Uptycs has integrated with Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes security data from across AWS environments, SaaS providers, on-premises, and cloud sources into a purpose-built data lake.
Amazon Security Lake manages data throughout its lifecycle with customizable data retention settings and converts and conforms incoming security data to the Open Cybersecurity Schema Framework (OCSF) open standard, making it easier to automatically collect, combine, and analyze security data from AWS, security partners, and analytics providers.
The integration with Uptycs helps organizations speed up threat detection and incident response by correlating Uptycs telemetry and events with data from a vast number of other security tools.
With the proliferation of technologies and environments, security teams need to spend time setting up one-to-one integrations between their tools to correlate threat activity. This is expensive and delays response to security threats.
In contrast, a shift up approach to cybersecurity does not need complex integrations and intermediary systems to connect the dots. The premise involves getting the data in a standardized format right out of the gate, and streaming it up into a data lake so security teams can do cross-correlations that speed up threat detection and response.
The OCSF project offers a consistent approach towards cybersecurity telemetry by providing a standard schema for common security events, defining versioning criteria to facilitate schema evolution, and including a self-governance process for security log producers and consumers. This enables organizations to easily bring together data from multiple security tools.
“We are excited to bring the security telemetry from Uptycs into Amazon Security Lake,” says Ganesh Pai, CEO of Uptycs.
“A key tenet of the shift up approach to cybersecurity is to stream normalized security telemetry into a data lake, moving security analytics processing power to the cloud. Uptycs and AWS customers can now enjoy enhanced protection and faster reaction time as they benefit from standardized OCSF-based telemetry across their on-prem and cloud workloads,” Pai added.
Using the OCSF format, Uptycs and Amazon Security Lake allow organizations to have a consistent telemetry, enabling them to easily correlate data from a variety of security, SIEM, and SOAR tools.
Uptycs, an AWS Security Competency Partner, will send a wealth of OCSF-formatted data from on-premises and cloud assets to Amazon Security Lake, including behavioral threat detections from endpoints and cloud workloads, anomaly detections, policy violations, risky policies, misconfigurations, and vulnerabilities.