Getting Started with Amazon Security Lake

Amazon Security Lake automatically centralizes security data from cloud, on-premises, and custom sources into a purpose-built data lake stored in your account. Use Security Lake to analyze security data. Get a more complete understanding of your security across your entire organization and improve the protection of your workloads, applications, and data.

Security Lake creates a data lake purpose-built for security in an account and Region that you select for centralizing your data. AWS log and security data sources are automatically collected for existing and new accounts. They are normalized into the Open Cybersecurity Schema Framework (OCSF). This includes AWS CloudTrail management events, Amazon Virtual Private Cloud (VPC) Flow Logs, Amazon Route 53 Resolver query logs, and security findings from integrated solutions through AWS Security Hub. You can also add data from third-party security solutions and your custom data, including logs from internal applications or network infrastructure.

Have 15 minutes?

Get started with Amazon Security Lake

Learn more about Amazon Security Lake and how to build your first security data lake.

Start building your data lake