Accessibility Statement Skip Navigation
  • Resources
  • Blog
  • Journalists
  • +44 (0)20 7454 5110
  • Client Login
  • Send a Release
Return to PR Newswire homepage
  • News
  • Products
  • Contact
When typing in this field, a list of search results will appear and be automatically updated as you type.

Searching for your content...

No results found. Please change your search terms and try again.
  • News in Focus
      • Browse News Releases

      • All Public Company News
      • All Multimedia News
      • View All News Releases

      • Regulatory News

      • D/A/CH Regulatory News
      • UK Regulatory News
      • View All Regulatory News

  • Business & Money
      • Auto & Transportation

      • Aerospace & Defense
      • Air Freight
      • Airlines & Aviation
      • Automotive
      • Maritime & Shipbuilding
      • Railroads & Intermodal Transportation
      • Supply Chain/Logistics
      • Transportation, Trucking & Railroad
      • Travel
      • Trucking & Road Transportation
      • View All Auto & Transportation

      • Business Technology

      • Blockchain
      • Broadcast Tech
      • Computer & Electronics
      • Computer Hardware
      • Computer Software
      • Data Analytics
      • Electronic Commerce
      • Electronic Components
      • Electronic Design Automation
      • Financial Technology
      • High Tech Security
      • Internet Technology
      • Nanotechnology
      • Networks
      • Peripherals
      • Semiconductors
      • View All Business Technology

      • Entertain­ment & Media

      • Advertising
      • Art
      • Books
      • Entertainment
      • Film & Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • View All Entertain­ment & Media

      • Financial Services & Investing

      • Accounting News & Issues
      • Acquisitions, Mergers & Takeovers
      • Banking & Financial Services
      • Bankruptcy
      • Bond & Stock Ratings
      • Conference Call Announcements
      • Contracts
      • Cryptocurrency
      • Dividends
      • Earnings
      • Earnings Forecasts & Projections
      • Financing Agreements
      • Insurance
      • Investments Opinions
      • Joint Ventures
      • Mutual Funds
      • Private Placement
      • Real Estate
      • Restructuring & Recapitalisation
      • Sales Reports
      • Shareholder Activism
      • Shareholder Meetings
      • Stock Offering
      • Stock Split
      • Venture Capital
      • View All Financial Services & Investing

      • General Business

      • Awards
      • Commercial Real Estate
      • Corporate Expansion
      • Earnings
      • Environmental, Social and Governance (ESG)
      • Human Resource & Workforce Management
      • Licensing
      • New Products & Services
      • Obituaries
      • Outsourcing Businesses
      • Overseas Real Estate (non-US)
      • Personnel Announcements
      • Real Estate Transactions
      • Residential Real Estate
      • Small Business Services
      • Socially Responsible Investing
      • Surveys, Polls & Research
      • Trade Show News
      • View All General Business

  • Science & Tech
      • Consumer Technology

      • Artificial Intelligence
      • Blockchain
      • Cloud Computing/Internet of Things
      • Computer Electronics
      • Computer Hardware
      • Computer Software
      • Consumer Electronics
      • Cryptocurrency
      • Data Analytics
      • Electronic Commerce
      • Electronic Gaming
      • Financial Technology
      • Mobile Entertainment
      • Multimedia & Internet
      • Peripherals
      • Social Media
      • STEM (Science, Tech, Engineering, Math)
      • Supply Chain/Logistics
      • Wireless Communications
      • View All Consumer Technology

      • Energy & Natural Resources

      • Alternative Energies
      • Chemical
      • Electrical Utilities
      • Gas
      • General Manufacturing
      • Mining
      • Mining & Metals
      • Oil & Energy
      • Oil & Gas Discoveries
      • Utilities
      • Water Utilities
      • View All Energy & Natural Resources

      • Environ­ment

      • Conservation & Recycling
      • Environmental Issues
      • Environmental Policy
      • Environmental Products & Services
      • Green Technology
      • Natural Disasters
      • View All Environ­ment

