This offering is designed to enable simpler and faster delivery of Trellix XDR solutions along with increased data privacy for AWS customers.
Trellix’s expanded support for Amazon Security Lake allows AWS customers to integrate their security data lake into the Trellix XDR security operations platform while also using the Open Cybersecurity Schema Framework (OCSF). Amazon Security Lake is a service that automatically centralises an organisation’s security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account so customers can act on security data faster.
In addition, the OCSF schema enables Trellix customers to combine hundreds of data sources with Amazon Security Lake data. As a result, AWS and Trellix customers can seamlessly apply Trellix machine learning (ML), threat intelligence, and predictive analytics to gain important insights that allow for deeper detection and faster threat mitigation.
As executives from Trellix say, the amount of data available to any enterprise today is overwhelming. Without a way to centralise the management and storage of that data, it’s difficult for customers to glean the insights needed to keep data safe. Their integration with Amazon Security Lake provides customers with more centralised visibility and quick resolution of their security issues.
Officials from Amazon said that with security at the forefront, they are focused on innovating to deliver new ways to help customers secure their cloud environments. Customers who leverage Amazon Security Lake and Trellix can collect a wide spectrum of security logs and findings in Amazon Security Lake and send them to Trellix for advanced analytics and incident response.
Trellix for Amazon Security Lake: Through new combined capabilities, customers can share security events across Trellix XDR and their Amazon Security Lake, getting complete detection and response capabilities for their AWS environments. By consolidating their security alerts into Amazon Security Lake using OCSF, security teams can spend their time protecting environments instead of performing the undifferentiated heavy lifting of managing their security data.
Trellix and OCSF: Trellix is proud to be a contributing member to the opensource OCSF community which has built a framework promoting interoperability and data normalisation between security products. Joining OCSF promotes collaboration with other industry organisations, further benefiting customers and the broader cybersecurity community.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now