We performed a comparison between Lacework and Tenable Cloud Security based on real PeerSpot user reviews.
Find out in this report how the two Cloud-Native Application Protection Platforms (CNAPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Cloud Native Security is user-friendly. Everything in the Cloud Native Security tool is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features."
"We noted immediate benefits from using the solution."
"It is advantageous in terms of time-saving and cost reduction."
"Cloud Native Security offers a valuable tool called an offensive search engine."
"Cloud Native Security has helped us with our risk posture and securing our agenda. It has been tremendous in terms of supporting growth."
"PingSafe's integration is smooth. They are highly customer-oriented, and the integration went well for us."
"We like PingSafe's vulnerability assessment and management features, and its vulnerability databases."
"Atlas security graph is pretty cool. It maps out relationships between components on AWS, like load balancers and servers. This helps visualize potential attack paths and even suggests attack paths a malicious actor might take."
"The most valuable feature is Lacework's ability to distill all the security and audit logs. I recommend it to my customers. Normally, when I consult for other customers that are getting into the cloud, we use native security tools. It's more of a rule-based engine."
"The best feature, in my opinion, is the ease of use."
"The compliance reports are definitely most valuable because they save time and are accurate. So, instead of relying on a human going through and checking or providing me with a report, I could just log into Lacework and see for myself."
"The most valuable aspects are identifying vulnerabilities—things that are out there that we aren't aware of—as well as finding what path of access attackers could use, and being able to see open SSL or S3 buckets and the like."
"Polygraph compliance is a valuable feature. In our perspective, it delivers significant benefits. The clarity it offers, along with the ability to identify and address misconfigurations, is invaluable. When such issues arise, we promptly acknowledge and take action, effectively collaborating with our teams and the responsible parties for those assets. This enables us to promptly manage problems as soon as they arise."
"There are many valuable features that I use in my daily work. The first are alerts and the event dossier that it generates, based on the severity. That is very insightful and helps me to have a security cap in our infrastructure. The second thing I like is the agent-based vulnerability management, which is the most accurate information."
"For the most part, out-of-the-box, it tells you right away about the things you need to work on. I like the fact that it prioritizes alerts based on severity, so that you can focus your efforts on anything that would be critical/high first, moderate second, and work your way down, trying to continue to improve your security posture."
"Lacework is helping a lot in reducing the noise of the alerts. Usually, whenever you have a tool in place, you have a lot of noise in terms of alerts, but the time for an engineer to look into those alerts is limited. Lacework is helping us to consolidate the information that we are getting from the agents and other sources. We are able to focus only on the things that matter, which is the most valuable thing for us. It saves time, and for investigations, we have the right context to take action."
"The solution’s vulnerability management feature has helped us identify and mitigate risks well."
"The key benefit lies in having the largest and most up-to-date database. When it comes to using any Tenable product, it excels in finding vulnerabilities and providing analytics."
"Ermetic can provide super visibility for our cloud environment (we are using AWS)."
"If you have multi-cloud tenancy using AWS and Azure, you can have a single dashboard where you can onboard all the cloud infrastructure and have visibility into it."
"The product's visibility and remediation work fine for me."
"The tool alerts us on depreciating performance or deficiencies of our web application. It helps us react on time."
"We had a glitch in PingSafe where it fed us false positives in the past."
"There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security."
"It does not bring much threat intel from the outside world. All it does is scan. If it can also correlate things, it will be better."
"I used to work on AWS. At times, I would generate a normal bug in my system, and then I would check PingSafe. The alert used to come after about three and a half hours. It used to take that long to generate the alert about the vulnerability in my system. If a hacker attacks a system and PingSafe takes three to four hours to generate an alert, it will not be beneficial for the company. It would be helpful if we get the alert in five to ten minutes."
"There's room for improvement in the graphic explorer."
"Scanning capabilities should be added for the dark web."
"The main area for improvement I want to see is for the platform to become less resource-intensive. Right now, it can slow down processes on the machine, and it would be a massive improvement if it were more lightweight than it currently is."
