This pack enables you to interact with the Lacework cloud security platform. The primary function is to allow users to
fetch incident data from Lacework, and construct playbooks to respond to potential threats or misconfigurations.
Lacework
- Details
- Content
- Dependencies
- Version History
Lacework provides end-to-end cloud security automation for AWS, Azure, and GCP with a comprehensive view of risks across cloud workloads and containers.
This pack enables you to interact with the Lacework cloud security platform. The primary function is to allow users to
fetch incident data from Lacework, and construct playbooks to respond to potential threats or misconfigurations.
Name | Description |
---|---|
Lacework - Classifier | Lacework Incident Classifier |
Lacework - Incoming Mapper | Lacework Mapper for incidents |
Name | Description |
---|---|
Lacework Event Model | The 'Model' within the 'Actor' category that generated the Lacework event. |
Lacework Recommendation Account Alias | The cloud service provider 'Account Alias' associated with the compliance violation. |
Lacework Event ID | The ID of the Lacework event. |
Lacework Event Actor | The 'Actor' that generated the Lacework event. |
Lacework Recommendation Title | The Title of the recommendation which generated a compliance violation event within Lacework. |
Lacework Recommendation ID | The ID of the recommendation which generated a compliance violation event within Lacework. |
Lacework Event Type | The 'Event Type' within the 'Model' and 'Actor' categories that generated the Lacework event. |
Lacework Recommendation Account ID | The cloud service provider 'Account ID' associated with the compliance violation. |
Name | Description |
---|---|
Lacework Event | |
Lacework Alert |
Name | Description |
---|---|
Lacework (Community Contribution) | Lacework provides end-to-end cloud security automation for AWS, Azure, and GCP with a comprehensive view of risks across cloud workloads and containers. |
Name | Description |
---|---|
Lacework - Classifier | Lacework Incident Classifier |
Lacework - Incoming Mapper | Lacework Mapper for incidents |
Name | Description |
---|---|
Lacework Recommendation ID | The ID of the recommendation which generated a compliance violation event within Lacework. |
Lacework Recommendation Account ID | The cloud service provider 'Account ID' associated with the compliance violation. |
Lacework Event Actor | The 'Actor' that generated the Lacework event. |
Lacework Event Type | The 'Event Type' within the 'Model' and 'Actor' categories that generated the Lacework event. |
Lacework Event Model | The 'Model' within the 'Actor' category that generated the Lacework event. |
Lacework Recommendation Title | The Title of the recommendation which generated a compliance violation event within Lacework. |
Lacework Event ID | The ID of the Lacework event. |
Lacework Recommendation Account Alias | The cloud service provider 'Account Alias' associated with the compliance violation. |
Name | Description |
---|---|
Lacework Alert | |
Lacework Event |
Name | Description |
---|---|
Lacework (Community Contribution) | Lacework provides end-to-end cloud security automation for AWS, Azure, and GCP with a comprehensive view of risks across cloud workloads and containers. |
Pack Name | Pack By |
---|---|
Base | By: Cortex XSOAR |
Pack Name | Pack By |
---|---|
Common Types | By: Cortex XSOAR |
Pack Name | Pack By |
---|---|
Base | By: Cortex XSOAR |
Classifiers
Lacework - Classifier
- Updated default incident type to 'Lacework Alert'
Incident Fields
- Lacework Recommendation Account ID
- Lacework Recommendation ID
- Lacework Recommendation Title
- Lacework Recommendation Account Alias
Incident Types
- New: Lacework Alert
Integrations
Lacework
- Lacework API calls are now migrated to APIv2
- XSOAR Incidents are now derived from Lacework Alerts, rather than Events
- Updated the Docker image to: demisto/lacework:1.0.0.47313.
Mappers
Lacework - Incoming Mapper
- Added new Lacework Alert fields
- 35084
- 34779
Download
Incident Fields
- Lacework Event Type
Classifiers
Fix: Lacework
- Fixed severity transformation in Lacework Incident Classifier (Available from Cortex XSOAR 5.0.0).
Mappers
Fix: Lacework - Incoming Mapper
- Fixed severity transformation in Lacework - Incoming Mapper (Available from Cortex XSOAR 6.0.0).
Integrations
Lacework
- Added debug logs.
PLATFORMS
INFO
Supported By | Community | |
Created | August 19, 2020 | |
Last Release | December 3, 2024 |