Corporate Training
News/Tech News

Amazon OpenSearch Service Introduces Security Analytics

Published on April 01, 2023

OpenSearch Service now includes security analytics as a general availability feature. Security threats can be monitored, detected, and alerted using the new capabilities of ElasticSearch Service’s successor.

As a result of the new security analytics plugin, we are able to identify attack signatures and create alerts based on our security findings. By using dashboards, it is possible to visualize metrics data from Prometheus and log data aggregated within OpenSearch. In addition, the plugin supports trace data collected by Jaeger.

The new feature of Amazon OpenSearch Service includes a threat detection engine preloaded with a set of default rules and is accompanied by the recent announcement that OpenSearch 2.5 will be supported. Additionally, the latest open-source version also introduced support for Point in Time Search and improvements to observability and geospatial functionality.

Four main tools and features are included in Security Analytics: detectors, which are key components of identifying cybersecurity threats, log types, which provide the data necessary to evaluate events, rules, which define the conditional logic applied to ingested log data, and findings, which are generated whenever a detector matches a rule with a log event.

The MITRE ATT&CK organization maintains a database of adversary tactics and techniques that are analyzed by the detectors using JSON formatted data. AWS CloudTrail logs, NetFlow logs, DNS logs, Apache access logs, Windows logs, AD/LDAP logs, system logs, and S3 access logs are currently supported log sources. In addition to creating detectors and generating findings, the visualization options allow customers to investigate findings and respond to alerts and notifications.

This new feature enables developers without prior security experience to leverage simplified workflows in OpenSearch to correlate multiple security logs and investigate security incidents.

OpenSearch Service Security analytics are available in all regions where OpenSearch Service is supported, and require OpenSearch version 2.5 or higher. Although security analytics are provided at no additional cost, customers are still required to pay for data ingestion.

GitHub hosts the code for the Security Analytics plugin.

Tech News

ChatGPT Is Fun, but the Future Is Fully Autonomous AI for Code at QCon London img

ChatGPT Is Fun, but the Future Is Fully Autonomous AI for Code at QCon London

A presentation on artificial intelligence (AI) for code writing was given by Mathew Lodge, CEO of DiffBlue, at the…

New Java SE Universal Subscription from Oracle img

New Java SE Universal Subscription from Oracle

Since January 2023, Oracle has announced the new Java SE Universal subscription and pricing, which will replace ..

Our Latest Blog

Unlock Your Career Potential with a Level 6 Diploma in Business Strategy and Management in London img
May 29, 2023By

Unlock Your Career Potential with a Level 6 Diploma in Business Strategy and Management in London

Are you feeling stuck in your current job? Do you want to acquire the skills...
Read More
Unlock Your Potential with a Level 5 Diploma in Business London's Top Courses img
May 28, 2023By

Unlock Your Potential with a Level 5 Diploma in Business: London’s Top Courses

Are you looking to enhance your knowledge and skills in the field of business? Do...
Read More
Unlock Your Potential with Level 4 Diploma in Business Courses in London img
May 27, 2023By

Unlock Your Potential with Level 4 Diploma in Business Courses in London

Are you looking for a comprehensive course to take your business career to the next...
Read More

Follow Us

Resources

Presentations
Browse LSET presentations to understand interesting…

Explore Now


eBooks
Get complete guides to empower yourself academically…

Explore Now


Infographics
Learn about information technology and business…

Explore Now