Lacework integrates with Amazon Security Lake to reduce complexity in your cloud

Abstract architectural photo shot from the ground. Features a lot of modern windows and steel.Data is a critical part of technology and business growth. It’s also the foundation of the Lacework® Polygraph® Data Platform, and it is a vital factor in how we keep you more secure in your Amazon Web Services (AWS) cloud. We harness information from your cloud and store it in a security data lake so we can give you greater visibility and actionable insights. Utilizing a data lake ensures greater control and management over your data—ultimately, the value you get out of your data increases with the more data you have access to. This is why it is so important to utilize information from as many different sources as possible. One problem technologies often face is the schema (structure for the events) for the various data sources, as each is typically different. These variations make ingesting information to your data lake difficult, because the data has to be normalized for the specific platform in order to understand it. This is why various data projects have been introduced, and specifically why Open Cybersecurity Schema Framework (OCSF) was established.

OCSF is an open source project that Amazon Web Services (AWS) co-founded. The initial goal of this project is to develop a vendor-agnostic core security schema for cybersecurity events, but it is important to note that it is not limited to cybersecurity. The goal of this project is simply to provide an open standard that complements existing security standards. Because the schema becomes consistent across sources, users can utilize their underlying data for investigations. This project is incredibly important as we think about the future of cybersecurity in the cloud. The cloud is only growing, and any way to make security easier, as you grow and scale, should always be the overall goal.

Amazon Security Lake, launched at AWS re:Invent 2022, enables you to build a security data lake from integrated cloud and on-premises data sources, as well as from your private applications. Amazon Security Lake helps aggregate, manage, and derive value from log and event data in the cloud and on-premises to give security teams greater visibility across your organization using the OCSF schema. There are four personas identified in the OCSF – the author, producer, mapper, and analyst. In this announcement, we are covering our integration as a producer. According to the “producer” definition, we generate events natively into the OCSF schema. Lacework, an AWS Software Partner, integrates with Amazon Security Lake as a data source and provides our security findings about software vulnerabilities, misconfigurations, and known and unknown threats across your AWS environment. Lacework is focused on helping you not only simplify security in your AWS cloud, but helping you scale. Security is as much a journey as the cloud is. Lacework is committed to joining you on your AWS cloud journey and to help you easily address misconfigurations, to protect your data, applications, and workloads.

Our integration with Amazon Security Lake is a vital piece to our integrations with AWS. Focused on customer obsession, both companies are driven to make security in the cloud easier for you, so that you can focus on what your organization needs to grow, scale, and innovate. Lacework is dedicated to securing you end-to-end, as you build in your AWS cloud. Our integrations are growing, including AWS Control Tower, AWS Fargate, and AWS Security Hub. For future updates, check us out at Lacework.com/AWS or in the AWS Marketplace.