Trellix expands XDR support for Amazon Security Lake while Netskope integrates its SSE platform with AWS’ centralized security data service. Cybersecurity vendors Trellix and Netskope have announced new support for Amazon Security Lake from AWS, which became generally available on May 30. Trellix customers can now integrate their security data lake into the Trellix XDR security operations platform to enhance detection and response capabilities for their AWS environments. Meanwhile, Netskope customers can export logs from the Netskope Intelligent Security Service Edge (SSE) platform to Amazon Security Lake to improve visibility and threat remediation.AWS launched Amazon Security Lake in November last year at the AWS re:Invent 2022 conference. The service automatically centralizes security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account. It uses the Open Cybersecurity Schema Framework (OCSF) standard to normalize security data from AWS and combine it with dozens of pre-integrated third-party security data sources.Trellix expands XDR support for AWS Amazon Security LakeThrough newly combined capabilities, Trellix customers can share security events across Trellix XDR and their Amazon Security Lake, getting complete detection and response capabilities for their AWS environments, the vendor said in a press release. This integration benefits customers in two unique ways: lower operational overhead and better control of data with the ability to run analytics off security data, according to a Trellix blog post. “By leveraging Amazon Security Lake, customers simplify their operations for ingesting and processing data by having a single data lake that can be used for all their security data.” Customers no longer need to set up multiple paths/destinations which removes a step to allow them to see and respond to their data faster, Trellix said. They also no longer need to maintain custom integrations and simplify their delivery of data to Trellix Helix and can consolidate their Trellix security findings back into Amazon Security Lake. “This allows Trellix to focus on finding and responding to threats while customers maintain better control of their security data, and it abides by their privacy policies.” Furthermore, joining OCSF supports collaboration with other industry organizations, further benefiting customers and the broader cybersecurity community, Trellix said.Netskope integrates SSE platform with Amazon Security LakeIntegration of Netskope’s SSE platform with Amazon Security Lake allows customers to detect and investigate threats faster by providing enhanced visibility, stronger security posture, and centralized threat remediation, Netskope said in a press release. Organizations can export logs, events, and alerts collected by Netskope Cloud Exchange to Amazon Security Lake to get a holistic view of threats and vulnerabilities in their overall environment, the vendor added. Organizations can also use Netskope logs and Amazon Security Lake analysis tools to discover and remediate threats and vulnerabilities across their environment to strengthen their security posture, along with using both services respond to alerts and remediate threats from the centralized Amazon Security Lake console, Netskope said. Related content news analysis Cisco fixes vulnerabilities in Integrated Management Controller Cisco fixes high-risk flaws in the out-of-band management controller of multiple products By Lucian Constantin Apr 18, 2024 4 mins Threat and Vulnerability Management Vulnerabilities news UK law enforcement busts online phishing marketplace The coordinated takedown has infiltrated the fraud service and made several arrests based on data found on the platform. By Shweta Sharma Apr 18, 2024 4 mins Phishing Legal news Consolidation blamed for Change Healthcare ransomware attack United HealthGroup said it has already taken $872 million in dealing with the attack and the disruption it caused. By John Leyden Apr 18, 2024 5 mins Ransomware Cyberattacks news Cisco announces AI-powered Hypershield for autonomous exploit patching in the cloud AI-based capability is part of Cisco’s Security Cloud platform for hyperscalers. By John Dunn Apr 18, 2024 4 mins Threat and Vulnerability Management Cloud Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe