Cybersecurity vendors Trellix and Netskope have announced new support for Amazon Security Lake from AWS, which became generally available on May 30. Trellix customers can now integrate their security data lake into the Trellix XDR security operations platform to enhance detection and response capabilities for their AWS environments. Meanwhile, Netskope customers can export logs from the Netskope Intelligent Security Service Edge (SSE) platform to Amazon Security Lake to improve visibility and threat remediation.
AWS launched Amazon Security Lake in November last year at the AWS re:Invent 2022 conference. The service automatically centralises security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account. It uses the Open Cybersecurity Schema Framework (OCSF) standard to normalise security data from AWS and combine it with dozens of pre-integrated third-party security data sources.
Trellix expands XDR support for AWS Amazon Security Lake
Through newly combined capabilities, Trellix customers can share security events across Trellix XDR and their Amazon Security Lake, getting complete detection and response capabilities for their AWS environments, the vendor said in a press release. This integration benefits customers in two unique ways: lower operational overhead and better control of data with the ability to run analytics off security data, according to a Trellix blog post. “By leveraging Amazon Security Lake, customers simplify their operations for ingesting and processing data by having a single data lake that can be used for all their security data.”
Customers no longer need to set up multiple paths/destinations which removes a step to allow them to see and respond to their data faster, Trellix said. They also no longer need to maintain custom integrations and simplify their delivery of data to Trellix Helix and can consolidate their Trellix security findings back into Amazon Security Lake. “This allows Trellix to focus on finding and responding to threats while customers maintain better control of their security data, and it abides by their privacy policies.”
Furthermore, joining OCSF supports collaboration with other industry organisations, further benefiting customers and the broader cybersecurity community, Trellix said.
Netskope integrates SSE platform with Amazon Security Lake
Integration of Netskope’s SSE platform with Amazon Security Lake allows customers to detect and investigate threats faster by providing enhanced visibility, stronger security posture, and centralised threat remediation, Netskope said in a press release.
Organisations can export logs, events, and alerts collected by Netskope Cloud Exchange to Amazon Security Lake to get a holistic view of threats and vulnerabilities in their overall environment, the vendor added. Organisations can also use Netskope logs and Amazon Security Lake analysis tools to discover and remediate threats and vulnerabilities across their environment to strengthen their security posture, along with using both services respond to alerts and remediate threats from the centralised Amazon Security Lake console, Netskope said.