Source partners can send logs and security events to your security data lake in the OCSF format. Subscriber partners help you analyze and address a variety of security use cases such as threat detection, investigation, and incident response. Services partners can help you build and utilize your security data lake.

Technical Documentation for Partners

If you use third-party integrations that send findings to Security Hub, you can also view those findings in Security Lake if the Security Hub integration for Security Lake is enabled. For a list of third-party Security Hub integrations, see Available third-party partner product integrations in the AWS Security Hub User Guide.

Source partners

Armis
Armis

Send Armis security findings and device inventory data to Security Lake for faster security event response, simplified compliance, and unified data management.


Aqua Security
Aqua Security

The integration of Aqua Security and Amazon Security Lake utilizes the OCSF format allowing security teams to collect data from various sources and correlate it with their sources to get an enhanced security evaluation, reduce the time to detect issues and resolve them by enabling security teams to scan any type of workload.


Barracuda
Barracuda

It’s time to protect your business. Send Barracuda Security Findings to Amazon Security Lake for log retention, and analytics.


AI Shield
Bosch Software and Digital Solutions

AIShield powered by Bosch provides automated vulnerability analysis and
endpoint protection for AI assets through its integration with Amazon Security
Lake


Cisco Secure
Cisco Secure

Cisco Secure Firepower Threat Defense is a NGFWv, protecting workloads from network security threats.


Claroty
Claroty

You can use the xDome/Medigate integration to send alerts and vulnerabilities to the Amazon Security Lake.


AWS Summit Logo Resizing 2_600x400px
Confluent

Confluent's event streaming platform enables customers to easily source data from disparate systems, enrich, and send that data into Amazon Security Lake in OCSF format.


Contrast Security

A world-leading code security platform company purposely built for developers to get secure code moving and trusted by security teams to protect business applications.


Cribl
Cribl

Cribl is a vendor-agnostic observability pipeline that gives customers flexibility to route and process data at scale from any source to any destination within their data infrastructure. With extensive experience building and deploying log analytics and observability solutions for some of the world's largest organizations, Cribl helps customers take control of their data to support their business goals.


CrowdStrike
CrowdStrike

CrowdStrike FDR delivers and enriches endpoint, cloud workload and identity data with the CrowdStrike Security Cloud and world-class artificial intelligence (AI), enabling your team to derive actionable insights to improve security operations center (SOC) performance. 


CyberArk
CyberArk

CyberArk is a global leader in Identity Security. Centered on privileged access management, CyberArk provides a comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle.


Darktrace
Darktrace

With Darktrace DETECT and RESPOND AI engines covering all assets across IT, OT, network, endpoint, IoT, email and cloud, organizations can use Darktrace’s rich and context-aware datapoints in  Amazon Security Lake. “


Databahn

 Centralize your security data in Amazon Security Lake using DataBahn’s Security Data Fabric


ExtraHop
ExtraHop

Enhance your workload and application security by integrating network data, including detections of IOCs, from ExtraHop Reveal(x) 360 to Amazon Security Lake.  


Fortinet
Fortinet

Send Fortinet CNF logs into Amazon Security Lake. FortiGate CNF provides customers with an easy way to protect their cloud networks and manage security policies using a Cloud Native NGFW as a Service.


Gigamon
Gigamon

Gigamon leverages deep packet inspection (DPI) to extract over 7500+ app related metadata attributes from the raw packets in the network. With Amazon Security Lake integration, users can centralize security data to get a complete understanding of the security data across the entire organization.


Lacework
Lacework

Lacework Polygraph® Data Platform learns and understands behaviors that introduce risk across your entire cloud environment, so our customers can innovate with speed and safety. With visibility from code to cloud and automated insights into unusual activity, threats, vulnerabilities, and misconfigurations, they gain the context to prioritize and act faster.


Laminar
Laminar

Laminar Data Security Posture Management (DSPM) enhances logs, investigations, and remediations with data security events.


NETSCOUT
Monad

Monad automatically transforms your security data into OCSF format and sends it directly to your Amazon Security Lake.


NETSCOUT
NETSCOUT

NETSCOUT assures the quality of digital services and protects them against poor performance and cybersecurity threats.


Netskope
Netskope

Netskope provides continuous security posture assessment for your AWS workloads and services to reduce risk and help ensure compliance. We also enhance protection of your data in several ways: API-based protection discovers sensitive data at rest and scans data stores for malware, while Inline protection extends visibility and control to unsanctioned accounts which can prevent data exfiltration.


