The logs produced by activity in your AWS environment are an excellent source of insight for security and compliance initiatives. ISV offerings in AWS Marketplace help you extend the functionality of AWS logging and monitoring services so you can aggregate and apply custom metrics to your enterprise log data on AWS, to search and identify patterns, correlate activity, and gain visibility across your AWS environment.
Alert Logic Professional - Threat Detection and Incident Management
Helps streamline security in AWS by deploying lightweight agents on EC2 instances for network traffic inspection. These agents mirror all traffic to virtual appliances that route suspicious packets through an encrypted channel to our cloud-hosted analytics platform. We also ensure container security for containers running on AWS-deployed Docker, AWS Elastic Container Service (ECS), AWS-deployed Kubernetes, and AWS Elastic Beanstalk. Our security analysts investigate, remove false positives, prioritize, add context, and escalate security threats that could threaten your security in AWS.
Sumo Logic Machine Data Analytics for Logs and Metrics
Sumo Logic is a secure, AWS-hosted machine data analytics service, delivering real-time insights from logs, metrics and event dataacross the entire application lifecycle and stack. The Sumo Logic service centralizes and unifies log data and time-series metrics and leverages machine learning analysis to uncover real-time insights into application operations and security. More than 1,000 customers around the globe rely on Sumo Logic for the analytics and insights to build, run and secure their modern applications and cloud infrastructures. * Proactive troubleshooting with machine learning driven analytics: Sumo Logic leverages powerful machine learning driven analytics capabilities such as pattern identification, outlier detection and predictive trending to quickly alert and troubleshoot app and infrastructure performance and security issues.
Splunk Enterprise
Collect and index any machine-generated data from virtually any source or location in real time. Just point Splunk Enterprise at your data, and it immediately starts collecting and indexing--so you can start searching and analyzing. With Splunk Enterprise, you can correlate complex events spanning many diverse data sources across your environment. Types of correlations include time-based correlations, transaction-based correlations, sub-searches, lookups, and joins. Splunk Enterprise scales to collect and index tens of terabytes of data per day.