Amazon Security Lake flows in

Amazon Web Services (AWS) this week announced Amazon Security Lake, a service that automatically centralizes an organization’s security data from cloud and on-premises sources into a purpose-built data lake within a customer’s AWS account. makes This will allow customers to act on security data faster, AWS CEO Adam Selpsky said during his keynote address at the AWS re:Invent conference in Las Vegas on Tuesday.

Amazon Security Lake manages its data lifecycle with customizable data retention settings, transforms incoming security data into an efficient Apache Parquet format, and conforms to the Open Cybersecurity Schema Framework (OCSF) open standard. does. This will make it easy to automatically normalize security data from AWS and combine it with dozens of pre-integrated third-party enterprise security data sources.

Security analysts and engineers can use Amazon Security Lake to collect, manage, and optimize large amounts of disparate log and event data for faster threat identification, investigation, and incident response. can be made possible. This will allow them to quickly resolve potential issues while continuing to use their preferred analytics tools.

Early users of the service include Salesforce and Tinder.

Tinder is the world’s most popular app for meeting new people, available in 190 countries and over 40 languages. It has been downloaded more than 530-million times and led to more than 75-billion matches.

“Because our users entrust Tinder with their information, the security of our application and the privacy of our users’ data are our top priorities,” said Jonathan Walker, Tinder’s DevSecOps Manager. “Ensuring that we maintain a robust, transparent, and accountable security program is at the heart of our commitment to our customers. Amazon Security Lake enables querying security events across geographies, sources, and event scales. has significantly reduced time and money in our efforts. It has allowed our team to shift their focus from data engineering to analyzing security incidents within the cloud.”

Also Read :  I asked Amazon to show me weird tech gadgets. I still haven't recovered

Customers want greater visibility into security activities across their organizations to proactively identify potential threats and vulnerabilities, assess security alerts, respond accordingly, and prevent future security incidents. I got help. To do this, most organizations rely on log and event data from many different sources (such as applications, firewalls, and identity systems) running in the cloud and on premises, each in a unique and often incompatible data format. uses

To uncover security-related insights, such as detecting unauthorized external data transfers of sensitive information or identifying the installation of malware on employee devices, organizations must first collect all that data in a consistent format and It should be normalized. After data is consistently formatted, users can analyze it and understand the current level of risk, and then correlate and monitor risks for better visibility.

Customers typically use different security solutions to address specific use cases, such as incident response and security analytics, which often means replicating and manipulating the same data multiple times. process because each solution has its own data stores and formats. This is time-consuming and expensive, slowing security teams’ ability to detect and respond to problems.

As customers add new users, tools and data sources, security teams must also spend time managing a complex set of data access rules and security policies to ensure how data is used and protected. So that people can get the information they want. Some security teams create a central repository for all their security data in a data lake, but these systems require specialized expertise and can take months to build due to the large volume of log data from various sources, which PETA Can run at the byte scale.

Also Read :  Musée de la Photographie : Lisette Model

Amazon Security Lake is a purpose-built security data lake that can be created in a few clicks and enables users to collect, normalize, and store data to identify security events using their preferred tools. Be able to respond quickly. After setup and connection to selected data sources, Amazon Security Lake automatically creates a security data lake in the customer’s selected region, helping customers meet regional data compliance requirements.

After customers choose their data sources, Amazon Security Lake automatically collects and normalizes data from AWS, combines it with third-party sources that support OCSF’s open standards, and delivers it to a Optimizes in a format that is easy to store and query. Amazon Security Lake automates the end-to-end process from data lake creation and data collection to normalization and integration.

The new service creates security data lakes using Amazon Simple Storage Service (Amazon S3) and AWS Lake Formation to automatically configure security data lake infrastructure in a customer’s AWS account, providing full control and ownership of security data. Is. Once ingested and normalized, users can use their preferred security and analytics tools to make it faster and easier, including Amazon Athena, Amazon OpenSearch, and Amazon SageMaker, as well as popular third-party tools. solution (eg, IBM, Splunk, or Sumo Logic). To get broader and deeper analytics from AWS and more than 50 third-party (such as Cisco, CrowdStrike, and Palo Alto Networks) and customer data sources.

Jon Ramsey, vice president of security services at AWS, said: “Customers need to be able to quickly detect and respond to security threats so they can take swift action to secure data and networks, but analysis The data they need is often spread across multiple sources and stored in different formats. Customers tell us they want to process this data quickly to improve their security posture. can be created, but the process of collecting, normalizing, storing and managing this data is complex and time-consuming.

Also Read :  Meta showcases six best of X-reality in Africa

“Amazon Security Lake lets customers of all sizes securely configure a security data lake with just a few clicks to collect log and event data from dozens of sources, customizing it to meet OCSF standards. builds, and makes it more widely available so customers can take action faster using the security tools of their choice. With Amazon Security Lake, customers are supported by the largest ecosystem of security partners and solutions. provides superior visibility and control.”

Salesforce, the global CRM leader, empowers companies of all sizes and industries to digitally transform and create a 360° view of their customers. Vikram Rao, Chief Trust Officer, Salesforce, said: “Salesforce builds security into everything we do. As we scale to support the growth of our global customer base, our detection and response teams will be able to catch malicious activity. and analyzes petabytes of security logs to protect customer data.

“Amazon Security Leak Streamlining works by integrating security logs and events from AWS and other cloud providers – reducing time spent on log onboarding and coverage so our engineers can proactively prevent and respond to incidents.” can focus on.”

* For more information about Amazon Security Lake, visit aws.amazon.com/security-lake.

Source

Leave a Reply

Your email address will not be published.