"We'd like to have better notifications. We'd like them to happen faster."
"There are a couple of the difficulties we encounter in the realm of cybersecurity, or security as a whole, that relate to potentially limited clarity. Having the capacity to perceive the configuration aspect and having the ability to contribute to it holds substantial advantages, in my view. It ranks high, primarily due to its role in guaranteeing compliance and the potential to uncover vulnerabilities, which could infiltrate the system and introduce potential risks. I had been exploring a specific feature that captured my interest. However, just yesterday, I participated in a product update session that announced the imminent arrival of this feature. The feature involves real-time alerting. This was something I had been anticipating, and it seems that this capability is now being integrated, possibly as part of threat intelligence. While anomaly events consistently and promptly appear in the console, certain alerts tend to experience delays before being displayed. Yet, with the recent product update, this issue is expected to be resolved. Currently, a comprehensive view of all policies is available within the console. However, I want a more tailored display of my compliance posture, focusing specifically on policies relevant to me. For instance, if I'm not subject to HIPAA regulations, I'd prefer not to see the HIPAA compliance details. It's worth noting that even with this request, there exists a filtering mechanism to control the type of compliance information visible. This flexibility provides a workaround to my preference, which is why it's challenging for me to definitively state my exact request."
"I would like to see a remote access assistance feature. And the threat-hunting platform could be better."
"Its integrations with third-party SIEMs can be better. That is one of the things that we discussed with them."
"Visibility is lacking, and both compliance-related metrics and IAM security control could be improved."
"The biggest thing I would like to see improved is for them to pursue and obtain a FedRAMP moderate authorization... I don't believe they have any immediate plans to get FedRAMP moderate authorized, which is a bit of a challenge for us because we can only use Lacework in our commercial environment."
"The configuration and setup of alerts should be easier. They should make it easier to integrate with systems like Slack and Datadog. I didn't spend too much time on it, but to me, it wasn't as simple as the alerting that I've seen on other systems."
"Lacework lacks remediation features, but I believe they're working on that. They're focused on the reporting aspect, but other features need to improve. They're also adding some compliance features, so it's not worth saying they need to get better at it."
"A feature that I have requested from them is the ability to sort alerts and policies based on a security framework. Right now, when you go into alerts, you have hundreds and hundreds of them that you have to manually pick. It would be useful to have categories for CIS Benchmark or SOC 2 and be able to display all the alerts and policies for one security framework."
"The product must provide more features."
"I do think there might be room for more integrations. This could allow for further customization and flexibility, essentially offering different functionality options to accommodate various budgets."
"Ermetic needs to improve its security scanning. I would like to see more dynamic graphical forms."
"I didn't find anything that wasn't useful or needed to be added."
"There is a need for the support team to improve their response time since it is one of the areas where the product's technical team has certain shortcomings."
"If Tenable Cloud Security offers a complete Cnapp solution with CWP, CIEM, and Waap security, it will be able to compete with other competitors."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Lacework is ranked 9th in Cloud-Native Application Protection Platforms (CNAPP) with 9 reviews while Tenable Cloud Security is ranked 15th in Cloud-Native Application Protection Platforms (CNAPP) with 6 reviews. Lacework is rated 8.8, while Tenable Cloud Security is rated 8.6. The top reviewer of Lacework writes "Makes us aware of vulnerabilities and provides a lot of data but it's not easily understood at first look". On the other hand, the top reviewer of Tenable Cloud Security writes "Provides excellent features and helps identify and mitigate risks". Lacework is most compared with Wiz, AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Snyk and Cloudflare, whereas Tenable Cloud Security is most compared with Wiz, Orca Security, Prisma Cloud by Palo Alto Networks, Microsoft Defender for Cloud and CrowdStrike Falcon Cloud Security. See our Lacework vs. Tenable Cloud Security report.
See our list of best Cloud-Native Application Protection Platforms (CNAPP) vendors, best Cloud Workload Protection Platforms (CWPP) vendors, and best Cloud Security Posture Management (CSPM) vendors.
We monitor all Cloud-Native Application Protection Platforms (CNAPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.