Okta
Okta

Okta is a leading independent provider of identity for the enterprise. The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. With over 6,500 pre-built integrations to applications and infrastructure providers, Okta customers can easily and securely use the best technologies for their business. More than 8,950 organizations.


Orca Security
Orca Security

Orca Security is the industry-leading agentless Cloud Security Platform that identifies, prioritizes, and remediates risks across your entire AWS environment. 


Paloalto
Palo Alto Networks

Palo Alto Networks provides a broad portfolio of security solutions purpose built for AWS.


Ping Identity
Ping Identity

Our intelligent identity solutions allow enterprises to deliver secure and seamless digital experiences to customers & employees.


Tanium
SailPoint Technologies

Seamlessly integrate SailPoint IdentityNow events with Amazon Security Lake, enhancing threat detection by aggregating and analyzing diverse security data in the OCSF format.


Tanium
Sentra

Sentra’s agentless platform delivers data-context events in OCSF format to enrich security-related logs in Amazon Security Lake.


sysdig
Sysdig

Sysdig's runtime insights combined with Amazon Security Lake offer customers a comprehensive view of cloud security risks.


Tanium
Talon

Talon's Enterprise Browser, a secure and isolated browser-based endpoint environment sends Talon Access, data protection, SaaS actions and security events to Amazon Security Lake - providing visibility and option to cross-correlate events for detection, forensics and investigations


Tanium
Tanium

Tanium is a converge endpoint management and security platform built for the most demanding IT environments. Unparalleled speed, visibility and scale: Get instant visibility and control of laptops, servers, virtual machines, and cloud infrastructure—at scale.


Torq
Torq

Torq provides enterprise-scale automation and orchestration with a simple no-code platform.


Trellix
Trellix

Gain greater visibility, and conduct streamlined, efficient SecOps with Trellix Helix. Integrate over 1000 Trellix solutions and third-party data sources and products.


The Falco Project
The Falco Project

Receive threat events from Falco, the OSS standard for runtime security across Kubernetes, containers, and cloud.


Trend Micro
Trend Micro

Trend Micro a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and innovation, Trend Micro protects 500,000+ organizations across cloud, networks, devices, and endpoints. As a leader in cloud & enterprise security, Trend Micro delivers central visibility for better, faster detection and response and a powerful set of advanced threat defense techniques for dynamic, hybrid environments.


Uptycs
Uptycs

Uptycs reduces risk by prioritizing threats and vulnerabilities across cloud, containers, and endpoints—all from a single UI. Shift up your cybersecurity with Uptycs.


Vectra
Vectra

Vectra® is a cybersecurity platform that uses AI to detect attackers in real time and perform conclusive incident investigations.


AWS Summit Logo Resizing 2_600x400px
VMware Aria Automation for Secure Clouds

Reimagine Cloud Security. Visualize how attackers move laterally by exploiting resource relationships, misconfigurations, & entitlements. Leverage real-time detection, machine learning, & automation to stay on top of critical cloud risks.


Wiz
Wiz

Wiz is on a mission to help organizations create secure cloud environments that accelerate their businesses. By creating a normalizing layer between cloud environments, our platform enables organizations to rapidly identify and remove critical risks.


Zscaler
Zscaler

Zscaler Posture Control™, a cloud native application protection platform (CNAPP), supports native Amazon Security Lake integration.


Subscriber partners

ChaosSearch
ChaosSearch

The ChaosSearch Amazon Security Lake integration enables customers to analyze all telemetry in their Amazon S3 via Opensearch Dashboards/Superset with unlimited retention and industry-leading cost to mitigate security threats and meet compliance obligations.


Cribl
Cribl

Cribl, the Data Engine for IT and Security, empowers organizations to modernize their data management strategy. Customers use Cribl to collect, process, route, and analyze all IT and security data, delivering the flexibility, choice, and control required to adapt to their ever-changing needs. Cribl Search enables customers to query information at rest in Amazon Security Lake to gain valuable insight from that data.


CrowdStrike
CrowdStrike

Simplify ingestion of Amazon Security Lake data with the CrowdStrike Falcon Next-Gen SIEM data connector featuring native OCSF schema parsers. Falcon NG SIEM revolutionizes threat detection, investigation and response by bringing together unmatched security depth and breadth in one unified platform to stop breaches.


Cyber Security Cloud

CloudFastener uses Amazon Security Lake to make it easier to consolidate security data from customers' cloud environments.


Datadog
Devo

The Devo Platform enables security and operations teams to address common use cases including centralized logging, SIEM, compliance, fraud detection, and more. The Platform includes tightly integrated applications for security and IT teams.


