We performed a comparison between Lacework and Threat Stack Cloud Security Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Cloud Workload Protection Platforms (CWPP)."The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."
"The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at."
"The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI."
"The solution is very user-friendly."
"Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
"Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."
"I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts."
"The most valuable feature, from a compliance perspective, is the ability to use Lacework as a platform for multiple compliance standards. We have to meet multiple standards like PCI, SOC 2, CIS, and whatever else is out there. The ability to have reports generated, per security standard, is one of the best features for me."
"Polygraph compliance is a valuable feature. In our perspective, it delivers significant benefits. The clarity it offers, along with the ability to identify and address misconfigurations, is invaluable. When such issues arise, we promptly acknowledge and take action, effectively collaborating with our teams and the responsible parties for those assets. This enables us to promptly manage problems as soon as they arise."
"Lacework is helping a lot in reducing the noise of the alerts. Usually, whenever you have a tool in place, you have a lot of noise in terms of alerts, but the time for an engineer to look into those alerts is limited. Lacework is helping us to consolidate the information that we are getting from the agents and other sources. We are able to focus only on the things that matter, which is the most valuable thing for us. It saves time, and for investigations, we have the right context to take action."
"For the most part, out-of-the-box, it tells you right away about the things you need to work on. I like the fact that it prioritizes alerts based on severity, so that you can focus your efforts on anything that would be critical/high first, moderate second, and work your way down, trying to continue to improve your security posture."
"The most valuable aspects are identifying vulnerabilities—things that are out there that we aren't aware of—as well as finding what path of access attackers could use, and being able to see open SSL or S3 buckets and the like."
"The compliance reports are definitely most valuable because they save time and are accurate. So, instead of relying on a human going through and checking or providing me with a report, I could just log into Lacework and see for myself."
"There are many valuable features that I use in my daily work. The first are alerts and the event dossier that it generates, based on the severity. That is very insightful and helps me to have a security cap in our infrastructure. The second thing I like is the agent-based vulnerability management, which is the most accurate information."
"The best feature, in my opinion, is the ease of use."
"Technical support is very helpful."
"We like the ability of the host security module to monitor the processes running on our servers to help us monitor activity."
"The number-one feature is the monitoring of interactive sessions on our Linux machines. We run an immutable environment, so that nothing is allowed to be changed in production... We're constantly monitoring to make sure that no one is violating that. Threat Stack is what allows us to do that."
"We're using it on container to see when activity involving executables happens, and that's great."
"There has been a measurable decrease in the meantime to remediation... because we have so many different tech verticals already collated in one place, our ability to respond is drastically different than it used to be."
"An important feature of this solution is monitoring. Specifically, container monitoring."
"Threat Stack has connectivity."
"With Threat Stack, we quickly identified some AWS accounts which had services that would potentially be exposed and were able to remediate them prior to release of products."
"Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
"The solution's container security could be improved."
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
"The remediation workflow within the Wiz could be improved."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"The only thing that needs to be improved is the number of scans per day."
"We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."
"Visibility is lacking, and both compliance-related metrics and IAM security control could be improved."
"Lacework has not reduced the number of alerts we get. We've actually had to add resources as a result of using it because the application requires a lot of people to understand it to get the value out of it properly."
"A feature that I have requested from them is the ability to sort alerts and policies based on a security framework. Right now, when you go into alerts, you have hundreds and hundreds of them that you have to manually pick. It would be useful to have categories for CIS Benchmark or SOC 2 and be able to display all the alerts and policies for one security framework."
"Its integrations with third-party SIEMs can be better. That is one of the things that we discussed with them."
"The biggest thing I would like to see improved is for them to pursue and obtain a FedRAMP moderate authorization... I don't believe they have any immediate plans to get FedRAMP moderate authorized, which is a bit of a challenge for us because we can only use Lacework in our commercial environment."
"The configuration and setup of alerts should be easier. They should make it easier to integrate with systems like Slack and Datadog. I didn't spend too much time on it, but to me, it wasn't as simple as the alerting that I've seen on other systems."
"Lacework lacks remediation features, but I believe they're working on that. They're focused on the reporting aspect, but other features need to improve. They're also adding some compliance features, so it's not worth saying they need to get better at it."
"I would like to see a remote access assistance feature. And the threat-hunting platform could be better."
"The compliance and governance need improvement."
"I would like further support of Windows endpoint agents or the introduction of support for Windows endpoint agents."
"The user interface can be a little bit clunky at times... There's a lot of information that needs to be waded through, and the UI just isn't great."
"The one thing that we know they're working on, but we don't have through the tool, is the application layer. As we move to a serverless environment, with AWS Fargate or direct Lambda, that's where Threat Stack does not have the capacity to provide feed. Those are areas that it's blind to now..."
"It shoots back a lot of alerts."
"The API - which has grown quite a bit, so we're still learning it and I can't say whether it still needs improvement - was an area that had been needing it."
"They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter."
"The solution’s ability to consume alerts and data in third-party tools (via APIs and export into S3 buckets) is moderate. They have some work to do in that area... The API does not mimic the features of the UI as far as reporting and pulling data out go. There's a big discrepancy there."
More Threat Stack Cloud Security Platform Pricing and Cost Advice →
Lacework is ranked 10th in Cloud Workload Protection Platforms (CWPP) with 9 reviews while Threat Stack Cloud Security Platform is ranked 28th in Cloud Workload Protection Platforms (CWPP). Lacework is rated 8.8, while Threat Stack Cloud Security Platform is rated 8.2. The top reviewer of Lacework writes "Makes us aware of vulnerabilities and provides a lot of data but it's not easily understood at first look". On the other hand, the top reviewer of Threat Stack Cloud Security Platform writes "SecOps program for us, as a smaller company, is amazing; they know what to look for". Lacework is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Snyk, Microsoft Defender for Cloud and Orca Security, whereas Threat Stack Cloud Security Platform is most compared with Darktrace, AWS GuardDuty, Palo Alto Networks URL Filtering with PAN-DB, Qualys VMDR and BMC Helix Cloud Security.
See our list of best Cloud Workload Protection Platforms (CWPP) vendors, best Container Security vendors, and best Cloud Security Posture Management (CSPM) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.