The new security-focused data lake solution from Amazon Web Services (AWS), unveiled at re:Invent 2022, aims to give consumers more value from their security data.
The Amazon Security Lake service aims to consolidate an organization's security data from various on-premises and cloud-based sources into a single location to pinpoint security threats precisely.
With the help of Amazon Security Lake, based on Amazon S3, security teams will find it simple to automatically gather, aggregate, and analyze security data at petabyte size.
In his keynote address, AWS CEO Adam Selipsky stated that security data is spread across various applications, firewalls, and identity providers.
By combining a variety of AWS's existing data analytics and management services, the new platform may significantly enhance AWS's security capabilities.
The platform integrates with CloudTrail, Lambda, and GuardDuty to allow customers to import their data. The data can be analyzed further with tools such as Amazon Athena or SageMaker.
Security Lake is fully compliant with the Open Cybersecurity Schema Framework (OCSF), meaning it can combine data from the world's top technology companies and connect with up to 50 partner analytics systems.
Jon Ramsey, vice president of Security Services at AWS, emphasized the importance of customers being able to detect security risks to quickly and effectively protect data and networks. However, their data is often scattered and stored in various formats, making it difficult to analyze.
With Amazon Security Lake, customers can create a security data lake. Then, in just a few clicks, gather data from various sources and normalize it to OCSF standards, enabling customers to quickly take action with their preferred security tool.
Amazon Security Lake is in the preview phase in the AWS Regions of North Virginia, Ohio, Oregon, Sydney, Tokyo, Frankfurt, and Dublin. More AWS regions will be added soon.