AWS Integrations for Avalor’s Data Fabric for Security™
June 12, 2023
Kfir Tishbi
Avalor's data fabric is cloud-agnostic, integrating with more than 100 different data sources including AWS, Azure, GCP, and private clouds. In this blog post, Avalor CTO Kfir Tishbi shares details on all of the data integrations our platform supports for AWS customers including AWS Security Lake and AWS Cloud Security services.
This week, our team is excited to be at the AWS re:Invent conference! If you’re also attending and would like to meet up in-person, drop us a line at Avalor.io/contact.
To provide our customers with the maximum value of a data fabric architecture, Avalor can ingest and process any data from any source in any format. Therefore, our data fabric is also cloud-agnostic, integrating with more than 100 different data sources including AWS, Azure, GCP, and private clouds.
Security teams are dealing with disparate data sources created by a myriad of different tools spread across their organization. This often happens because teams choose best-in-breed or specialized tools that are really effective at one particular purpose. These tools also tend to have their own data taxonomy, format, and output making it overwhelming, if not impossible, to access and make sense of all available data, in aggregate and with the appropriate context.
In a nutshell, Avalor’s Data Fabric for Security™ works like this:
1. Data is ingested through whatever delivery method the source uses such as API, email, webhooks, S3, etc.
2. Data is parsed and processed in whatever file format it comes in (e.g. zip file, Excel, PDF, CSV, JSON, etc.) to extract records of information.
3. Data is mapped into the customer’s security data knowledge graph in Avalor.
Turning the complexity of consuming and extracting data from any source and any format into a seamless experience for the security domain is the magic behind Avalor. We make sense of all the bits and bytes of data so security teams can make faster, more accurate decisions.
Integrating Data from an AWS Account
Life is easy for Avalor customers because we’re on the same cloud platforms they are! For example, the AWS Cross-Account access function allows our customers to create an account for Avalor’s data fabric in their own domain and give our platform direct access to technical data – like VPC flow logs, WAF logs, and any kind of events that are generated by the AWS account – without having to share account credentials or transfer data outside the customer’s AWS environment. This also means customers can enforce their own security rules and compliance controls on the data, including revoking access permission at any time. This is a critical capability for customers operating under strict regulatory or contractual requirements like HIPAA and FedRAMP.
Avalor’s data fabric can ingest data from any delivery method provided by a customer’s AWS Security Lake (OCSF) such as AWS Kinesis Data Firehose, Amazon SQS, Amazon SNS, Amazon SES, and database’s change data capture (CDC) delivered by Kafka, FTP, HTTP uploads regardless of which security tool or vendor generates that data.
Integrating Data from AWS Security, Identity, & Compliance Services
Avalor’s data fabric can also process data from any AWS Cloud Security service including:
Identity and access management
AWS Identity and Access Management (IAM), AWS IAM Identity Center, Amazon Cognito, Amazon Verified Permissions, AWS Directory Service, AWS Resource Access Manager, AWS Organizations
AWS Security Hub, AWS GuardDuty, Amazon Inspector, Amazon Security Lake, AWS Config, Amazon CloudWatch, AWS CloudTrail, AWS IoT Device Defender
Network and application protection
AWS Firewall Manager, AWS Network Firewall, AWS Shield, AWS Verified Access, AWS Web Application Firewall (WAF), Amazon Route 53 Resolver DNS Firewall
Amazon Macie, AWS Key Management Service (AWS KMS), AWS CloudHSM, AWS Certificate Manager, AWS Private Certificate Authority, AWS Secrets Manager
Amazon Detective, AWS Elastic Disaster Recovery
AWS Artifact, AWS Audit Manager
How Avalor Uses AWS
We use AWS to run our own business including accessing the latest and greatest SaaS applications, and conducting trusted and insured financial transactions with international customers through AWS Marketplace.
We also use AWS to adapt and scale our resources based on customer needs. We can ramp up resources for clients going through periods of heavy workload, like an M&A transaction, and then scale down as their workload returns to normal levels. The elasticity of AWS enables us to offer adjustable pricing and to pass on price reductions to our customers.
To learn more about our 100+ data integrations, including AWS and other cloud platforms, reach out to our team here.
What Security Leaders Need to Know About Data Fabric Architecture
Avalor CEO Raanan Raz explains how a data fabric architecture solves security's greatest data challenge.
Avalor’s AnySource™ Connector and Integrations Library: Powering Our Any Data Source, Any Format Difference
Being able to ingest some, but not all of your organization's data sources means you’re still missing a lot. In this blog post, Timna Carmel, VP of Product at Avalor, explains how the hundreds of integrations available with the Avalor platform enable enterprises to ingest, normalize, and analyze data from anywhere in the tech stack to provide full coverage of all your data.