![]() ![]() Here are the key features of Amazon Security Lake: Amazon Security Lake automates the central management of security data, normalizing from integrated AWS services and third-party services and managing the lifecycle of data with customizable retention and also automates storage tiering. Today we are announcing the preview release of Amazon Security Lake, a purpose-built service that automatically centralizes an organization’s security data from cloud and on-premises sources into a purpose-built data lake stored in your account. But, some customers’ security teams still struggle to define and implement security domain–specific aspects, such as data normalization, which requires them to analyze each log source’s structure and fields, define schemas and mappings, and pull in data enrichment such as threat intelligence. The Amazon Simple Storage Service (Amazon S3) and AWS Lake Formation simplify the creation and management of a data lake on AWS. Some of these data sources include logs from on-premises infrastructure, firewalls, and endpoint security solutions, and when utilizing the cloud, services such as Amazon Route 53, AWS CloudTrail, and Amazon Virtual Private Cloud (Amazon VPC). ![]() “IBM Security is a long-standing supporter of open-source and open standards, and believes that common data formats like the OCSF will help improve interoperability among many different cybersecurity products,” Muppidi added.To identify potential security threats and vulnerabilities, customers should enable logging across their various resources and centralize these logs for easy access and use within analytics tools. “Cybersecurity is one of the most pressing challenges of the 21st century, and no single organisation, agency or vendor can solve it alone,” Sridhar Muppidi, chief technology officer at IBM Security said. Ryland added: “Customers tell us that their security teams are spending too much time and energy normalising data across different tools rather than being able to focus on analyzing and responding to risks.” “Having a holistic view of security-related data across tools is essential for customers to effectively detect, investigate and mitigate security issues,” Mark Ryland, director at the Office of the CISO at AWS said. “This is a problem that the industry needed to come together to solve,” Coughlin said. “Security leaders are wrestling with integration gaps across an expanding set of application, service and infrastructure providers, and they need clean, normalised and prioritised data to detect and respond to threats at scale,” Patrick Coughlin, group vice president of security marketing at Splunk said. “The OCSF is an open-source effort aimed at delivering a simplified and vendor-agnostic taxonomy to help all security teams realise better, faster data ingestion and analysis without the time-consuming, up-front normalisation tasks,” they said.Įxperts from participating companies said there was a pressing need to start sharing key data in order to improve cybersecurity for all. “Detecting and stopping today’s cyberattacks requires coordination across cybersecurity tools, but unfortunately normalising data from multiple sources requires significant time and resources,” the group stated. The initiative is described as a continuation of Paul Agbabian’s Integrated Cyber Defense (ICD) Schema work done at Symantec, a division of Broadcom.Īgbabian now holds a senior management position at Splunk. The goal behind OCSF is to better share product-normalising data in order to improve cybersecurity in general.Īll members of the cybersecurity community are invited to utilise and contribute to the OCSF. We will not share your details with third parties. I have read and accept the privacy policy and terms and conditions and by submitting my email address I agree to receive the CRN NZ newsletter and receive special offers on behalf of CRN NZ, nextmedia and its valued partners. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |