Improve the protection of your workloads, applications, and data with Amazon Security Lake logs.

Secure your cloud infrastructure proactively and gain unified visibility by bringing Amazon Security Lake Open Cybersecurity Schema Framework (OCSF)-formatted data into the CrowdStrike Falcon platform. The Amazon Security Lake  Data Connector makes it easy to ingest a variety of multi-vendor security logs from SaaS apps, firewalls, intrusion detection systems, endpoint security solutions, cloud services, and more into CrowdStrike Falcon® Next-Gen SIEM. By centralizing and correlating these security events within the Falcon platform and CrowdStrike ecosystem partner events in Falcon Next-Gen SIEM, your team gains enhanced threat detection, streamlined incident response, and an optimized security posture to ultimately protect against evolving cyber threats.

1. 01

   OCSF to CPS mapping

   Security Lake utilizes the OCSF to provide a comprehensive schema, enabling simplified data exchange so you can use your analytical and AI/ML tools of choice. The parser included in this connector normalizes OCSF data to CrowdStrike Parsing Standard (CPS).

2. 02

   Streamline investigations and incident response

   Accelerate response with detailed timelines of events and actionable forensic data from Security Lake security events.

3. 03

   Improve threat hunting

   Store, search, and correlate your security data with other data sources in Falcon Next-Gen SIEM. Use SOAR workflows to rapidly shut down threats.