Experiencing a Breach?
  • 1-855-868-3733
  • Contact
  • Cybersecurity Blog
en
  • English
  • 日本語
  • Deutsch
  • Español
  • Français
  • Italiano
  • Dutch
  • 한국어
S1 Logo Color Light S1 Logo Color
Platform
  • Platform Overview
    • Singularity Platform Welcome to Integrated
      Enterprise Security
    • Singularity XDR Native & Open Protection,
      Detection, and Response
    • Singularity Data Lake AI-Powered,
      Unified Data Lake
    • How It Works The Singularity XDR Difference
    • Singularity Marketplace One-Click Integrations to Unlock the Power of XDR
  • Surfaces
    • Endpoint Autonomous Prevention, Detection, and Response
    • Cloud Autonomous Runtime Protection for Workloads
    • Identity Autonomous Identity & Credential Protection
  • Platform Packages
    • Singularity Complete The Standard for Enterprise Cybersecurity
    • Singularity Control Organization-Wide
      Protection and Control
    • Singularity Core Cloud-Native NGAV
    • Package Comparison Our Platform at a Glance
  • Platform Products
    • Singularity Cloud Workload Security Real-Time Cloud Workload Protection Platform
    • Purple AI Accelerate SecOps with Generative AI
    • Singularity Mobile Mobile Threat Defense
    • Singularity
      Threat Intelligence
      Comprehensive adversary intelligence
    • Singularity Cloud
      Data Security
      AI-Powered Threat Detection
    • Singularity
      RemoteOps Forensics
      Orchestrate Forensics at Scale
    • Singularity Identity Identity Threat Detection
      and Response
    • Singularity Ranger AD Active Directory Attack Surface Reduction
    • Singularity Ranger Insights Rogue Asset Discovery
    • Singularity Hologram Deception Protection
Why SentinelOne?
  • Why SentinelOne?
    • Why SentinelOne? Cybersecurity Built
      for What’s Next
    • Our Customers Trusted by the World’s Leading Enterprises
    • Industry Recognition Tested and Proven
      by the Experts
    • About Us The Industry Leader in Autonomous Cybersecurity
  • Compare SentinelOne
    • CrowdStrike Cyber Dependent
      on a Crowd
    • McAfee Pale Performance,
      More Maintenance
    • Microsoft Platform Coverage
      That Compromises
    • Trend Micro The Risk of DevOps Disruption
    • Palo Alto Networks Hard to Deploy,
      Harder to Manage
    • Carbon Black Adapt Only as Quickly
      as Your Block Lists
    • Symantec Security Limited
      to Signatures
  • Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
Services
  • Strategic Services
    • PinnacleOne Strategic Advisory Group
    Services Overview
  • Threat Services
    • Vigilance Respond Pro
      MDR + DFIR
      24x7 MDR with Full-Scale Investigation & Response
    • WatchTower Pro
      Threat Hunting
      Dedicated Hunting & Compromise Assessment
    • Vigilance Respond
      MDR
      Dedicated SOC
      Expertise & Analysis
    • WatchTower
      Threat Hunting
      Hunting for Emerging Threat Campaigns
  • Support, Deployment, & Health
    • Technical Account Management Customer Success with Personalized Service
    • SentinelOne GO Guided Onboarding & Deployment Advisory
    • SentinelOne University Live and On-Demand Training
    • Support Services Tiered Support Options for Every Organization
    • SentinelOne Community Community Login
Partners
  • Our Network
    • MSSP Partners Succeed Faster
      with SentinelOne
    • Singularity Marketplace Extend the Power
      of S1 Technology
    • Cyber Risk
      Partners
      Enlist Pro Response
      and Advisory Teams
    • Technology Alliances Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS Hosted in AWS Regions Around the World
    • Channel Partners Deliver the Right
      Solutions, Together
    Program Overview
Resources
  • Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • White Papers
    View All Resources
  • Blog
    • Cyber Response
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog
  • Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
About
  • About SentinelOne
    • About SentinelOne The Industry Leader in Cybersecurity
    • Investor Relations Financial Information & Events
    • SentinelLABS Threat Research for
      the Modern Threat Hunter
    • Careers The Latest Job Opportunities
    • Press & News Company Announcements
    • Cybersecurity Blog The Latest Cybersecurity Threats, News, & More
    • F1 Racing SentinelOne &
      Aston Martin F1 Team
    • FAQ Get Answers to Our Most Frequently Asked Questions
    • DataSet The Live Data Platform
    • S Foundation Securing a Safer Future for All
    • S Ventures Investing in the Next Generation
      of Security and Data
    • Brand SentinelOne Brand Guidelines
en
  • English
  • 日本語
  • Deutsch
  • Español
  • Français
  • Italiano
  • Dutch
  • 한국어
Get a Demo
S1 Logo Color Light S1 Logo Color
Navigation Arrow Left Back
Navigation Close
Platform
  • Platform Overview
    • Singularity Platform Welcome to Integrated
      Enterprise Security
    • Singularity XDR Native & Open Protection,
      Detection, and Response
    • Singularity Data Lake AI-Powered,
      Unified Data Lake
    • How It Works The Singularity XDR Difference
    • Singularity Marketplace One-Click Integrations to Unlock the Power of XDR
  • Surfaces
    • Endpoint Autonomous Prevention, Detection, and Response
    • Cloud Autonomous Runtime Protection for Workloads
    • Identity Autonomous Identity & Credential Protection
  • Platform Packages
    • Singularity Complete The Standard for Enterprise Cybersecurity
    • Singularity Control Organization-Wide
      Protection and Control
    • Singularity Core Cloud-Native NGAV
    • Package Comparison Our Platform at a Glance
  • Platform Products
    • Singularity Cloud Workload Security Real-Time Cloud Workload Protection Platform
    • Purple AI Accelerate SecOps with Generative AI
    • Singularity Mobile Mobile Threat Defense
    • Singularity
      Threat Intelligence
      Comprehensive adversary intelligence
    • Singularity Cloud
      Data Security
      AI-Powered Threat Detection
    • Singularity
      RemoteOps Forensics
      Orchestrate Forensics at Scale
    • Singularity Identity Identity Threat Detection
      and Response
    • Singularity Ranger AD Active Directory Attack Surface Reduction
    • Singularity Ranger Insights Rogue Asset Discovery
    • Singularity Hologram Deception Protection
Why SentinelOne?
  • Why SentinelOne?
    • Why SentinelOne? Cybersecurity Built
      for What’s Next
    • Our Customers Trusted by the World’s Leading Enterprises
    • Industry Recognition Tested and Proven
      by the Experts
    • About Us The Industry Leader in Autonomous Cybersecurity
  • Compare SentinelOne
    • CrowdStrike Cyber Dependent
      on a Crowd
    • McAfee Pale Performance,
      More Maintenance
    • Microsoft Platform Coverage
      That Compromises
    • Trend Micro The Risk of DevOps Disruption
    • Palo Alto Networks Hard to Deploy,
      Harder to Manage
    • Carbon Black Adapt Only as Quickly
      as Your Block Lists
    • Symantec Security Limited
      to Signatures
  • Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
Services
  • Strategic Services
    • PinnacleOne Strategic Advisory Group
    Services Overview
  • Threat Services
    • Vigilance Respond Pro
      MDR + DFIR
      24x7 MDR with Full-Scale Investigation & Response
    • WatchTower Pro
      Threat Hunting
      Dedicated Hunting & Compromise Assessment
    • Vigilance Respond
      MDR
      Dedicated SOC
      Expertise & Analysis
    • WatchTower
      Threat Hunting
      Hunting for Emerging Threat Campaigns
  • Support, Deployment, & Health
    • Technical Account Management Customer Success with Personalized Service
    • SentinelOne GO Guided Onboarding & Deployment Advisory
    • SentinelOne University Live and On-Demand Training
    • Support Services Tiered Support Options for Every Organization
    • SentinelOne Community Community Login
Partners
  • Our Network
    • MSSP Partners Succeed Faster
      with SentinelOne
    • Singularity Marketplace Extend the Power
      of S1 Technology
    • Cyber Risk
      Partners
      Enlist Pro Response
      and Advisory Teams
    • Technology Alliances Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS Hosted in AWS Regions Around the World
    • Channel Partners Deliver the Right
      Solutions, Together
    Program Overview
Resources
  • Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • White Papers
    View All Resources
  • Blog
    • Cyber Response
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog
  • Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
About
  • About SentinelOne
    • About SentinelOne The Industry Leader in Cybersecurity
    • Investor Relations Financial Information & Events
    • SentinelLABS Threat Research for
      the Modern Threat Hunter
    • Careers The Latest Job Opportunities
    • Press & News Company Announcements
    • Cybersecurity Blog The Latest Cybersecurity Threats, News, & More
    • F1 Racing SentinelOne &
      Aston Martin F1 Team
    • FAQ Get Answers to Our Most Frequently Asked Questions
    • DataSet The Live Data Platform
    • S Foundation Securing a Safer Future for All
    • S Ventures Investing in the Next Generation
      of Security and Data
    • Brand SentinelOne Brand Guidelines
Get a Demo
  • 1-855-868-3733
  • Contact
  • Cybersecurity Blog
Experiencing a Breach?
  • 1-855-868-3733
  • Contact
  • Cybersecurity Blog

