Login
    Contents x
    Lacework
    • 08 Feb 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Lacework

    • Updated on 08 Feb 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Lacework provides cloud security automation for AWS, Azure, and GCP with a comprehensive view of risks across cloud workloads and containers.

    Types of Assets Fetched

    This adapter fetches the following types of assets:

    • Devices
    • Users

    Parameters

    1. Lacework Domain (required) - The hostname or IP address of the Lacework server that Axonius can communicate.

    2. Access Key ID (required) - The Access Key ID. It is recommended to use a Lacwork Service User to generate the needed API key. The Service User’s role must be Admin or have read-only access to all API endpoints as detailed here.

    3. Secret Key (required) - An API secret key. Refer to Generate API Access Keys and Tokens for information on how to generate the secret key.

    4. Sub Account - Enter a sub account name to fetch data from a defined sub account. The authorization token needs to have org admin permissions to do this.

    5. API Version (required, default API_V2) - Select this option to force the adapter to use a specific version of the Lacework API.

    6. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

    7. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

    8. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

    9. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

    To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

    Lacework.png


    Advanced Settings

    Note:

    Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters

    1. Async chunks in parallel (required, default: 50) - Specify the number of parallel requests all connections for this adapter will send to the Lacework server in parallel at any given point.
    2. Drop devices where Machine Status is offline (required, default: false) - Select to exclude devices with a machine status of Offline.
    3. Fetch from inventory (default: true) - Select this option to fetch devices from the Inventory endpoint (api/v2/Inventory/search).
    4. Fetch additional entities - Toggle on this option to enable fetching of additional entities.
      • Additional entities (default: Agents) - From the drop-down, select the relevant options.
      • Require hostname - Select this option to require hostname.
      • Fetch vulns for entities - Toggle on this option to enable fetching of vulnerabilities for entities.


    APIs

    Axonius uses the Lacework API v2.

    Supported From Version

    Supported from version 4.4


    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout