The Amazon Security Lake service will help security analysts and engineers aggregate, manage, and streamline huge volumes of disparate log and event data

640px-AWS_-_Amazon_Web_Services_Office_in_Houston,_Texas_(46600198075)

AWS launches Amazon Security Lake, a new platform to automatically centralise an organisation’s security data. (Credit: Tony Webster from Minneapolis, Minnesota, United States/Wikimedia Commons)

Amazon Web Services (AWS) has launched Amazon Security Lake, a new service that centralises an organisation’s security data automatically from cloud and on-premises sources into a data lake to help customers take quicker action on security data.

Introduced at AWS re:Invent, the new purpose-built data lake manages security data right through its lifecycle with customisable data retention settings and converts all incoming data to the Apache Parquet format.

The new service then conforms to the Open Cybersecurity Schema Framework (OCSF) open standard, thereby allowing the normalisation of security data from AWS and combining it with several pre-integrated third-party enterprise security data sources.

The Amazon Security Lake will help security analysts and engineers aggregate, manage, and streamline huge volumes of disparate log and event data.

It will allow rapid threat detection, investigation, and incident response to address potential issues faster, while using the preferred analytics tools.

Once connected to selected data sources, the new service from AWS will automatically develop a security data lake in a region selected by customer to help meet regional data compliance needs.

Amazon Security Lake utilises Amazon Simple Storage Service and AWS Lake Formation to automatically create security data lake infrastructure in a customer’s AWS account.

The new data lake is available in preview in the US East (N. Virginia), US West (Oregon), US East (Ohio), Asia Pacific (Tokyo), Asia Pacific (Sydney), Europe (Frankfurt), and Europe (Ireland) regions of AWS. It is expected to be available in additional AWS regions soon, stated AWS.

AWS security services vice president Jon Ramsey said: “Customers must be able to quickly detect and respond to security risks so they can take swift action to secure data and networks, but the data they need for analysis is often spread across multiple sources and stored in a variety of formats.

“Customers tell us they want to take action on this data faster to improve their security posture, but the process of collecting, normalising, storing, and managing this data is complex and time consuming.

“Amazon Security Lake lets customers of all sizes securely set up a security data lake with just a few clicks to aggregate logs and event data from dozens of sources, normalise it to conform with the OCSF standard, and make it more broadly usable so customers can take action quickly using their security tools of choice.”