-time data that enables our teams to focus on what matters.”
  • Brad Woodward, Principal Security Architect, Observian: “Lacework is the first tool I have encountered that can drop in, zero in on anomalous behavior, and support a blue team's defense vs red team attempts to execute a breach and extend access. I rely on it for my production environments, and I highly recommend it to others who are serious about security."
  • Raj Ramanujam, VP of Alliances and Channels, New Relic: “Integrating New Relic with Lacework means you can harness the power of observability plus behaviors for deep insights into your cloud security posture. This unique combination helps to reduce MTTD and MTTR."

Additional Resources

About Lacework

Lacework delivers security and compliance for the cloud generation. The Lacework Cloud Security Platform is offered as-a-Service and delivers build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across AWS, GCP, Azure, and Kubernetes services, workloads, and containers. Trusted by enterprise customers worldwide, Lacework significantly drives down costs and risk, and removes the burden of unnecessary toil, rule writing, and inaccurate alerts. Lacework was founded in 2015 and is backed by Altimeter Capital, AME Cloud Ventures, D1, Coatue, Dragoneer Investment Group, Liberty Global Ventures, Spike Ventures, Sutter Hill Ventures, Snowflake Ventures, Tiger Capital, and the Webb Investment Network (WIN). It is based in San Jose, California. Get started at www.lacework.com

 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...