The service automatically centralizes security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account. Credit: Imaginima / Getty Images Amazon Web Services (AWS) has launched a new cybersecurity service, Amazon Security Lake, which automatically centralizes security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account, the company said in a statement. “Customers must be able to quickly detect and respond to security risks so they can take swift action to secure data and networks, but the data they need for analysis is often spread across multiple sources and stored in a variety of formats,” Jon Ramsey, vice president for Security Services at AWS said in a statement. “Amazon Security Lake lets customers of all sizes securely set up a security data lake with just a few clicks to aggregate logs and event data from dozens of sources, normalize it to conform with the Open Cybersecurity Schema Framework (OCSF) standard, and make it more broadly usable so customers can take action quickly using their security tools of choice.”Launched at the AWS re:Invent 2022, Amazon Security Lake is currently available in US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Frankfurt), and Europe (Ireland), and will be expanded to other regions soon. “Security analysts and engineers can use Amazon Security Lake to aggregate, manage, and optimize large volumes of disparate log and event data to enable faster threat detection, investigation, and incident response to effectively address potential issues quickly, while continuing to utilize their preferred analytics tools,” the company said. FINRA, Salesforce, and Tinder have already started using the service, according to AWS. Security Lake automatically builds data lakeAmazon Security Lake automatically builds a data lake for the enterprise and manages the complete lifecycle. It aggregates, normalizes and stores data, helping enterprises respond to security events faster with their preferred tools, the company said. The security data lake is created in just a few clicks in the customer-selected region, according to the release. The new service builds security data lakes using Amazon Simple Storage Service (S3) and AWS Lake formation. “After customers choose their data sources, Amazon Security Lake automatically aggregates and normalizes data from AWS, combines it with third-party sources that support OCSF (an open standard), and optimizes it into a format that is easy to store and query,” AWS said. The service enables enterprises to use Amazon’s security solutions such as Amazon Athena, Amazon OpenSearch, and Amazon SageMaker as well as third-party solution providers such as IBM, Splunk and Sumo Logic. It also supports over 50 different data sources including AWS, Cisco, CrowdStrike, and Palo Alto Networks. “As a result, Amazon Security Lake helps customers improve their overall security posture, provide greater visibility for security teams to identify and understand events, and reduce the time to resolve security issues,” the company said. Security Lake supports OCSF Amazon Security Lake conforms all the data to the OCSF and combines it with third-party sources that support OCSF and optimizes it into a format that is easy to store and query, AWS said. OCSF is a collaborative, open source effort by AWS and its partners in the cybersecurity industry that aims to provide a standard schema for the data generated by cybersecurity tooling. The public source code for OCSF is hosted on GitHub. A standardized schema can fasten the process of integrating data from different vendors into a single format. The Security Lake service converts the ingested data to OCSF format. Related content news Bug in EmbedAI can allow poisoned data to sneak into your LLMs The vulnerability can be used to deceive a user into inadvertently uploading and integrating incorrect data into the application’s language model. By Shweta Sharma May 31, 2024 3 mins Generative AI Vulnerabilities news OpenAI accuses Russia, China, Iran, and Israel of misusing its GenAI tools for covert Ops OpenAI’s generative AI tools were used to create and post propaganda content on various geo-political and socio-economic issues across social media platforms, the company said. By Gyana Swain May 31, 2024 4 mins Generative AI news Okta alerts customers against new credential-stuffing attacks Hackers are using credential-stuffing to attack endpoints that are used to support the cross-origin authentication feature. By Shweta Sharma May 31, 2024 4 mins Identity and Access Management Vulnerabilities feature 3 reasons users can’t stop making security mistakes — unless you address them Understanding what’s behind employee security mistakes can help CISOs make meaningful adjustments to their security awareness training strategies. By Ariella Brown May 31, 2024 5 mins Data Breach Risk Management PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe