Ending Soon! Get an iPad (32G), Galaxy Tab A, or $250 Off with OnDemand or vLive Training!


To attend this webcast, login to your SANS Account or create your Account.

Effortless Detection and Investigation of Cloud Breaches: A Review of Lacework's Zero Touch Cloud Workload Security Platform

  • Wednesday, June 28th, 2017 at 1:00 PM EDT (17:00:00 UTC)
  • Matt Bromiley and Sanjay Kalra
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • Lacework

You can now attend the webcast using your mobile device!


Today's increasingly dynamic cloud environments present new challenges to security practitioners. Legacy approaches based on policies and log analysis are ill-suited to the cloud world of containers, continuous development, elastic workloads and transient IP addresses. Logs are often out of date, incomplete and decentralized. Policies are too static and complex, and they require constant maintenance. With security talent in short supply, tailoring these old policy-and-logs approaches to the needs of an organization can require time and resources it just doesn't have.

Lacework is a company looking to mitigate these challenges. SANS analyst and instructor Matt Bromiley used Lacework's new Zero Touch Cloud Workload Security Platform. In this paper, he shares his experience with the product, including:

  • Ease of use, including the concept of "zero touch" and installation
  • Efficiency when baselining and profiling the cloud environment
  • Automation of key tasks including establishing a cloud baseline and tracking that baseline over time
  • How the product can assist with breach detection, insight into DevSecOps, investigation analysis and insider threat management

Attend this webcast to see how the product works and its potential impact on today's cloud and data center security challenges. Attendees also will be the first to receive a paper detailing this review.

View the associated paper here.

Speaker Bios

Matt Bromiley

Matt Bromiley is a SANS digital forensics and incident response (IR) instructor, teaching FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics and SANS FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response. He is also an IR consultant at a global IR and forensic analysis company, combining experience in digital forensics, log analytics, and incident response and management. His skills include disk, database, memory and network forensics; incident management; threat intelligence and network security monitoring. Matt has worked with organizations of all shapes and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.

Sanjay Kalra

Sanjay Kalra is the founder of Lacework. Sanjay brings more than two decades of innovation and success in the cloud, networking and security industries. Previously, he held the position of VP and GM at Guavus. At Guavus, he was responsible for managing business strategy, mergers and acquisitions, product roadmap, business planning, marketing forecasting and business development. Sanjay joined Guavus from Juniper Networks, where he was senior director of product management for its security business.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.