VMware Aria Automation for Secure Clouds (formerly CloudHealth Secure State) integration with Amazon Security Lake is another step towards helping customers effectively monitor cloud risk and operationalize security.
VMware Aria Automation for Secure Clouds is a real-time, contextual cloud configuration security platform that enables IT & developer teams to reduce misconfiguration risk across public cloud and Kubernetes infrastructure. Organizations are responding to cloud security challenges by implementing various tools and need to correlate data generated by these tools to manage risk and avoid any blind spots. By leveraging this integration, customers will be able to deliver data regarding misconfiguration risk, from VMware Aria Automation for Secure Clouds to Amazon Security Lake. By enabling transfer of security insights compliant with the Open Cybersecurity Schema Framework (OCSF), this integration makes it convenient to correlate cloud resource misconfiguration data with logs from other platforms using the analytics tool of your choice as security teams continuously monitor and mitigate risk.
Security Data Generated by VMware Aria Automation for Secure Clouds
Onboarding your cloud accounts allows the service to map cloud resources, relationships, and metadata to create a data layer. Pre-defined security & compliance benchmarks and organization-specific custom rules are applied to this data layer to detect security violations that increase risk. As objects, data, and relationships change, the service intelligently detects new violations and threats in near real-time. These violations are reported as “findings” within the platform and can be delivered to Amazon Security Lake through this integration.
Amazon Security Lake automatically centralizes an organization’s security data from cloud, on-premises, and custom sources into a purpose-built data lake stored in a customer’s account. With Amazon Security Lake, customers can use the security and analytics solutions of their choice to simply query that data in place or ingest the OCSF-compliant data to address further use cases.
How VMware Aria Automation for Secure Clouds Supports the Amazon Security Lake Integration
A simple 2-step workflow helps to export security findings generated from your cloud and Kubernetes environment to Amazon Security Lake. Customers also have the flexibility to export security insights based on pre-defined criteria such as risk severity, environment, compliance framework or selected cloud accounts.
2-Step Workflow to Enable the Integration
Step 1: Turn on a new Amazon S3 integration
The Amazon S3 integration within VMware Aria Automation for Secure Clouds allows customers to send security findings into a selected S3 bucket. Customers can now select the Amazon Security Lake S3 bucket to which the resource misconfiguration data needs to be exported (Figure 1).
Step 2: Enable alerts to integrated S3 bucket
Once the integration is turned-on, choosing the configured S3 bucket and enabling alerts will automate the data export to Amazon Security Lake in OCSF-compliant format. You can choose to send the security insights designated to a project or for the entire organization (Figure 2).
For detailed instructions on enabling this integration please refer Product Documentation.
Information security, operations, and developer teams need a cloud-smart approach to secure applications and data in the landscape of rapidly changing cloud resources, growing attack surfaces, distributed security ownership, and poor visibility of risk. VMware Aria Automation for Secure Clouds enables visualization of misconfigured resources and connected cloud assets to get a better understanding of risk. The service helps operationalize security at scale by automating delivery of security insights to application owners, suppression of false positives, remediation, and security verification during continuous integration and continuous deployment pipelines. Get started on your cloud security journey by filling a simple form and get instant access to your free account.