Amazon recently announced the general availability of Security Lake, which automatically centralizes an organization’s security data from across their AWS environments, leading SaaS providers, on-premises environments, and cloud sources into a data lake.
The tool adapts and standardizes incoming security data to align with the Open Cybersecurity Schema Framework (OCSF), which is a universally accepted standard. This enables security teams to effortlessly gather, merge, and scrutinize security data from a diverse range of more than 80 sources, including AWS, security allies, and analytics service providers.
As part of the suite of AWS Cloud security services, Amazon Security Lake leverages AWS’ infrastructure to offer a highly flexible and secure cloud platform. Amazon Security Lake also consolidates and refines extensive amounts of varied log and event data, thus facilitating quicker detection, examination, and reaction to potential threats. This allows organizations to swiftly address potential problems using their chosen analytics tools.
“Security has been our top priority since the very beginning when we were designing to meet the needs of the most security-sensitive organizations,” said Jon Ramsey, vice president of security services at AWS. “We also know that customers need trusted partners to extend the benefits of the cloud and make sure their organizations are secure end-to-end. With more than 80 sources providing data to Amazon Security Lake, security teams can achieve greater visibility into potential security threats and how to respond to them, further protecting the workloads, applications, and data that are critical to driving the business forward.”
The service builds the security data lake using Amazon Simple Storage Service (Amazon S3) and AWS Lake Formation to automatically set up security data lake infrastructure in a customer’s AWS account, providing full control and ownership over security data.
Additional details are available here.