Amazon has officially announced, via AWS, Amazon Security Lake which is a new purpose-built data lake for security-related data that can aggregate data from cloud and on-premises infrastructure, firewalls and endpoint security solutions.
The Amazon Security Lake aims to help enterprises centralize all of their security data in a single data lake, using a standards-based format, and manage the lifecycle of this data, and will aggregate data from AWS’s own services.
Whether using CloudTrail or Lambda, as well as its own security tools like AWS Security Hub, GuardDuty or the AWS Firewall Manager, data can be aggregated via the security lake and will be able to ingest data from the likes of Cisco, CrowdStrike and Palo Alto networks as well.
Security data is usually scattered across your environment from applications, firewalls and identity providers,” AWS CEO Adam Selipsky said, according to TechCrunch. “To uncover insights like coordinated malicious activity into your business, you have to collect and aggregate all of this data, make it accessible to all of the analytics tools that you use to support threat detection, investigation and incident response — and then keep the data pipelines updated and continuously do that as events evolve. What this adds up to is that what you really want is a tool that makes it easy to store, to analyze, to understand trends and to generate insights from security data.”