Thinking of integrating your data sources with AWS’s Amazon Security Lake offering? We got you covered! We are excited to announce Abstract Security’s new addition to our ever-growing integration list – Amazon Security Lake!  

Quick recap on Amazon Security Lake

Amazon Security Lake from AWS is purpose-built for you to centrally query your data with Amazon Athena and OpenSearch and build machine learning algorithms on your data via Amazon Sagemaker. With growing compliance and data regulatory needs, it’s essential to unify security data operations in a central platform for visibility and reporting, and that’s essentially what Amazon security lake aims to deliver.  

‍

‍

Another Vendor Lock-In on Data?

Not at all! What’s cool about this offering is that it supports bringing custom data sources, outside of AWS into Amazon Security Lake via the Open Cybersecurity Schema Framework (OCSF) standard. OCSF is an open and collaborative project that creates a standardized, vendor-agnostic database structure to normalize security events. This creates a uniform format for events regardless of the source origin’s format or syntax. The benefit of such normalization is that data can be routed from any source to any destination, and analytics can be shared between platforms.

‍

So why do I need Abstract Security?

Amazon Security Lake provides the basic building blocks to bring in custom data sources outside of AWS services. To fully realize the power of the Amazon Security Lake requires you to build software to gather the data and normalize the data coming from your external data sources into the OCSF format.  

‍

Abstract Security's pipeline platform normalizes data in real time from your data sources to the same OCSF schema. So, you can route data from any source to Amazon Security Lake, without needing to normalize or optimize it yourself. By integrating with Abstract, you can remove noise, ingest data from hybrid cloud environments, normalize in real time and enrich with live-streaming threat intelligence before storing it. This integration plays a key role for our joint customers in multiple ways

1. Easily onboard any data source
   Abstract has over 100 (and counting) prebuilt, easy to configure integrations with support for Syslog, HTTP, and API based data sources, in addition to robust support for Cloud data sources such as S3, Kinesis Firehose, GCP GCS and Pub/Sub, or Azure EventHubs. Easily onboard any data source – hybrid cloud environments, SaaS solutions and even on-premises data sources without worrying about normalizing or optimizing it after storage.

2. Don’t pay storage costs for data that is unnecessary
   With large volumes of data coming in, the task of eliminating noise becomes cumbersome without full visibility. Abstract Security is built on data and threat expertise with out-of-the-box data processing rules. These eliminate unnecessary entries, redundant telemetry and other noise from incoming data in real time before routing to your storage.  

3. Easily migrate from existing storage data lake to Amazon Security Lake
   ‍Normalizing data in real time so you can migrate your data from any other storage destination to Amazon Security Lake without worrying about the operational burden and switching costs.

4. No code-experience required for data operations!
   Abstract not only makes data operations simplified but also does it in a user-friendly way with a drag and drop, no code experience model; empower your security team with time saving tools without the overhead of custom engineering or yet another query language.
   

Wait, there’s more! Abstract Security also provides streaming analytics on incoming data from your data sources and matches them against millions of Indicators of Compromise (IOCs) amplifying threat insights, before routing it to Amazon Security Lake.  

Get Abstract Security to see all this and more in action today!