Documentation Index

Fetch the complete documentation index at: https://help.nucleussec.com/llms.txt

Use this file to discover all available pages before exploring further.

Lacework

  • 1 minute(s) read
Prev Next

Overview

Nucleus enables you to ingest your Lacework vulnerability and configuration compliance data directly into your Nucleus console using an automated connector. The connector uses the APIs provided by Lacework to seamlessly sync data into your Nucleus project for use in analysis, triage, automation, and reporting.

At this point in time, the Lacework connector supports importing:

  • Vulnerabilities for all active and running Virtual Machines
  • Vulnerabilities for all container images that are active in a containerised environment
  • CSPM / Cloud misconfiguration findings on cloud resources
Lacework Cloud Resources (CSPM) Beta Program

The Lacework Cloud Resources connector is currently in beta and available on an opt-in basis. Please contact your account representative or the support team to enable it for your Nucleus organization.

Please be aware that during this beta program we will be progressively adding support for more cloud resource types across more cloud environments, and that this documentation may not always be up to date. Please contact your account representative or the support team for more information about what is currently supported and what is planned to be supported.


Connector Setup

Connector Setup Checklist

Follow the steps in this checklist to successfully set up this connector:

  1. API Access
    Create a service account API token and key in Lacework.

  2. Connector Configuration
    Create and configure the connector in your Nucleus project.

  3. Vulnerability Scan Data Ingestion
    Create one or more vulnerability scan ingest rules to ingest vulnerabilities and compliance findings from Lacework.

1. API Access

Follow the steps outlined in Lacework's Documentation to create an API key for your Lacework instance. Ensure that at a minimum the API user has access to the Read-Only user group, as well as read only access to the Access control permission.

2. Connector Configuration

  1. Open Nucleus and go to Integration Hub > Connector Setup.
  2. Under the Scanners section, click the Lacework icon.
  3. In the Setup Lacework Connector popup, enter the following information:
FieldDescription
Name(Optional) enter a name for your connector. If left blank, this will default to Lacework.
Description(Optional) Enter a description for your connector.
Instance URLEnter the URL to your Lacework instance.
API KeyEnter the username of the account you created in API Access.
API SecretEnter the password of the account you created in API Access.
  1. Click Verify Credentials.
  2. Click Save.

3. Vulnerability Scan Data Ingestion

  1. Go to Integration Hub > Import via Connector.
  2. Select the Lacework connector you just created.
  3. Select the method of import: All Hosts, All Container Images or All Cloud Resources.
  4. Select a schedule to import scans into the project.
  5. Click Save & Finish.