Datadog
Datadog

Datadog Cloud SIEM detects real-time threats to your cloud environment, unifying DevOps and security teams in one platform.


IBM Security
Elastic Security

Elastic Security integrates with Amazon Security Lake arming SecOps teams to protect, detect, and respond at scale.


HTCD Inc.
HTCD Inc.

Gain instantaneous compliance automation, prioritization of security findings, and tailored patches. HTCD can query Amazon Security Lake to help you uncover threats with natural language queries and AI-driven insights.


IBM Security
IBM Security

QRadar SIEM with UAX integrates Amazon Security Lake in an analytics platform that identifies and prevents threats across hybrid cloud.


New Relic
New Relic

New Relic is an observability platform built to help engineers create more perfect software. From monoliths to serverless, you can instrument everything, then analyze, troubleshoot, and optimize your entire software stack - all from one place.


Palo Alto
Palo Alto Networks

Palo Alto Networks provides a broad portfolio of security solutions purpose built for AWS.


Panther Labs

Panther supports ingesting Amazon Security Lake logs for use in detections and search.


Query.AI

Query Federated Search can directly query any Security Lake table via Amazon Athena to support incident response, investigations, threat hunting, and general search across a variety of Observables, Events, and Objects in the OCSF  schema


Rapid7
Rapid7

Rapid7 is a leading provider of security data and analytics solutions that enable organizations to implement an active, analytics-driven approach to cyber security. Our solutions empower organizations to prevent attacks by providing visibility into vulnerabilities and to rapidly detect compromises, respond to breaches, and correct the underlying causes of attacks.


Rapid7
Ripjar

Labyrinth for Threat Investigations (LTI) provides a comprehensive enterprise-wide approach to threat exploration at scale based on data fusion, with fine-grained security, adaptable workflows and sophisticated reporting. Augment your analysts with LTI’s Security Lake integration including native OCSF schema support. With LTI, analysts can assess, investigate and manage risk across your environments, enriching your investigations with external data sources using Ripjar's RPA workflows and AI based analytics.


Sumo Logic
Securonix

Securonix Next-Gen SIEM integrates with Amazon Security Lake, empowering security teams to realize faster data ingestion and expand detection and response.


SentinelOne
SentinelOne
SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous platform. SentinelOne ingests various types of Amazon Security Lake logs into the Singularity Platform to enhance telemetry, helping security teams accelerate threat hunting, investigations, and forensics


AWS Summit Logo Resizing_600x400px
Splunk

The Splunk AWS Add-On for Amazon Web Services (AWS) supports ingestion from Amazon Security Lake. This feature enables customers to accelerate threat detection, investigation, and response by subscribing to OCSF formatted data from Amazon Security Lake.


Sumo Logic
Sumo Logic

Secure digital transformation: Uncover early threats with actionable insights to reduce investigation and response times.


Sumo Logic
SOC Prime

SOC Prime empowers smart data orchestration, cost-efficient & zero-trust threat hunting, and dynamic attack surface visibility leaving no chance for a breach to go undetected.


Sumo Logic
Stellar Cyber

Stellar Cyber delivers comprehensive, unified security without complexity, empowering lean security teams of any skill to secure their environments successfully. With the Stellar Cyber Open XDR Platform, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering a 8X improvement in MTTD and an 20X improvement in MTTR.


Tanium
Swimlane

Swimlane is at the forefront of the security orchestration, automation and response (SOAR) solution market and was founded to deliver scalable security solutions to organizations struggling with alert fatigue, vendor proliferation and chronic staffing shortages. 


Tines
Tego Cyber Inc.

Threat detection and correlation at speed and scale, built on your security data in Amazon Security Lake. 


Tines
Tines

Faster, more accurate decision making with Tines Automation + Amazon Security Lake.


Torq
Torq

Torq provides enterprise-scale automation and orchestration with a simple no-code platform.


Trellix
Trellix

Gain greater visibility, and conduct streamlined, efficient SecOps with Trellix Helix. Integrate over 1000 Trellix solutions and third-party data sources and products.


Wazuh
Wazuh

Wazuh open source unified XDR and SIEM platform integrates with Amazon Security Lake for extended endpoint and cloud workload protection.

Service partners

Accenture
Accenture

Accenture's MxDR integration with Security Lake offers real-time data ingestion, managed anomaly detection, threat hunting, and security operations.


