AWS AppFabric aggregates security data across SaaS applications

AWS announced AWS AppFabric, a no-code service that enhances companies’ existing investment in software as a service (SaaS) applications with improved security, management, and productivity.

With just a few clicks in the AWS Management Console, information technology (IT) and security teams can use AppFabric to add new capabilities that make their existing SaaS applications and productivity suites work better together.

AppFabric aggregates and normalizes log data from apps like Asana, Slack, and Zoom, as well as productivity suites such as Microsoft 365 and Google Workspace, to increase application observability and reduce operational costs associated with building and maintaining point-to-point integrations.

AWS also unveiled a generative artificial intelligence (AI) feature that will be available in a future release of AppFabric. Powered by Amazon Bedrock, this feature will use large language models (LLMs) and content from multiple SaaS applications from the common API layer to automatically make suggestions, execute tasks, or generate insights across applications, and return results within the user’s preferred application.

To boost employee productivity in certain fields (e.g., communications, content management, customer relations, data analytics, finance, security, and more) companies license and manage a growing number of SaaS applications that can exceed 100 per organization.

While their goal is that these purpose-built applications make employees more productive, the applications rarely work well together, creating security and productivity challenges. Each app has distinct controls, logs and interfaces, making them challenging for IT and security teams to manage.

These teams must often build point-to-point integrations for every SaaS app they use—and each integration can take weeks or months to complete, with additional continued maintenance costs over time.

What’s more, each SaaS application has its own set of proprietary APIs and data formats, making data highly variable and therefore difficult to analyze for usage patterns. Even monolithic, one-size-fits-all platforms don’t normalize data from third-party apps into an open standard format. The high variability and lack of standardization of SaaS data increases security risks across an entire organization.

With this launch, AWS AppFabric helps customers connect and manage some of the most widely used SaaS applications and productivity suites all in one location—including Asana, Atlassian Jira suite, Dropbox, Google Workspace, Microsoft 365, Miro, Okta, Slack, Smartsheet, Webex by Cisco, Zendesk, and Zoom.

Within the AWS Management Console, customers select the list of applications their organization uses to connect them to AppFabric. Then, AppFabric automatically provides a standardized set of security and operational data for every connected app. IT and security teams do not need to build point-to-point integrations, manage those integrations, and analyze disparate security data.

AppFabric improves an organization’s security posture by connecting SaaS applications to security tools like Logz.io, Netskope, Netwitness, Rapid7, and Splunk. AppFabric aggregates and normalizes security data using the Open Cybersecurity Schema Framework (OCSF), an open community schema, making the data accessible by these tools. Utilizing this framework, IT and security professionals can analyze data more easily and set common policies, alerts, and a unified set of rules spanning multiple SaaS applications.

With AppFabric, customers avoid the heavy lifting of point-to-point app integration and management, so they can work more productively and securely.

“At AWS, our customers build and use powerful applications to support employee productivity, but we increasingly hear that integrating, managing, and securing apps is a major pain point for IT and security teams,” said Dilip Kumar, VP of Applications at AWS. “Building dozens of custom point-to-point integrations and monitoring data and usage without normalization isn’t practical in the long term. With AppFabric, customers now have a simple solution to deploy and scale the world’s most widely used applications in a way that helps organizations cut costs, increase productivity, and improve security.”

AWS AppFabric is generally available today in US East (N. Virginia), Europe (Ireland), and Asia Pacific (Tokyo), with availability in additional AWS Regions coming soon.

In addition to the functionality available now, AppFabric will soon include generative AI capabilities—powered by Amazon Bedrock—that will help customers complete a variety of tasks based on context from multiple applications. Today, users have to dig through several apps or copy-and-paste from different data sources to answer questions, compile reports, or create content.

All of this context switching and managing apps reduces employees’ productivity and inhibits collaboration. AppFabric generative AI will span SaaS applications to help users spend less time toggling between applications to source information or complete tasks like generating meeting notes, drafting update emails, or creating project updates.

With the new AI feature, users can get help completing specific tasks and deliver results in the format of their preferred app. For example, a user can prompt the AI assistant to create a to-do list that combines details from multiple sources like email threads, chat conversations, and word-processing documents.

Similarly, users can ask AppFabric to create talking points, a status report, or a project summary based on content from across a portfolio of apps. The AI assistant will use AppFabric’s integrations to work seamlessly across multiple applications so that users can save time and focus on their most important tasks.

“AWS builds infrastructure to power the world’s biggest websites and SaaS tools. Working together, we will offer our customers new ways to collaborate across teams and tools through rich, interconnected ecosystems,” said Alex Hood, CPO at Asana. “Through AppFabric, we’re exploring ways to integrate Asana Intelligence into a range of applications. By combining the best of AI and human innovation, together, we’ll unlock enormous opportunities for more efficient collaboration and more productive work. We’re eager to deliver these advanced capabilities to customers soon.”

“We really like the easy integration and improved security visibility that AppFabric brings to our organization,” said Dudi Levi, head of Cyber Data at Bank Leumi. “By leveraging AWS AppFabric to aggregate logs from widely used SaaS enterprise applications, and its support for the OCSF schema, we are able to reduce the time to deliver security logs to our advanced security operations center. What took us days will now only take hours. The logs will be streamed to the bank’s Amazon Redshift and Amazon Aurora analytics services and ready for immediate consumption across analytics, rules, and forensic workloads.”

“AWS AppFabric allows our technical teams to focus on building policies around signals we receive to enforce stronger security,” says Stephen Lee, VP, Technical Strategy & Partnerships at Okta. “By not having to worry about how the signals go from A to B, AppFabric is helping us streamline and accelerate the process. It will also allow Okta to integrate with a broader range of capabilities such as generative AI as AppFabric expands its reach.”

“Transforming SaaS application raw audit log data and then centralizing the data into a logs stash comes with its share of challenges. But it is a foundational requirement before we can start to create alerts and monitor usage across multiple apps,” said Boris Surets, CISO at Optibus. “We are especially conscious about creating basic visibility, for our global staff, into what happens across the company’s SaaS activities to reduce risk exposure. AppFabric has doubled our visibility into SaaS activity overnight, with minimal effort and cost.”

“AWS AppFabric capabilities help solve the key challenges IT and security leaders face when trying to administer and secure SaaS applications inside their organizations,” said Mike Horn, SVP and GM of Security at Splunk. “AppFabric automatically normalizes and enriches SaaS application security logs that are quickly ingested by Splunk so that our customers no longer have to manage multiple integration points.”

“We operate in a highly regulated environment,” said Nathan Arora, chief business officer at YuJa. “AppFabric has helped our team reduce our manual efforts by nearly 40% in terms of pipeline management. It’s also given us a stronger security posture for our internal application toolset, thanks to a normalization framework based on common threat vectors and enrichment of top audit logs.”

“We continue to expand our strategic initiatives with AWS in order to provide our mutual customers with a stronger security posture and new, modern user experiences,” said Brendan Ittelson, chief ecosystem officer at Zoom. “We are excited to partner with AWS AppFabric to enable novel AI experiences that leverage our Zoom Developer Platform solutions so that developers can build powerful applications while helping businesses break down data silos and improve cross-application workflows, security observability, and employee productivity.”

OPIS

Subscribe to the Help Net Security breaking news e-mail alerts:

OPIS
More about

Don't miss