Amazon Security Lake Partners
Source partners can send logs and security events to your security data lake in the OCSF format. Subscriber partners help you analyze and address a variety of security use cases such as threat detection, investigation, and incident response. Services partners can help you build and utilize your security data lake.
Source Partners

The integration of Aqua Security and Amazon Security Lake utilizes the OCSF format allowing security teams to collect data from various sources and correlate it with their sources to get an enhanced security evaluation, reduce the time to detect issues and resolve them by enabling security teams to scan any type of workload.

It’s time to protect your business. Send Barracuda Security Findings to Amazon Security Lake for log retention, and analytics.

Cisco Secure Firepower Threat Defense is a NGFWv, protecting workloads from network security threats.

You can use the xDome/Medigate integration to send alerts and vulnerabilities to the Amazon Security Lake.

Confluent's event streaming platform enables customers to easily source data from disparate systems, enrich, and send that data into Amazon Security Lake in OCSF format.

Cribl is a vendor-agnostic observability pipeline that gives customers flexibility to route and process data at scale from any source to any destination within their data infrastructure. With extensive experience building and deploying log analytics and observability solutions for some of the world's largest organizations, Cribl helps customers take control of their data to support their business goals.

CrowdStrike FDR delivers and enriches endpoint, cloud workload and identity data with the CrowdStrike Security Cloud and world-class artificial intelligence (AI), enabling your team to derive actionable insights to improve security operations center (SOC) performance.
.b6a27b975cd1a88ec7810a0258a2ae39ebbe77db.png)
CyberArk is a global leader in Identity Security. Centered on privileged access management, CyberArk provides a comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle.

With Darktrace DETECT and RESPOND AI engines covering all assets across IT, OT, network, endpoint, IoT, email and cloud, organizations can use Darktrace’s rich and context-aware datapoints in Amazon Security Lake. “

Enhance your workload and application security by integrating network data, including detections of IOCs, from ExtraHop Reveal(x) 360 to Amazon Security Lake.

Gigamon leverages deep packet inspection (DPI) to extract over 7500+ app related metadata attributes from the raw packets in the network. With Amazon Security Lake integration, users can centralize security data to get a complete understanding of the security data across the entire organization.

Lacework Polygraph® Data Platform learns and understands behaviors that introduce risk across your entire cloud environment, so our customers can innovate with speed and safety. With visibility from code to cloud and automated insights into unusual activity, threats, vulnerabilities, and misconfigurations, they gain the context to prioritize and act faster.

Laminar Data Security Posture Management (DSPM) enhances logs, investigations, and remediations with data security events.

NETSCOUT assures the quality of digital services and protects them against poor performance and cybersecurity threats.

Netskope provides continuous security posture assessment for your AWS workloads and services to reduce risk and help ensure compliance. We also enhance protection of your data in several ways: API-based protection discovers sensitive data at rest and scans data stores for malware, while Inline protection extends visibility and control to unsanctioned accounts which can prevent data exfiltration.

Okta is a leading independent provider of identity for the enterprise. The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. With over 6,500 pre-built integrations to applications and infrastructure providers, Okta customers can easily and securely use the best technologies for their business. More than 8,950 organizations.

Orca Security is the industry-leading agentless Cloud Security Platform that identifies, prioritizes, and remediates risks across your entire AWS environment.

Palo Alto Networks provides a broad portfolio of security solutions purpose built for AWS.

Our intelligent identity solutions allow enterprises to deliver secure and seamless digital experiences to customers & employees.

Sentra’s agentless platform delivers data-context events in OCSF format to enrich security-related logs in Amazon Security Lake.

Tanium is a converge endpoint management and security platform built for the most demanding IT environments. Unparalleled speed, visibility and scale: Get instant visibility and control of laptops, servers, virtual machines, and cloud infrastructure—at scale.

Torq provides enterprise-scale automation and orchestration with a simple no-code platform.

Gain greater visibility, and conduct streamlined, efficient SecOps with Trellix Helix. Integrate over 1000 Trellix solutions and third-party data sources and products.

Receive threat events from Falco, the OSS standard for runtime security across Kubernetes, containers, and cloud.
.47a931518afa7c00336c1ec198e4d78f582f3f74.png)
Trend Micro a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and innovation, Trend Micro protects 500,000+ organizations across cloud, networks, devices, and endpoints. As a leader in cloud & enterprise security, Trend Micro delivers central visibility for better, faster detection and response and a powerful set of advanced threat defense techniques for dynamic, hybrid environments.

Uptycs reduces risk by prioritizing threats and vulnerabilities across cloud, containers, and endpoints—all from a single UI. Shift up your cybersecurity with Uptycs.

Vectra® is a cybersecurity platform that uses AI to detect attackers in real time and perform conclusive incident investigations.

Reimagine Cloud Security. Visualize how attackers move laterally by exploiting resource relationships, misconfigurations, & entitlements. Leverage real-time detection, machine learning, & automation to stay on top of critical cloud risks.

Wiz is on a mission to help organizations create secure cloud environments that accelerate their businesses. By creating a normalizing layer between cloud environments, our platform enables organizations to rapidly identify and remove critical risks.

Zscaler Posture Control™, a cloud native application protection platform (CNAPP), supports native Amazon Security Lake integration.
Subscriber Partners

The ChaosSearch Amazon Security Lake integration enables customers to analyze all telemetry in their Amazon S3 via Opensearch Dashboards/Superset with unlimited retention and industry-leading cost to mitigate security threats and meet compliance obligations.

Datadog Cloud SIEM detects real-time threats to your cloud environment, unifying DevOps and security teams in one platform.

QRadar SIEM with UAX integrates Amazon Security Lake in an analytics platform that identifies and prevents threats across hybrid cloud.

New Relic is an observability platform built to help engineers create more perfect software. From monoliths to serverless, you can instrument everything, then analyze, troubleshoot, and optimize your entire software stack - all from one place.

Rapid7 is a leading provider of security data and analytics solutions that enable organizations to implement an active, analytics-driven approach to cyber security. Our solutions empower organizations to prevent attacks by providing visibility into vulnerabilities and to rapidly detect compromises, respond to breaches, and correct the underlying causes of attacks.

Labyrinth for Threat Investigations (LTI) provides a comprehensive enterprise-wide approach to threat exploration at scale based on data fusion, with fine-grained security, adaptable workflows and sophisticated reporting. Augment your analysts with LTI’s Security Lake integration including native OCSF schema support. With LTI, analysts can assess, investigate and manage risk across your environments, enriching your investigations with external data sources using Ripjar's RPA workflows and AI based analytics.


The Splunk Add-On for Amazon Security Lake enables customers to accelerate threat detection, investigation, and response by subscribing to OCSF formatted data from Amazon Security Lake.

Secure digital transformation: Uncover early threats with actionable insights to reduce investigation and response times.

SOC Prime empowers smart data orchestration, cost-efficient & zero-trust threat hunting, and dynamic attack surface visibility leaving no chance for a breach to go undetected.

Stellar Cyber delivers comprehensive, unified security without complexity, empowering lean security teams of any skill to secure their environments successfully. With the Stellar Cyber Open XDR Platform, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering a 8X improvement in MTTD and an 20X improvement in MTTR.

Swimlane is at the forefront of the security orchestration, automation and response (SOAR) solution market and was founded to deliver scalable security solutions to organizations struggling with alert fatigue, vendor proliferation and chronic staffing shortages.

Faster, more accurate decision making with Tines Automation + Amazon Security Lake.

Torq provides enterprise-scale automation and orchestration with a simple no-code platform.

Gain greater visibility, and conduct streamlined, efficient SecOps with Trellix Helix. Integrate over 1000 Trellix solutions and third-party data sources and products.

Wazuh open source unified XDR and SIEM platform integrates with Amazon Security Lake for extended endpoint and cloud workload protection.
Service Partners

Accenture's MxDR integration with Security Lake offers real-time data ingestion, managed anomaly detection, threat hunting, and security operations.

Booz Allen Hamilton enables a modern data-driven approach to cyber security by applying our proven tradecraft to Next-Gen Security which fuses Data and Analytics with the Amazon Security Lake service.

Increase business agility by integrating security early and continuously through design, automation and continuous assurance processes.

The CAE suite of customized analytic and Artificial intelligence / Machine Learning (AI/ML) capabilities automatically provide actionable insights to users based on models that run against the Amazon Security Lake OCSF formatted data.

DXC Technology helps you run mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across clouds.

The AIsaac MDR platform can consume VPC Flow Logs ingested in OCSF schema in Security Lake and utilizes AI models for detecting threats.

Infosys Cyber Next ingests events in OCSF schema from Security Lake to provide deep visibility into security events, capability for automated response to contain and remediate security anomalies, intelligence of latest threats that could damage business, proactive vulnerability management, ability to manage security & architecture compliance.

Insbuilt is a firm specialized in Cloud & Analytics Consulting services partner with services for Data Lakes AWS (Analytics) - Lambda AWS - Landing Zone AWS - Migration Discovery AWS - Machine Learning Discovery on AWS - Cloud Migration

Kyndryl is expanding its security capabilities by integrating with Security Lake to provide interoperability of cyber data, threat intelligence, and AI-powered analytics.

Leidos is a science and technology solutions leader working to address some of the world’s toughest challenges in the defense, intelligence, homeland security, civil, and healthcare markets.

PwC’s Cyber, Risk, and Regulatory Practice brings knowledge and expertise to aid clients in
implementing the fusion center to meet their individual needs. Built on Amazon Security Lake, the fusion center provides the ability to combine data from a variety of sources to create a centralized, near real-time view. The dashboard features visualizations, drill-down capabilities, and automated workflows, enabling teams to quickly identify, investigate, and respond to potential risks posed by the ever-evolving threat actors.

TCS's AWS Business Unit offers innovation, experience, and talent to customers. The AWS-TCS partnership is powered by a decade of joint value creation, deep industry knowledge, technology expertise, and delivery wisdom. This collaboration focuses on delivering full-stack enterprise transformation to the cloud. TCS provides a comprehensive suite of offerings spanning cloud advisory, migration, application and infrastructure modernization, SAP, data and analytics, storage, security, and industry solutions powered with next-generation technologies like AI/ML, Edge/IoT, Serverless, and Low-Code/No-Code.

Wipro is an innovation-led AWS Cloud partner, helping enterprises in their transformation journey across the cloud lifecycle.
Become an AWS Security Lake Partner
To become a Security Lake Partner, please send an email to securitylake-partners@amazon.com with your company and product(s) names, APN tier level, and contact information.
Next Steps
Find an AWS Partner »
Contact an AWS Partner specialist »
Contact an AWS Partner specialist to get help finding and contacting the right partner for your business needs.
Learn more about the APN »
Learn about the benefits of working with AWS Partners, their deep level of expertise, and the partners available for services, products, and solutions.
Become an AWS Partner »
APN Programs support the unique business models of APN members by providing with increased prominence and additional support.