Amazon Security Lake consolidates data from cloud, on-prem and SaaS

Amazon Web Services launched a service that automatically centralizes an organization’s security data from across their AWS environments, leading SaaS providers, on-premises environments, and cloud sources into a purpose-built data lake.

Amazon Security Lake converts and conforms incoming security data to the Open Cybersecurity Schema Framework (OCSF) open standard, making it easier for security teams to automatically collect, combine, and analyze security data from more than 80 sources, including AWS, security partners, and analytics providers. 

The service builds the security data lake using Amazon Simple Storage Service (Amazon S3) and AWS Lake Formation to automatically set up security data lake infrastructure in a customer’s AWS account, providing full control and ownership over security data. 

The data lake collects security data from sources like Amazon VPC Flow Logs and AWS CloudTrail, third-party sources like Splunk, CrowdStrike, Datadog, and Cribl, and their own sources of data.