Accelerate security analytics across hybrid environments with AWS (SEC235-NEW)

Highlights of the Presentation

Key Challenges Customers Face with Security Analytics

  1. Collecting data from multiple sources and environments (AWS, other clouds, on-premises)
  2. Normalizing data with different formats into a common schema
  3. Building data pipelines (ETL) to extract, transform, and load data into analytics tools
  4. Balancing cost and visibility when ingesting data into analytics tools

Amazon Security Lake and Amazon OpenSearch Service Integration

  1. Data Collection: Security Lake simplifies centralization of data across AWS accounts and regions.
  2. Data Normalization: Security Lake normalizes data into the open OCSF schema.
  3. Zero ETL Integration: Directly query Security Lake data from Amazon OpenSearch Service without creating data pipelines.
  4. On-Demand Indexing: Selectively index data from Security Lake to optimize performance and cost.
  5. Pre-Built Queries and Dashboards: Accelerate security investigations with pre-built content.

Benefits of the Integration

  1. Reduced time spent on data management, enabling focus on security operations.
  2. Full visibility into security data without compromising cost-efficiency.
  3. Flexible options to query data in-place or selectively index for performance.
  4. Streamlined security analysis with pre-built queries and dashboards.

Demo Walkthrough

  1. Setup of the Security Lake - OpenSearch Service connection.
  2. Exploration of pre-built dashboards for VPC Flows, WAF Logs, and CloudTrail.
  3. Direct querying of Security Lake data in the OpenSearch Service UI.
  4. Utilization of pre-built query templates for security investigations.
  5. Creation of an on-demand index for faster queries on VPC flow data.

Additional Resources

  1. Blog post with more details on the integration.
  2. Security Lake and OpenSearch Service trials available.
  3. Upcoming re:Inforce security conference in June 2023.

Your Digital Journey deserves a great story.

Build one with us.

Cookies Icon

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.

Talk to us