It allows software engineers to easily correlate and detect security incidents at scale while lowering costs
New Relic, an observability platform used by engineers, announced an integration with the newly launched Amazon Security Lake. With this integration, users can use New Relic’s platform security capabilities, such as vulnerability management, to remediate security incidents.
Seeing security log data and events consolidated in New Relic alongside Application Performance Monitoring (APM) data gives engineers a more better understanding of their organization’s security posture and improves the protection of workloads, applications, and data. This accelerates its customers’ efforts to consolidate telemetry data in its platform and enables new teams to adopt observability.
“Modern software systems are complex and constantly evolving, generating an ever-growing amount of data, which only increases the need to be able to secure and observe them at scale,” said New Relic VP of Cloud and Product Partnerships Gal Tunik. “We’re excited to announce New Relic’s integration with Amazon’s Security Lake because when engineers combine security and observability data, DevOps and security teams can accurately and continuously monitor, test, and remediate security risks at every stage of the software development lifecycle. This removes silos and helps them scale and ship code faster, which is a game changer.”
Amazon Security Lake allows organizations to store, analyze, and monitor security-related data and events in a scalable and cost-effective manner in their AWS accounts. It provides a mechanism to collect and centralize security log data from all accounts and regions in a standard Open Cybersecurity Schema Framework (OCSF) format and ship to third parties like New Relic.
With this integration, AWS customers can now collect multi-region, multi-account data across complex microservices infrastructure and monitor that data in New Relic. Users can gain insights with CloudTrail logs by identifying and responding to actions taken, resources involved, and event occurrences alongside New Relic data to uncover unusual activity.
It can detect and resolve malicious attacks on domains and services by pulling in Route 53 data from Security Lake into the New Relic dashboard. Users can also pull Security Hub findings from Security Lake to correlate security findings to entities, build out analytics dashboards, and enable alerts on newly detected vulnerabilities for improved mean time to detection (MTTD) and mean time to remediation (MTTR).
They can also remove silos to accelerate response by correlating New Relic observability data and security data in one place. This allows DevOps, IT, and security teams to have complete context and full visibility so that they can collaborate in real-time and mitigate security risks.