AWS launches a data lake to help you spot your next big security threat

AWS launches a data lake to help you spot your next big security threat

Amazon Web Services (AWS) has introduced a new security-focused data lake service aimed at helping users get the most out of their security information.

The new Amazon Security Lake service seeks to centralize all of an organization's security data from several different sources, whether in the cloud or on-premises, in one place, to accurately scan for security threats.

Announced at AWS re:Invent 2022, Amazon Security Lake is built on Amazon S3 and can be built "with just a few clicks" and will enable security teams to automatically collect, combine, and analyze petabyte-level security data. ladder.

Amazon Security Lake

"Security data is often scattered throughout your environment from applications, firewalls, and identity providers," AWS CEO Adam Selipsky said during his re:Invent keynote.

"To discover information like coordinated malicious activity in your business, you need to collect and aggregate all this data, make it available to all the analytics tools you use to support threat detection, investigation, and incident response, and then preserve the data. Pipelines are continually updated as events evolve What this means is that what you really want is a tool that makes it easy to store, analyze, understand trends, and generate insights from security data.

The launch could be a big step forward for AWS's security prowess, as the new platform brings together several of its existing data management and analytics services.

Once created, users will be able to import data such as GuardDuty, CloudTrail, and Lambda, allowing them to run queries with Amazon Athena, OpenSearch, and SageMaker.

Security Lake is compliant with the AWS-led Open Cybersecurity Schema Framework, which means it can bring together data from some of the world's largest technology companies, as well as integrate with up to 50 third-party partner analytics systems.

"Customers need to be able to quickly detect and respond to security risks so they can act quickly to protect data and networks, but the data they need for analysis is often distributed across multiple sources and stored in a variety of formats. Jon Ramsey said. . , Vice President of Security Services at AWS.

“Amazon Security Lake enables customers of all sizes to securely configure a security data lake with just a few clicks to aggregate log and event data from dozens of sources, normalize it to be OCSF compliant, and make it more usable for that customers can act. quickly using the security tools of your choice. »

Amazon Security Lake is now available in preview in US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo) , Europe (Frankfurt) and Europe (Dublin) ). ), with availability in other AWS Regions to come.