Amazon Security Lake and Okta Make Data More Accessible for Increased Security and Visibility

Today at AWS re:Invent in Las Vegas, AWS announced their Amazon Security Lake which lets you build a security data lake from integrated cloud and on-premises data sources as well as from your private applications. With support for the Open Cybersecurity Schema Framework (OCSF) standard, Amazon Security Lake reduces the complexity and costs for customers to make their security solutions data accessible to address a variety of security use cases such as threat detection, investigation, and incident response.

Security teams today must analyze and make meaningful inferences from the log data from all directions. Log data comes in different formats and sources - Application Logs, System Logs, Network Logs, User Activity logs, and more. They spend considerable time performing data engineering activities to parse, normalize, and consistently present data, and this is where the Okta and AWS solution comes into play. 

Customers can extend the current Okta and Amazon EventBridge integration approach to convert Okta System Logs into OCSF schema format for Amazon Security Lake service. Okta’s Syslog in OCSF schema will enable security and data scientist teams to query security events by an open standard while complementing all existing security events. Generating standardized OCSF logs from Okta will enable customers to perform audit activities and generate reports related to Authentication, Authorization, Account Changes, and Entity changes under a consistent schema.

Learn more here on how to get started, and read Okta’s integration approach to generating Okta’s Syslog events for Authentication in OCSF schema for the AWS Security Lake service.