Vectra AI announced Vectra Cloud Detection and Response works with Amazon Security Lake from Amazon Web Services (AWS). As an AWS Security Competency Partner, Vectra’s support of Amazon Security Lake continues to advance its capabilities and proven customer success when further safeguarding AWS environments. This empowers organizations by:
- Accessing Vectra’s Security AI-driven Attack Signal Intelligence™ for customers worldwide using Amazon Security Lake.
- Simplifying native support from the Vectra platform to Amazon Security Lake.
- Consolidating data store to allow security teams standardized access to real threat data.
Amazon Security Lake automatically centralizes an organization’s security data from cloud, on-premises, and custom sources into a customer owned purpose-built data lake stored in a customer’s account. Security Lake reduces the complexity and costs for customers to make their security solutions data accessible to address a variety of security use cases such as threat detection, investigation, and incident response. Security Lake is one of the many solutions that now supports the Open Cybersecurity Schema Framework (OCSF), an open industry standard, making it easier to normalize and combine security data from AWS and dozens of enterprise security data sources. With Security Lake, customers can use the security and analytics solutions of their choice to simply query that data in place or ingest the OCSF-compliant data to address further use cases. Security Lake helps customers optimize security log data retention by optimizing the partitioning of data to improve performance and reduce costs. Now, analysts and engineers can easily build and use a centralized security data lake to improve the protection of workloads, applications, and data. Vectra’s industry-leading Attack Signal Intelligence security findings will now be available in Amazon Security Lake.
Vectra Attack Signal Intelligence™ (ASI)
Vectra’s Security-AI driven Attack Signal Intelligence™ automates threat detection, triage, and prioritization for security operation center (SOC) teams. As organizations face ever-growing unknown cyber threats targeting on-premises and cloud infrastructure, SaaS applications and data and identity systems, SOC teams are challenged to keep pace. More attack surface to cover combined with more modern, evasive, and sophisticated attackers has resulted in more manual time spent maintaining detection rules, triaging alerts, and figuring out what alerts to prioritize – resulting in analyst fatigue and burnout. Vectra’s Security AI-driven Attack Signal Intelligence frees security analysts of these everyday manual and mundane tasks and arms them to do what they do best – investigate and respond to real attacks. Core to the Vectra platform, Vectra Managed Detection and Response (MDR) services and the expanding Vectra ecosystem, Attack Signal Intelligence empowers security analysts to:
- Think like an attacker with AI-driven detections that go beyond signatures and anomalies to understand attacker behavior and zero in on attacker tactics, techniques and procedures (TTPs) across the cyber kill chain.
- Know what is malicious by analyzing detection patterns unique to an organization’s environment to surface relevant events and reduce noise.
- Focus on the urgent with AI-driven prioritization that provides a view of threats by severity and impact, enabling analysts to focus on responding to critical threats and lowering business risk.
“The biggest challenge that customers face today is the unknown. With the increasing scale and intensity of cyberattacks, customers need best-of-breed ecosystem solutions to simplify security processes focused on real threats and extended coverage across global networks,” said Sachin Saranathan, Director for Cloud and Technology Alliances at Vectra. “We are delighted to work with AWS to tackle these challenges and deliver solutions that bring fast time to value to customers.”
“Amazon Security Lake centralizes an organization’s security data from cloud and on-premises sources into a customer owned purpose-built data lake.” Said Rod Wallace, GM Amazon Security Lake. “Vectra Security Findings in Amazon Security Lake will help customers optimize security log data retention and enable customers to make their logs accessible to address a variety of security use cases such as threat detection, investigation, and incident response.”
Vectra® is available with Amazon Security Lake after a straightforward installation process. After deploying Vectra Detect for AWS in just 15 minutes, customers will be able to send high-fidelity alerts to Amazon Security Lake as a custom source using a dedicated AWS CloudFormation template. Once this is installed, alerts will appear immediately in Amazon Security Lake in OCSF format.
For more information, visit vectra.ai.