We performed a comparison between Bridgecrew and Lacework based on real PeerSpot user reviews.
Find out in this report how the two Cloud Workload Protection Platforms (CWPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's positively affected the communication between cloud security, application developers, and AppSec teams."
"It is fairly simple. Anybody can use it."
"They're responsive to feature requests. If I suggest a feature for Prisma, I will need to wait until the next release on their roadmap. Cloud Native Security will add it right away."
"PingSafe offers three key features: vulnerability management notifications, cloud configuration assistance, and security scanning."
"The most valuable features of PingSafe are cloud misconfiguration, Kubernetes, and IaC scanning."
"It is advantageous in terms of time-saving and cost reduction."
"Cloud Native Security helps us discover vulnerabilities in a cloud environment like open ports that allow people to attack our environment. If someone unintentionally opens a port, we are exposed. Cloud Native Security alerts us so we can remediate the problem. We can also automate it so that Cloud Native Security will fix it."
"PingSafe offers security solutions for both Kubernetes and CI/CD pipelines."
"New users don't have too many problems with the product. They have a lot of training documentation around it."
"In cases where they have automatic remediations, you can click a button and it'll just fix the configuration for you."
"The most valuable feature, from a compliance perspective, is the ability to use Lacework as a platform for multiple compliance standards. We have to meet multiple standards like PCI, SOC 2, CIS, and whatever else is out there. The ability to have reports generated, per security standard, is one of the best features for me."
"The compliance reports are definitely most valuable because they save time and are accurate. So, instead of relying on a human going through and checking or providing me with a report, I could just log into Lacework and see for myself."
"The most valuable aspects are identifying vulnerabilities—things that are out there that we aren't aware of—as well as finding what path of access attackers could use, and being able to see open SSL or S3 buckets and the like."
"The most valuable feature is Lacework's ability to distill all the security and audit logs. I recommend it to my customers. Normally, when I consult for other customers that are getting into the cloud, we use native security tools. It's more of a rule-based engine."
"There are many valuable features that I use in my daily work. The first are alerts and the event dossier that it generates, based on the severity. That is very insightful and helps me to have a security cap in our infrastructure. The second thing I like is the agent-based vulnerability management, which is the most accurate information."
"Lacework is helping a lot in reducing the noise of the alerts. Usually, whenever you have a tool in place, you have a lot of noise in terms of alerts, but the time for an engineer to look into those alerts is limited. Lacework is helping us to consolidate the information that we are getting from the agents and other sources. We are able to focus only on the things that matter, which is the most valuable thing for us. It saves time, and for investigations, we have the right context to take action."
"The best feature, in my opinion, is the ease of use."
"Polygraph compliance is a valuable feature. In our perspective, it delivers significant benefits. The clarity it offers, along with the ability to identify and address misconfigurations, is invaluable. When such issues arise, we promptly acknowledge and take action, effectively collaborating with our teams and the responsible parties for those assets. This enables us to promptly manage problems as soon as they arise."
"One of our use cases was setting up a firewall for our endpoints, specifically for our remote users... We were hoping to utilize SentinelOne's firewall capabilities, but there were limitations on how many URLs we could implement. Because of those limitations on the number of URLs, we weren't able to utilize that feature in the way we had hoped to."
"Scanning capabilities should be added for the dark web."
"PingSafe takes four to five hours to detect and highlight an issue, and that time should be reduced."
"There's room for improvement in the graphic explorer."
"Implementing single sign-on requires a pre-class account feature, which is currently not available."
"We can customize security policies but lack auditing capabilities."
"Crafting customized policies can be tricky."
"The could improve their mean time to detect."
"The biggest issue that I see companies run into is that they immediately think that, "Oh, this solution will be right, simply due to the name." But that's the same issue Splunk runs into. People will immediately jump to Splunk being the best SIEM tool, just because they're the largest. When in reality, QRadar, LogRhythm, and all these other ones are performing similar functions and would actually fit better in some people's environments. Therefore, it's important a company does its homework and does not assume one size fits all."
"We'd like to see better monitoring and the ability to deny certain resources from being scanned."
"The biggest thing I would like to see improved is for them to pursue and obtain a FedRAMP moderate authorization... I don't believe they have any immediate plans to get FedRAMP moderate authorized, which is a bit of a challenge for us because we can only use Lacework in our commercial environment."
"Its integrations with third-party SIEMs can be better. That is one of the things that we discussed with them."
"Visibility is lacking, and both compliance-related metrics and IAM security control could be improved."
"The configuration and setup of alerts should be easier. They should make it easier to integrate with systems like Slack and Datadog. I didn't spend too much time on it, but to me, it wasn't as simple as the alerting that I've seen on other systems."
"Lacework has not reduced the number of alerts we get. We've actually had to add resources as a result of using it because the application requires a lot of people to understand it to get the value out of it properly."
"I would like to see a remote access assistance feature. And the threat-hunting platform could be better."
"Lacework lacks remediation features, but I believe they're working on that. They're focused on the reporting aspect, but other features need to improve. They're also adding some compliance features, so it's not worth saying they need to get better at it."
"A feature that I have requested from them is the ability to sort alerts and policies based on a security framework. Right now, when you go into alerts, you have hundreds and hundreds of them that you have to manually pick. It would be useful to have categories for CIS Benchmark or SOC 2 and be able to display all the alerts and policies for one security framework."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Bridgecrew is ranked 21st in Cloud Workload Protection Platforms (CWPP) with 2 reviews while Lacework is ranked 10th in Cloud Workload Protection Platforms (CWPP) with 9 reviews. Bridgecrew is rated 8.0, while Lacework is rated 8.8. The top reviewer of Bridgecrew writes "Multi-cloud, good scanning, and offers extensive guides". On the other hand, the top reviewer of Lacework writes "Makes us aware of vulnerabilities and provides a lot of data but it's not easily understood at first look". Bridgecrew is most compared with Prisma Cloud by Palo Alto Networks, whereas Lacework is most compared with Wiz, AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Snyk and Microsoft Defender for Cloud. See our Bridgecrew vs. Lacework report.
See our list of best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.