SentinelOne Announces Support for Amazon Security Lake to Power Cloud Investigations

XDR Leader Ingests OCSF Data into Singularity™ XDR to Transform SecOps

Las Vegas, NV. – November 30, 2022 – Today, at AWS re:Invent 2022, SentinelOne (NYSE: S), an autonomous cybersecurity platform company, announced SentinelOne Singularity Cloud works with Amazon Security Lake from Amazon Web Services (AWS) to support hunting, threat investigations, and forensics on cloud logs within the SentinelOne Singularity XDR Platform. Amazon Security Lake is a new service that automatically centralizes an organization’s security data from cloud, on-premises, and custom sources into a customer owned, purpose-built data lake. Both Singularity Cloud and Amazon Security Lake use the Open Cybersecurity Schema Framework (OCSF) to simplify how logs are ingested, searched, and analyzed. As a result, customers can begin investigations without any effort to parse or normalize security logs.

SentinelOne’s Singularity Cloud consists of a Cloud Workload Security (CWS) solution that offers near real-time threat detection and prevention for containers, Kubernetes clusters, and virtual machines. Singularity Cloud protects against cloud threats such as ransomware, cryptomining, and fileless attacks in near real-time using patented behavioral artificial intelligence (AI) and threat intelligence. The platform’s XDR data plane, called Skylight™, enables customers to ingest third-party data sources, such as those from Amazon Security Lake, to support a diverse set of use cases. Threat hunting, investigation, and forensics use cases are easier and more complete with Singularity Cloud’s detailed, natively-collected container and virtual machine (VM) telemetry. The initial data ingested into Skylight from Amazon Security Lake includes Amazon Virtual Private Cloud (Amazon VPC) flow logs, AWS CloudTrail management events, Amazon Route 53 Resolver query logs, Amazon Simple Storage Service (Amazon S3) data events, AWS Lambda function execution activity, and  AWS Security Hub findings.

“By connecting Amazon Security Lake to Singularity XDR, and through implementing OCSF as our data schema, SentinelOne is unlocking new use cases for cloud-focused hunting, investigations, and forensics,” said Ely Kahn, Vice President of Cloud Products, SentinelOne. “Customers can now easily pivot from the threats that we detect and into associated AWS data to better understand the root cause and impact of the threat.”

“Amazon Security Lake simplifies how customers collect security logs and findings in a format ready for analytics,” said Rod Wallace, General Manager of Amazon Security Lake at AWS. “Customers can now make their security data accessible to AWS Partners like SentinelOne to uncover security-related insights and effectively address potential issues faster while continuing to use their preferred analytics tools.”

To get started, SentinelOne customers can request early access to Skylight to start using the add-on between Singularity Cloud and Amazon Security Lake. SentinelOne will also be presenting Singularity Cloud and our latest AWS collaborations at the SentinelOne booth at AWS re:Invent 2022, #416, in the Security Neighborhood.

For more information on SentinelOne on AWS visit www.sentinelone.com/sentinelone-for-aws.

About SentinelOne

SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.

Contact:

Will Clark
fama PR for SentinelOne
E: [email protected]

Company | 5 minute read

The Good, the Bad and the Ugly in Cybersecurity – Week 49

December 8, 2023
New GBU Weekly
For CISO/CIO | 6 minute read

The 2023 Counter Ransomware Initiative Summit | Stepping Up Global Collaboration in Cybersecurity

December 5, 2023
Cloud | 8 minute read

AWS re:Invent 2023 Highlights | Showcasing the Latest Advances in Cloud Security and Innovation

December 4, 2023
From the Front Lines | 6 minute read

Iran-Backed Cyber Av3ngers Escalates Campaigns Against U.S. Critical Infrastructure

November 30, 2023

Purpose Built to Prevent Tomorrow’s Threats. Today.

Your most sensitive data lives on the endpoint and in the cloud. Protect what matters most from cyberattacks. Fortify the edges of your network with realtime autonomous protection.
Get a Demo
Company
  • Our Customers
  • Why SentinelOne
  • Platform
  • About
  • Partners
  • Support
  • Careers
  • Legal & Compliance
  • Security & Compliance
  • Contact Us
  • Investor Relations
Resources
  • Blog
  • Labs
  • Hack Chat
  • Press
  • News
  • FAQ
  • Resources
  • Ransomware Anthology
Global Headquarters

444 Castro Street
Suite 400
Mountain View, CA 94041

+1-855-868-3733

[email protected]

Sign Up For Our Newsletter
Thank you! You will now receive our weekly newsletter with all recent blog posts. See you soon!
English
  • English
  • 日本語
  • Deutsch
  • Español
  • Français
  • Italiano
  • Dutch
  • 한국어
©2023 SentinelOne, All Rights Reserved.
Privacy Policy Master Subscription Agreement
Footer Logo
Social Twitter White Social Facebook White Social Linkedin White Social Youtube White