AWS Security Blog
Category: Amazon Security Lake
Accelerate incident response with Amazon Security Lake
This blog post is the first of a two-part series that will demonstrate the value of Amazon Security Lake and how you can use it and other resources to accelerate your incident response (IR) capabilities. Security Lake is a purpose-built data lake that centrally stores your security logs in a common, industry-standard format. In part […]
Investigating lateral movements with Amazon Detective investigation and Security Lake integration
According to the MITRE ATT&CK framework, lateral movement consists of techniques that threat actors use to enter and control remote systems on a network. In Amazon Web Services (AWS) environments, threat actors equipped with illegitimately obtained credentials could potentially use APIs to interact with infrastructures and services directly, and they might even be able to use […]
How Amazon Security Lake is helping customers simplify security data management for proactive threat analysis
Centralize visibility across hybrid environments for streamlined incident response, optimized log retention, and proactive threat detection. Use AI-driven enhancements for automated investigations.
How to develop an Amazon Security Lake POC
You can use Amazon Security Lake to simplify log data collection and retention for Amazon Web Services (AWS) and non-AWS data sources. To make sure that you get the most out of your implementation requires proper planning. In this post, we will show you how to plan and implement a proof of concept (POC) for […]
Generate AI powered insights for Amazon Security Lake using Amazon SageMaker Studio and Amazon Bedrock
In part 1, we discussed how to use Amazon SageMaker Studio to analyze time-series data in Amazon Security Lake to identify critical areas and prioritize efforts to help increase your security posture. Security Lake provides additional visibility into your environment by consolidating and normalizing security data from both AWS and non-AWS sources. Security teams can […]
How to share security telemetry per OU using Amazon Security Lake and AWS Lake Formation
Part 3 of a 3-part series Part 1 – Aggregating, searching, and visualizing log data from distributed sources with Amazon Athena and Amazon QuickSight Part 2 – How to visualize Amazon Security Lake findings with Amazon QuickSight This is the final part of a three-part series on visualizing security data using Amazon Security Lake and […]
Get custom data into Amazon Security Lake through ingesting Azure activity logs
Amazon Security Lake automatically centralizes security data from both cloud and on-premises sources into a purpose-built data lake stored on a particular AWS delegated administrator account for Amazon Security Lake. In this blog post, I will show you how to configure your Amazon Security Lake solution with cloud activity data from Microsoft Azure Monitor activity […]
Amazon Security Lake is now generally available
Today we are thrilled to announce the general availability of Amazon Security Lake, first announced in a preview release at 2022 re:Invent. Security Lake centralizes security data from Amazon Web Services (AWS) environments, software as a service (SaaS) providers, on-premises, and cloud sources into a purpose-built data lake that is stored in your AWS account. […]