AWS – Amazon OpenSearch Service zero-ETL integration with Amazon Security Lake

Amazon OpenSearch Service now offers a zero-ETL integration with Amazon Security Lake, enabling you to query and analyze security data in-place directly through OpenSearch. This integration allows you to efficiently explore voluminous data sources that were previously cost-prohibitive to analyze, helping you streamline security investigations and obtain comprehensive visibility of your security landscape. By offering the flexibility to selectively ingest data and eliminating the need to manage complex data pipelines, you can now focus on effective security operations while potentially lowering your analytics costs.

Using the powerful analytics and visualization capabilities in OpenSearch Service, you can perform deeper investigations, enhance threat hunting, and proactively monitor your security posture. Pre-built queries and dashboards using the Open Cybersecurity Schema Framework (OCSF) can further accelerate your analysis. The built-in query accelerator boosts performance and enables fast-loading dashboards, enhancing your overall experience. This integration empowers you to accelerate investigations, uncover insights from previously inaccessible data sources, optimize analytics efficiency and costs, with minimal data migration.

OpenSearch Service zero-ETL integration with Security Lake is now generally available in 13 regions globally: Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Frankfurt), Europe (Ireland), Europe (London), US East (Ohio), US East (N. Virginia), US West (Oregon), South America (São Paulo), Europe (Paris), and Canada (Central).

To learn more on using this capability, see the OpenSearch Service Integrations page and the OpenSearch Service Developer Guide. To learn more about how to configure and share Security Lake, see the Get Started Guide.
 

Read More for the details.