An email has been sent to your address with instructions for changing your password.
There is no user registered with this email.
Sign Up
To create a free account, please fill out the form below.
Thank you for signing up!
A confirmation email has been sent to your email address. Please check your email and follow the instructions in the message to complete the registration process. If you do not receive the email, please check your spam folder or contact us for assistance.
Welcome to our platform!
Oops!
Something went wrong while trying to create your new account. Please try again and if the problem persist, Email Us to receive support.
SentinelOne Announces Support for Amazon Security Lake to Power Cloud Investigations
Rhea-AI Impact
(Neutral)
Rhea-AI Sentiment
(Neutral)
Tags
Rhea-AI Summary
SentinelOne (NYSE: S) announced at AWS re:Invent 2022 that its Singularity Cloud platform integrates with Amazon Security Lake, enhancing security data management and analysis. The collaboration utilizes the Open Cybersecurity Schema Framework (OCSF) for seamless log ingestion and analysis. This integration allows for near real-time threat detection against cloud threats, improving threat hunting and forensic capabilities. Customers can request early access to Skylight, which connects Singularity Cloud to Amazon Security Lake.
Positive
Partnership with Amazon Security Lake enhances threat detection and investigation capabilities.
Utilization of OCSF simplifies log ingestion, improving efficiency in threat analysis.
Near real-time protection against cloud threats such as ransomware and fileless attacks.
Negative
None.
XDR Leader Ingests OCSF Data into Singularity™ XDR to Transform SecOps
LAS VEGAS--(BUSINESS WIRE)--
Today, at AWS re:Invent 2022, SentinelOne (NYSE: S), an autonomous cybersecurity platform company, announced SentinelOne Singularity Cloud works with Amazon Security Lake from Amazon Web Services (AWS) to support hunting, threat investigations, and forensics on cloud logs within the SentinelOne Singularity XDR Platform. Amazon Security Lake is a new service that automatically centralizes an organization’s security data from cloud, on-premises, and custom sources into a customer owned, purpose-built data lake. Both Singularity Cloud and Amazon Security Lake use the Open Cybersecurity Schema Framework (OCSF) to simplify how logs are ingested, searched, and analyzed. As a result, customers can begin investigations without any effort to parse or normalize security logs.
SentinelOne’s Singularity Cloud consists of a Cloud Workload Security (CWS) solution that offers near real-time threat detection and prevention for containers, Kubernetes clusters, and virtual machines. Singularity Cloud protects against cloud threats such as ransomware, cryptomining, and fileless attacks in near real-time using patented behavioral artificial intelligence (AI) and threat intelligence. The platform’s XDR data plane, called Skylight™, enables customers to ingest third-party data sources, such as those from Amazon Security Lake, to support a diverse set of use cases. Threat hunting, investigation, and forensics use cases are easier and more complete with Singularity Cloud’s detailed, natively-collected container and virtual machine (VM) telemetry. The initial data ingested into Skylight from Amazon Security Lake includes Amazon Virtual Private Cloud (Amazon VPC) flow logs, AWS CloudTrail management events, Amazon Route 53 Resolver query logs, Amazon Simple Storage Service (Amazon S3) data events, AWS Lambda function execution activity, and AWS Security Hub findings.
“By connecting Amazon Security Lake to Singularity XDR, and through implementing OCSF as our data schema, SentinelOne is unlocking new use cases for cloud-focused hunting, investigations, and forensics,” said Ely Kahn, Vice President of Cloud Products, SentinelOne. “Customers can now easily pivot from the threats that we detect and into associated AWS data to better understand the root cause and impact of the threat.”
“Amazon Security Lake simplifies how customers collect security logs and findings in a format ready for analytics,” said Rod Wallace, General Manager of Amazon Security Lake at AWS. “Customers can now make their security data accessible to AWS Partners like SentinelOne to uncover security-related insights and effectively address potential issues faster, while continuing to use their preferred analytics tools.”
To get started, SentinelOne customers can request early access to the Skylight to start using the add-on between Singularity Cloud and Amazon Security Lake. SentinelOne will also be presenting Singularity Cloud and our latest AWS collaborations at the SentinelOne booth at AWS re:Invent 2022, #416, in the Security Neighborhood.
About SentinelOne SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.
What is SentinelOne's new integration with Amazon Security Lake about?
SentinelOne's integration with Amazon Security Lake enhances security data collection and analysis, allowing for improved threat hunting and forensics.
How does the Open Cybersecurity Schema Framework (OCSF) benefit SentinelOne customers?
OCSF simplifies the process of ingesting and analyzing security logs, enabling customers to start investigations without additional parsing effort.
What cloud threats does SentinelOne's Singularity Cloud protect against?
It provides near real-time protection against threats like ransomware, cryptomining, and fileless attacks.
When was this announcement made by SentinelOne?
The announcement was made during AWS re:Invent 2022.
What features does SentinelOne's Skylight offer?
Skylight allows customers to ingest third-party data from Amazon Security Lake for diverse threat detection and investigation use cases.
