Cloud security provider Lacework has added a new vulnerability risk management capability to its cloud-native application protection (CNAPP) offering.
The SaaS capability will combine active package detection, attack path analysis, and in-house data on active exploits to generate personalized vulnerability risk scores.
“Lacework takes a risk-based approach that goes beyond a common vulnerability scoring system (CVSS) and looks at each customer’s unique environment, to figure out what packages are active, whether that host is exposed to the internet, whether there are exploits in the wild, etc.,” said Nolan Karpinski, director of product management at Lacework. “CVSS scores are very generic and, at times, do not pertain to every context, meaning it may or may not be bad for your environment.”