AWS re:Invent 2022
New Launch Introducing Amazon Security Lake Sec216

Title

AWS re:Invent 2022 - [NEW LAUNCH!] Introducing Amazon Security Lake (SEC216)

Summary

  • Rod Wallace, General Manager of Security Lake, and Jonathan Garzen, Product Manager for Security Lake, presented the challenges faced by CISOs and security teams in enterprise-wide security data analysis.
  • They identified four main challenges: the growing volume of security data, inconsistency and lack of completeness in data, ownership of security data, and the complexity of building and maintaining a custom solution.
  • AWS and Splunk, along with other companies, formed the Open Cybersecurity Schema Framework (OCSF) to normalize security data.
  • Amazon Security Lake was introduced, a service that centralizes, normalizes, and optimizes security data storage and provides long-term storage solutions.
  • The service is built on AWS services like S3, Lake Formation, EventBridge, and Lambda, and runs in the customer's account.
  • Security Lake integrates with AWS organizations for cross-account management and supports data collection from AWS services, on-premises, SaaS, and other cloud providers.
  • The service offers easy data sharing with analytic solutions and has 37 partner companies integrated at the time of the preview.
  • Pricing is based on a fee per gigabyte of data ingested from AWS services, with no charge for third-party data brought into the lake.
  • A 15-day free trial is available post-general availability to help customers estimate costs.

Insights

  • The introduction of Amazon Security Lake addresses a significant pain point for organizations dealing with massive volumes of security data and the complexity of managing it.
  • The Open Cybersecurity Schema Framework (OCSF) initiative shows a collaborative effort in the industry to standardize security data formats, which could lead to more efficient security operations.
  • Amazon Security Lake's integration with existing AWS services and infrastructure suggests a seamless experience for current AWS customers, potentially increasing its adoption.
  • The service's pricing model and free trial period indicate AWS's strategy to encourage widespread use and alleviate concerns about the cost of data ingestion and storage.
  • The emphasis on data ownership and the ability to use multiple analytic tools with Security Lake reflects AWS's understanding of customers' desire for flexibility and control over their security data.
New Launch Introducing Amazon Guardduty Rds Protection Sec218New Launch Introducing Aws Inferentia2 Based Ec2 Inf2 Instances Cmp334