Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Cloud Security Firm Lacework Raises $42 Million

Funding Will Help Company Expand DevOps and Workload Security Offerings for Cloud, Container, and Hybrid Environments

Funding Will Help Company Expand DevOps and Workload Security Offerings for Cloud, Container, and Hybrid Environments

Mountain View, Calif-based cloud security firm Lacework has closed a $42 Million Series C funding round from Sutter Hill Ventures and Liberty Ventures, bringing the total raised to $74 million. Lacework provides a purpose-built platform for the modern environment, including DevOps and orchestration to cloud, cloud native and hybrid workloads.

Lacework was founded in January 2015 by Sanjay Kalra (CPO) and Vikram Kapoor (CTO).

The new funding will be used for further product and market development, and is supported by several new board appointments. Andy Byron is moving from chief revenue officer at Cybereason to become President at Lacework, and will run all go-to-market operations.

Lacework Logo

Traditional security products — even ‘NextGen’ products — are primarily firewalls or endpoint products. These have their place, explains Lacework CEO Dan Hubbard in an associated blog, but neither “have been purpose fit for modernized IT service consumption models; IaaS, PaaS, and cloud-native technologies such as container and Kubernetes.”

One of the problems is that cloud environments don’t just change the infrastructure — they are changing the way software is being developed. Where developers once had to engage with separate IT and security teams to gain change control approval, they can now run their own infrastructure on-demand, at scale, and often without traditional IT.

“The shift here is for security to be integrated into the process, not isolated from it in the world of the ‘Next Generation’,” writes Hubbard. “Call it DevSecOps, Secure DevOps, or SecDevOps, I just call it collaboration and teamwork in New Generation Security.”

The ability for faster change at greater scale brings its own new risks; but the same programmability in cloud environments that creates these risks can also be used to mitigate them. Hubbard describes the environment as ‘predictable chaos engineering’, where it is normal for nodes to come and go and it all just continues to work.

Advertisement. Scroll to continue reading.

“What this practically means,” he says, “is that instead of simply enforcing something at the network layer and continuing to have a machine on your network that is potentially infected you can orchestrate it offline. Additionally, when programmatic configuration mistakes happen in your infrastructure you can orchestrate them to be fixed, on the scale of one or one hundred with a software rollout.”

Lacework’s proposal is that security for new processes and infrastructure within the cloud is best served by new product designed for the cloud. But, “The security market is crowded with point solutions and legacy vendors trying to become relevant for containers and the cloud,” explains Mike Speiser, partner at Sutter Hill Ventures and new Lacework board member. 

“The cloud is certainly no less secure than on-prem; but it’s very different. The cloud is secure if you make it secure; but you have to think about it in a new way. Lacework helps to do that,” explains Stefan Dyckerhoff, Lacework board member and managing director of Sutter Hill Ventures.

Lacework raised $24 million in a Series B funding round in August 2018.

Related: Researchers Find 21,000 Exposed Container Orchestration Systems 

Related: Security, Compliance Remain Biggest Concerns Over Cloud 

Related: Cloud Security Firm Aporeto Raises $20 Million 

Related: Darktrace Raises $50 Million at $1.65 Billion Valuation 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cyber Insurance

Cyberinsurance and protection firm Boxx Insurance raises $14.4 million in a Series B funding round led by Zurich Insurance.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...