Amazon Web Services (AWS) has unveiled a new security-focused data lake service aimed at helping users get more out of their security information.
The new Amazon Security Lake service attempts to centralize all of an organization’s security data from a number of different sources, whether from the cloud or on-premises, in one place to precisely drill down into security threats.
Announced at AWS re:Invent 2022, Amazon Security Lake is built on Amazon S3 and can be created, “in just a few clicks,” and makes it easy for security teams to automatically collect, combine, and analyze petabyte-scale security data.
Amazon Security Lake
“Security data is usually scattered throughout your environment, from applications, firewalls and identity providers,” said AWS CEO Adam Selipsky during his re:Invent opening keynote.
“To uncover insights such as coordinated malicious activity across your business, you need to collect and aggregate all this data, make it accessible to all the analytics tools you use to support threat detection, investigation, and incident response — and then update the data retention pipelines and do so continuously as events develop. The bottom line is that what you really want is a tool that makes it easy to store, analyze, understand trends and generate insights from security data.”
The launch could represent a major step forward for AWS’s security capabilities, as the new platform brings together some of its existing data analytics and management services.
Once created, users can pull in data from the likes of GuardDuty, CloudTrail, and Lambda, giving users the ability to perform searches using Amazon Athena, OpenSearch, and SageMaker.
Security Lake is compliant with the AWS-led Open Cybersecurity Schema Framework, which means it can bring together data from some of the world’s largest technology companies and integrate up to 50 analytics systems from third-party partners.
“Customers need to be able to quickly detect and respond to security threats so they can take rapid action to secure data and networks, but the data they need for analysis is often scattered across multiple sources and stored in different formats,” says Jon Ramsey , vice president of security services at AWS.
“With Amazon Security Lake, customers of all sizes can securely build a security data lake with just a few clicks to collect logs and event data from dozens of sources, normalize it to meet the OCSF standard, and make it more widely usable so that customers can take quick action with their favorite security tools.”
Amazon Security Lake is now in preview in US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Frankfurt), and Europe (Dublin) . ), with availability in other AWS regions coming soon.