Manage Integrated AWS Resources—The Lacework Console introduces comprehensive visibility into AWS resources that are integrated with Lacework. The new Resource Management page provides a snapshot of in-use AWS resources to provide visibility for team members with limited or no access to the AWS Management Console. Resource management introduces the following features:
- Resource Management page—This new Resource Management page is located under the top-level Monitor menu. This page allows you to view a snapshot of your in-use AWS resources that are integrated with Lacework. Advanced filters for date/time ranges, resources, and accounts allow you to find and focus on the information that’s important to you.
- Configuration change tracking—Granular line level diffs for an individual resource’s configuration changes. Configuration comparison capability between any two configurations from the configuration history.
- Configurable resource collection schedule—You can configure the time to start resource collection. Collection occurs every 24 hours.
For more information, see Manage Integrated AWS Resources.
Container registry notification support—Lacework supports registry notifications for the Lacework Docker V2 Registry type (which includes Azure Container Registry). After subscribing to registry notifications in the Lacework Console, you must update the config.yml file (Docker) or create a webhook (Azure Container Registry) with the Lacework-generated server token. Any manifest push notifications trigger Lacework assessments of the new images in the integrated registries. For more information, see Integrate a Docker V2 Registry.
Lacework Snowflake data share supports cloud compliance—The Lacework Snowflake data share supports compliance data. This is the
v.4release of the Lacework Snowflake data share. For more information, see CLOUD_COMPLIANCE_V View.
Data export to S3—This feature is in beta. Data export allows you to export data from your Lacework account and send it to an AWS S3 bucket of your choice. You can extend Lacework processed/normalized data to report/visualize alone or combine with other business/security data to get insights and make meaningful business decisions. Exported data includes:
- Reports and insights: alerts, compliance reports, vulnerability assessments, assets
- Investigation data: machine, process, cloud activity logs, vulnerabilities, assets, users, applications
For more information, see S3 Data Export.
- Consolidated AWS CloudTrail integration within a Lacework organization—This feature is in invitation only, limited beta. If your Lacework accounts are enrolled in a Lacework organization, you can integrate CloudTrail at the organization level. You can then map your AWS accounts to Lacework accounts within the organization. CloudTrail integrations configured at the organization level appear within their respective Lacework accounts’ Cloud Accounts Summary as read-only integrations. For information, see Setup of Organization AWS CloudTrail Integration.