Lacework announced on Aug. 28 that it has raised $24 million in new funding to expand its cloud security efforts.
The Series B funding round was led by Sutter Hill Ventures and brings total funding to date for Lacework to $32.7 million. Lacework’s core product platform, Polygraph, helps organizations detect potential threats.
“We are grateful to be servicing 30 customers with very minimal sales and marketing investment in a short amount of time,” Stefan Dyckerhoff, Lacework’s CEO, told eWEEK. “This funding will be used to greatly increase our market reach and continue to develop our cloud security platform.”
Lacework was founded in January 2015 and came out of stealth in April 2017, with the goal of improving cloud security visibility. Dyckerhoff became CEO of Lacework in November 2017 and is no stranger to the security business, having previously led Skyport, which Cisco acquired on Jan. 24. Dyckerhoff is also a managing partner at Sutter Hill Ventures and sits on the board of directors at SiFive, Menlo Security and ThousandEyes.
Cloud visibility is something that Amazon Web Services (AWS) has been providing to its users for free with CloudTrail since August 2017. However, CloudTrail only provides the logging of cloud events and there is still often a need for additional technologies to help gain insight from those logs, which is where Lacework’s Polygraph technology fits in. Back in August 2017, Lacework announced its Polygraph for AWS CloudTrail service, providing security visibility and alerting for Amazon public cloud usage.
“Lacework’s Polygraph technology is the fundamental engine that allows us to map out all of the behaviors in the data center from APIs to users, network and processes,” Dyckerhoff explained. “We continue to add additional dimensions to it to provide end-to-end coverage of every deployment scenario and workload.”
While AWS was initially a primary target for Lacework’s Polygraph, the technology now has broader deployment applicability. Dyckerhoff said Lacework currently secures customer environments in multiple environments, including not only AWS but also Microsoft Azure as well as private and hosted data centers. In addition, Lacework is helping to protect container-based cloud workloads as well.
“Several customers run Kubernetes, and we believe such dynamic environments are ideally suited for the Lacework platform,” he said.
On June 19, Lacework released a report looking at container orchestration system security, including Kubernetes. Lacework’s analysis found 21,169 publicly facing container orchestration platforms, of which 300 deployments were found to have open administrative dashboards that did not require access credentials. The Lacework platform includes container security capabilities that monitor the life cycle of containers. Lacework also scans container workloads and active processes for potential vulnerabilities.
From a competitive standpoint, there are multiple vendors that Lacework competes against.
“We typically compete against a patchwork of solutions from vendors stretching from compliance to detection to investigation and remediation,” Dyckerhoff said.
Looking forward, Dyckerhoff expects to continue to expand the features that Lacework provides from its software-as-a-service (SaaS) based offering.
“We pride ourselves in rapid feature development with the highest quality standard and will continue to expand the breadth, including multicloud and depth with additional automation of our platform,” he said.