Single platform and user experience for multicloud, hybrid, and Kubernetes coverage on Linux and Windows. Unified view of assets, vulnerabilities, configurations, threats, and behaviors from code to cloud. Delivers continuous security and a centralized view of auditable compliance evidence. Flexible architecture that easily adapts to evolving cloud technologies (e.g., Kubernetes, serverless, etc.)
Understand your cloud and find unknown threats - Patented technology automatically learns your cloud environment, visualizes all its complex relationships, baselines normal behavior and activity, and alerts on changes that warrant attention - all without manual configuration. We accurately assess and inventory assets and services (cloud infrastructure, accounts, workloads, containers, Kubernetes clusters, etc.) being used in your cloud - from code to cloud, from host to function
Focus on risks that matter most - Automatically correlates data from code to cloud to put risks into context. Identifies the signals that matter most & pinpoints the risks that need immediate attention. Provides highly-contextualized alerts that detail who, what, why, when, & where within a singular view & enable the right people to take action. Natively integrates into existing workflows. Augments industry best practices with customizable rules to meet customer-specific requirements
What's new
-
ServiceNow Australia release support. The integration has been validated and is now certified on the ServiceNow Australia release
-
Configurable Lacework severity normalization. Lacework severity values are now normalized through ServiceNow's standard sn_vul_severity_map table instead of hard-coded script logic. Seed records ship for source Lacework VR (integration type vr): Critical → 1, High → 2, Medium → 3, Low → 4, Info → 5. Administrators can adjust the mapping from the platform UI without editing transform scripts.
-
Credentials migrated to the standard Security Integration Framework schema. Lacework api_url, key_id, and client_secret are now stored on sn_sec_int_impl_config (keyed by the integration implementation sn_sec_int_impl), aligning the app with ServiceNow's standard SIF configuration pattern. LaceworkVulnerabilityIntegration.initialize() reads the standard table first and falls back to the legacy sn_sec_core_integration_item_config records, so existing instances keep working without re-entering credentials. connectionTest accepts values from either the standard or legacy dashboard, so Submit works from both. New seed records (configurations, impl configs, privileges, and UI actions) ship with the app.
Bug fixes
-
Privacy Policy ACL no longer admin-overridable. The x_lacew_invr_lacework_invr_privacy_policy UI-page ACL had admin_overrides=true, which caused users with the platform admin role to bypass the policy's access logic. admin_overrides is now false so the ACL is evaluated consistently for all users.
Documentation
-
Lacework Infrastructure VR Integration Admin Guide
-
Lacework Infrastructure VR Integration App Design
-
Lacework Infrastructure VR Integration Installation and Config Guide
-
Lacework Infrastructure VR Integration Test Plan
- Vulnerability Response 26.6.2 or newer
- System Import Sets
Note: Unified Security Exposure Management (USEM) is not supported by this integration.
Other Requirements:Lacework Platform with appropriate API access enabled.