      • Heavy Industry & Manufacturing

      • Aerospace & Defence
      • Agriculture
      • Chemical
      • Construction & Building
      • General Manufacturing
      • HVAC (Heating, Ventilation & Air-Conditioning)
      • Machinery
      • Machine Tools, Metalworking & Metallurgy
      • Mining
      • Mining & Metals
      • Paper, Forest Products & Containers
      • Precious Metals
      • Textiles
      • Tobacco
      • View All Heavy Industry & Manufacturing

      • Telecomm­unications

      • Carriers & Services
      • Mobile Entertainment
      • Networks
      • Peripherals
      • Telecommunications Equipment
      • Telecommunications Industry
      • VoIP (Voice over Internet Protocol)
      • Wireless Communications
      • View All Telecomm­unications

  • Lifestyle & Health
      • Consumer Products & Retail

      • Animals & Pets
      • Beers, Wines & Spirits
      • Beverages
      • Bridal Services
      • Cannabis
      • Cosmetics & Personal Care
      • Fashion
      • Food & Beverages
      • Furniture & Furnishings
      • Home Improvement
      • Household, Consumer & Cosmetics
      • Household Products
      • Jewellery
      • Non-Alcoholic Beverages
      • Office Products
      • Organic Food
      • Product Recalls
      • Restaurants
      • Retail
      • Supermarkets
      • Toys
      • View All Consumer Products & Retail

      • Entertain­ment & Media

      • Advertising
      • Art
      • Books
      • Entertainment
      • Film & Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • View All Entertain­ment & Media

      • Health

      • Biometrics
      • Biotechnology
      • Clinical Trials & Medical Discoveries
      • Dentistry
      • FDA Approval
      • Fitness/Wellness
      • Health Care & Hospitals
      • Health Insurance
      • Infection Control
      • International Medical Approval
      • Medical Equipment
      • Medical Pharmaceuticals
      • Mental Health
      • Pharmaceuticals
      • Supplementary Medicine
      • View All Health

      • Sports

      • General Sports
      • Outdoors, Camping & Hiking
      • Sporting Events
      • Sports Equipment & Accessories
      • View All Sports

      • Travel

      • Amusement Parks & Tourist Attractions
      • Gambling & Casinos
      • Hotels & Resorts
      • Leisure & Tourism
      • Outdoors, Camping & Hiking
      • Passenger Aviation
      • Travel Industry
      • View All Travel

  • Policy & Public Interest
      • Policy & Public Interest

      • Animal Welfare
      • Corporate Social Responsibility
      • Economic News, Trends & Analysis
      • Education
      • Environmental
      • European Government
      • Labour & Union
      • Natural Disasters
      • Not For Profit
      • Public Safety
      • View All Policy & Public Interest

  • People & Culture
      • People & Culture

      • Aboriginal, First Nations & Native American
      • African American
      • Asian American
      • Children
      • Diversity, Equity & Inclusion
      • Hispanic
      • Lesbian, Gay & Bisexual
      • Men's Interest
      • People with Disabilities
      • Religion
      • Senior Citizens
      • Veterans
      • Women
      • View All People & Culture

  • Overview
  • Distribution
  • Paid Placement
  • Multimedia
  • Disclosure Services
  • SocialBoost
  • Rooms
    • MediaRoom
    • ESG Rooms
  • AI Tools
  • General Enquiries
  • Media Enquiries
  • Partnerships
  • Hamburger menu
  • Cision PR Newswire UK provides press release distribution, targeting, monitoring, and marketing services
  • Send a Release
    • Phone