Booz Allen Hamilton
Booz Allen Hamilton

Booz Allen Hamilton enables a modern data-driven approach to cyber security by applying our proven tradecraft to Next-Gen Security which fuses Data and Analytics with the Amazon Security Lake service.


CMD Solutions
CMD Solutions

Increase business agility by integrating security early and continuously through design, automation and continuous assurance processes.


Diseño sin título - 7
Deloitte

The CAE suite of customized analytic and Artificial intelligence / Machine Learning (AI/ML) capabilities automatically provide actionable insights to users based on models that run against the Amazon Security Lake OCSF formatted data.


DXC Technology
DXC Technology

DXC Technology helps you run mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across clouds.


Eviden
Eviden

The AIsaac MDR platform can consume VPC Flow Logs ingested in OCSF schema in Security Lake and utilizes AI models for detecting threats.


Infosys
HOOP Cyber Ltd.

Enabling Security Lake to take control of your Data Sources and Empower Cyber Operations


IBM Security
IBM Consulting Cybersecurity Services

IBM Cyber Threat Management services seamlessly integrate data and analytics from the Amazon Security Lake platform. This innovation plays a pivotal role, enabling the consolidation of data from diverse sources into a dedicated data lake to detect and respond threats across hybrid cloud.


Infosys
Infosys

Infosys Cyber Next ingests events in OCSF schema from Security Lake to provide deep visibility into security events, capability for automated response to contain and remediate security anomalies, intelligence of latest threats that could damage business, proactive vulnerability management, ability to manage security & architecture compliance.


Insbuilt
Insbuilt

Insbuilt is a firm specialized in Cloud & Analytics Consulting services partner with services for Data Lakes AWS (Analytics) - Lambda AWS - Landing Zone AWS - Migration Discovery AWS - Machine Learning Discovery on AWS - Cloud Migration


Kudelski Security

Kudelski Security integrates with Amazon Security lake, offering a comprehensive
portfolio of cloud security services to support customers throughout their digital
transformation journey, providing support for safe migration and operations.


Kyndryl
Kyndryl

Kyndryl is expanding its security capabilities by integrating with Security Lake to provide interoperability of cyber data, threat intelligence, and AI-powered analytics.


Leidos
Leidos

Leidos is a science and technology solutions leader working to address some of the world’s toughest challenges in the defense, intelligence, homeland security, civil, and healthcare markets.


NewRelic-logo-321
MegazoneCloud

MegazoneCloud specializes in cloud consulting services and can help you understand how to implement Security Lake in your organization. We connect Security Lake with integrated ISV solutions to build custom tasks, and build customized insights related with customer needs.


PwC
PwC

PwC’s Cyber, Risk, and Regulatory Practice brings knowledge and expertise to aid clients in
implementing the fusion center to meet their individual needs. Built on Amazon Security Lake, the fusion center provides the ability to combine data from a variety of sources to create a centralized, near real-time view. The dashboard features visualizations, drill-down capabilities, and automated workflows, enabling teams to quickly identify, investigate, and respond to potential risks posed by the ever-evolving threat actors.


Sumo Logic
SOC Prime

SOC Prime empowers smart data orchestration, cost-efficient & zero-trust threat hunting, and dynamic attack surface visibility leaving no chance for a breach to go undetected.


Tata Consultancy Services
Tata Consultancy Services

TCS's AWS Business Unit offers innovation, experience, and talent to customers. The AWS-TCS partnership is powered by a decade of joint value creation, deep industry knowledge, technology expertise, and delivery wisdom. This collaboration focuses on delivering full-stack enterprise transformation to the cloud. TCS provides a comprehensive suite of offerings spanning cloud advisory, migration, application and infrastructure modernization, SAP, data and analytics, storage, security, and industry solutions powered with next-generation technologies like AI/ML, Edge/IoT, Serverless, and Low-Code/No-Code.


Wipro
Wipro

Wipro is an innovation-led AWS Cloud partner, helping enterprises in their transformation journey across the cloud lifecycle.

Become an AWS Security Lake partner

To become a Security Lake Partner, please send an email to [email protected] with your company and product(s) names, APN tier level, and contact information.

Next Steps

Find an AWS Partner »

Contact partners directly using our form to get started on your cloud journey.
 

Contact an AWS Partner specialist »

Contact an AWS Partner specialist to get help finding and contacting the right partner for your business needs. 

Learn more about the APN »

Learn about the benefits of working with AWS Partners, their deep level of expertise, and the partners available for services, products, and solutions.

Become an AWS Partner »

APN Programs support the unique business models of APN members by providing with increased prominence and additional support.