San Jose, California, May 30, 2023. We are pleased to announce that Wazuh has developed an integration with Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes an organization’s security data from across their AWS environments, leading SaaS providers, on-premises, and cloud sources into a purpose-built data lake, so customers can act on security data faster and simplify security data management across hybrid and multicloud environments. Amazon Security Lake converts and conforms incoming security data to the Open Cybersecurity Schema Framework (OCSF) open standard, making it easier for security teams to automatically collect, combine, and analyze security data from AWS, security partners, and analytics providers. This integration allows Wazuh users to query and analyze logs from Amazon Security Lake directly within Wazuh without requiring manual data transfers or additional infrastructure.
“We are delighted to be working with Wazuh to help our customers improve their security posture by providing enhanced visibility and control,” said Rod Wallace, General Manager, Amazon Security Lake at AWS.
Wazuh consumes logs from Amazon Security Lake and integrates seamlessly with the platform. Wazuh can read source data from Amazon Security Lake through an Amazon Simple Queue Service (Amazon SQS) queue. Through this integration, Wazuh users can now access Amazon Security Lake to centralize security data in Wazuh automatically. With this, users can get a broader understanding of their security posture across the entire organization.
Finally, one of our most relevant Wazuh users in EMEA, Jumia, adopted Amazon Security Lake by making use of our integration. Jumia is a leading e-commerce platform in Africa, offering customers a wide range of products and services across the continent. “The integration of Amazon Security Lake and Wazuh has transformed our log management, bolstering our threat management capabilities,” said Pedro Fangueiro, CISO at Jumia. “The solution enhances efficiency and effectiveness to identify, investigate, and respond to malicious activities in our infrastructure and network, fortifying our workloads, applications, and data.”