    • +44 (0)20 7454 5110 from 8 AM - 5:30 PM GMT

    • ALL CONTACT INFO
    • Contact Us

      +44 (0)20 7454 5110
      from 8 AM - 5:30 PM GMT

  • Client Login
  • Send a Release
  • Resources
  • Blog
  • Journalists
  • News in Focus
    • Browse News Releases
    • Regulatory News
  • Business & Money
    • Auto & Transportation
    • Business Technology
    • Entertain­ment & Media
    • Financial Services & Investing
    • General Business
  • Science & Tech
    • Consumer Technology
    • Energy & Natural Resources
    • Environ­ment
    • Heavy Industry & Manufacturing
    • Telecomm­unications
  • Lifestyle & Health
    • Consumer Products & Retail
    • Entertain­ment & Media
    • Health
    • Sports
    • Travel
  • Policy & Public Interest
    • Policy & Public Interest
  • People & Culture
    • People & Culture
  • Client Login
  • Send a Release
  • Resources
  • Blog
  • Journalists
  • Overview
  • Distribution
  • Paid Placement
  • Multimedia
  • Disclosure Services
  • Cision Communications Cloud®
  • AI Tools
  • Client Login
  • Send a Release
  • Resources
  • Blog
  • Journalists
  • General Enquiries
  • Media Enquiries
  • Partnerships
  • Client Login
  • Send a Release
  • Resources
  • Blog
  • Journalists

Lacework Code Security Extends Platform's Coverage to the Full Application Lifecycle

This image opens in the lightbox

News provided by

Lacework

14 Nov, 2023, 14:00 GMT

Share this article

Share toX

Share this article

Share toX

Lacework unifies code and cloud security so enterprises can innovate and deliver secure cloud-native applications faster than ever 

MOUNTAIN VIEW, Calif., Nov. 14, 2023 /PRNewswire/ -- Lacework, the data-driven cloud security company, today announced its release of code security, which provides Lacework customers full visibility throughout the complete application development lifecycle. Lacework code security helps prevent security issues from getting into the wild by identifying them before code is deployed, and helps prioritize and fix issues faster, wherever they are found in the application lifecycle.

Lacework has always believed that achieving the best security outcomes, with speed, requires continuous visibility and context, including knowing where every software package is running, and the ability to capture and correlate data across the application lifecycle. This approach empowers security teams to be more efficient, eliminates the toil of stitching together data and findings from different sources, and it helps to consolidate onto fewer tools that deliver higher value.

"This is a milestone moment as we unveil our data-driven approach to code security, purpose-built to complement the greater Lacework platform" said Jay Parikh, CEO, Lacework. "Our deep investment into the technology that powers the Lacework platform allows us to provide customers with much more than code security insights. Lacework is able to combine various sources of data to help provide deep security insights that span from code to cloud."

Introducing Lacework Software Composition Analysis (SCA) and Static Application Security Testing (SAST) 

Lacework is introducing two forms of static program analysis - one (SCA) targeted at third-party code in customers' repositories, and the other (SAST) targeted at first-party code.

The SCA capabilities developed by Lacework give customers continuous visibility into third-party software libraries and associated vulnerabilities, including direct and indirect dependencies. The unique approach taken by Lacework goes beyond basic SCA functionality and gives teams continuous visibility into exactly where vulnerable functions are used in the code, how often each is referenced, who was responsible for bringing it in, and who owns fixing the code. Customers gain an always-up-to date software bill of materials (SBOMs) for every application and continual visibility into their software supply chain, as well as an understanding of open-source license risk.

For the first time, with SCA as part of the Lacework platform, customers have visibility of a vulnerable package's full lifecycle, tracking its usage in the source code to its activity within any cloud-native workload. The active vulnerability detection is accomplished using an extension of the Lacework runtime agent known as Code Aware Agent (CAA). Previously, Lacework announced Active Vulnerability Detection (AVD) for host packages, and today the company has added AVD support for containers, meaning customers can now identify runtime package activity across broad surfaces of cloud workloads.

"When we developed CAA we did so with the aim of connecting to static analysis," said Peter O'Hearn, Director of Engineering, Lacework. "There is a huge unexplored potential in combining static and runtime analysis, with previously-unrealized value that we are now beginning to tap into."

The combination of AVD and SCA illustrates the benefit of a platform approach to cloud security. If a package is known to be active, then updating it might be prioritized over packages that have not been found to be active and perhaps never will be. Conversely, if a package is inactive it might be considered a candidate for removal, thus reducing the attack surface. AVD furnishes the runtime insight, and SCA the source code information that can lead to faster resolution.

"With Lacework code security, we will achieve a new level of maturity and empower our teams to innovate faster," said John Sinteur, Security Architect at Mendix. "This comprehensive visibility into third party code will help us to demonstrate to our customers that their low code apps and our platform are free from third party vulnerabilities. Along with these capabilities, the Lacework agent helps us prioritize vulnerabilities in terms of risk by tracking package activity."

Lacework SAST complements SCA to provide comprehensive code security capabilities to help organizations understand how first-party code could be exploited. Lacework SAST takes in-house code and identifies source-code weaknesses that an attacker could exploit to bypass security controls, run malicious commands, or exfiltrate sensitive data. From that analysis, the tool provides customers with an automated and intuitive secure code review that's easily actionable by both entry-level and senior security analysts. 

Lacework SAST gives application security engineers visibility into complex vulnerabilities within their most exposed internet-facing applications. Lacework provides an in-depth model of each application and tracks the path of untrusted data to weed out zero-days that could result in dangerous exploits like SQL injection. Application security teams can scale to meet the demands of much larger development teams with a fast analyzer that can assess millions of lines of code in minutes.

Traditional SAST tools are notorious for noisy results with a large number of false positives. What is less often emphasized, but even more crucial to security posture, are false negatives (missed bugs). Lacework SAST uses a sophisticated set of techniques to analyze call chains and control paths of an application. This analysis learns when a developer has added compensating controls to mitigate risk, and Lacework's highly-configurable engine allows security engineers to easily customize and add rules to meet the specific needs of their unique codebase. Lacework SAST analysis is both precise and fast: it has low false positives and negatives.

The code security capabilities Lacework announced today build on its previous investment in infrastructure as code (IaC) security and further deliver on the company's vision for a data-driven platform that covers the entire application lifecycle. A single platform spanning from code all the way to production gives security teams unmatched visibility, paves the way for further tool consolidation, all while enabling faster innovation and better security outcomes.

To learn more, visit Lacework.com and the below resources.

Further Resources:

  • Read more about Lacework code security
  • Download the Lacework code security solution brief
  • Watch a Lacework code security demo
  • Try Lacework today with a 14-day free trial

About Lacework
Lacework keeps organizations secure in the cloud, allowing them to innovate faster with confidence. Cloud security requires a fundamentally new approach and the Lacework platform is designed to scale with the volume, variety, and velocity of cloud data across an organization's cloud environment: code, identities, containers, and multi-cloud infrastructure. Only Lacework provides Security and Development teams with a correlated and prioritized end-to-end view that pinpoints the largest risks and handful of security events that matter most. Learn more at www.lacework.com.

Media Contacts:

Mark Wheeler
Vice President, Corporate Marketing
Lacework
press@lacework.net

Logo - https://mma.prnewswire.com/media/1865984/Lacework_Logo.jpg

Modal title

Contact PR Newswire

  • +44 (0)20 7454 5110
    from 8 AM - 5:30 PM GMT
  • General Enquiries
  • Media Enquiries
  • Partnerships

Products

  • Content Distribution
  • Multimedia Services
  • Disclosure Services
  • Cision Communications Cloud®

About

  • About PR Newswire
  • About Cision
  • Partnering Opportunities
  • Careers
  • APAC
  • APAC - Simplified Chinese
  • APAC - Traditional Chinese
  • Brazil
  • Canada
  • Czech
  • Denmark
  • Finland
  • France
  • Germany
  • India
  • Indonesia
  • Israel
  • Japan
  • Korea
  • Mexico
  • Middle East
  • Middle East - Arabic
  • Netherlands
  • Norway
  • Poland
  • Portugal
  • Russia
  • Slovakia
  • Spain
  • Sweden
  • United States
  • Vietnam

My Services

  • All News Releases
  • Customer Portal
  • Resources
  • Blog
  • Journalists
  • Data Privacy

Do not sell or share my personal information:

  • Submit via Privacy@cision.com 
  • Call Privacy toll-free: 877-297-8921

Contact PR Newswire

Products

About

My Services
  • All News Releases
  • Customer Portal
  • Resources
  • Blog
  • Journalists
+44 (0)20 7454 5110
from 8 AM - 5:30 PM GMT
  • Terms of Use
  • Privacy Policy
  • Information Security Policy
  • Site Map
  • RSS
  • Cookie Settings
Copyright © 2025 PR Newswire Europe Limited. All Rights Reserved. A Cision company.