WHITEPAPER

New SIEM, Same SOC.

Just Happier.
Learn How to Streamline and Enrich
Your SOC Workflow with Modern SIEM

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 AWS Marketplace introduction
Security operations center (SOC) teams rely heavily on security information and event management (SIEM)
solutions for data management, deep intelligence, and incident response—but traditional SIEMs don’t
emphasize cloud-specific events and unauthorized scenarios. To improve AWS deployments, SOC teams need
new and cloud-centric capabilities.

In this whitepaper, “New SIEM. Same SOC. Just happier,” SANS analyst and senior instructor, Dave Shackleford,
dives into AWS-focused SIEM platforms. He covers automation, deep integration with AWS native services,
and visualization and data analysis tools that help quickly identify and investigate events in AWS.

AWS Marketplace also shares how to build and deploy EDR/NDR with solutions from independent software
vendors in AWS Marketplace.

The featured solutions for this use case can be accessed in AWS Marketplace:

Logz.io Devo Hunters

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. How to integrate security into the DevOps pipeline in AWS | 2
 Learn how to streamline and
enrich your SOC workflow with
modern SIEM
Improve cloud analytics, functions, and workflows at scale
To achieve a balanced and manageable zero-trust model for AWS, organizations will likely make use of
a range of different controls. They will also deploy security and operational program elements, some of
which are built into AWS and others that are procured from AWS Marketplace partners, offering best-
in-class security and cloud services. These security solutions can be integrated with AWS Services and
other existing technologies, enabling you to deploy a comprehensive security architecture across your
AWS and on-premises environments.

How customers are leveraging Logz.io as part of their

AWS Cloud security architecture
Logz.io offers four products: Log Management compatible with ELK, Infrastructure Monitoring based on
Prometheus, Distributed Tracing based on Jaeger, and an ELK-compatible Cloud SIEM. These are offered as
fully managed, integrated cloud services designed to help engineers monitor, troubleshoot, and secure their
distributed cloud workloads more effectively. The logz.io is a SaaS platform best open source technologies:
o Effortless deployment, management, and scaling: Logz.io automatically handles ingestion, the data
pipeline, and cluster management—saving you time and resources.

o Stay on the cutting edge of open source innovation: Logz.io is built around popular open source
tools that promise interoperability with evolving cloud landscapes.

o Unified visibility: Analyze your logs, metrics, traces, and security events together to get the whole
picture of production in a single pane of glass.

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. How to integrate security into the DevOps pipeline in AWS | 13
 Why use AWS Marketplace?
AWS Marketplace is a digital software catalog that makes it easy to find, try, buy,
deploy, and manage software that runs on AWS. AWS Marketplace has a broad
and deep selection of security solutions offered by hundreds of independent
software vendors, spanning infrastructure security, logging and monitoring,
identity and access control, data protection, and more.

Customers can launch pre-configured solutions in just a few clicks in both

Amazon Machine Image (AMI) formats and SaaS subscriptions, with entitlement
options such as hourly, monthly, annual, and multi-year contracts.

AWS Marketplace is supported by a global team of solutions architects, product

specialists, and other experts to help IT teams connect with the tools and
resources needed to streamline migration journeys to AWS.

How to get started with Next-Gen SIEM solutions

in AWS Marketplace
Security teams use AWS native services and seller solutions in AWS Marketplace
to help build automated, innovative, and secure solutions to address relevant use
cases and further harden their cloud security footprint. The following solutions
can help you get started:

Discover Solutions Talk to an Expert

Find the tools you need to implement Get connected with a solution architect
a Zero Trust Model for Data Analytics that can share best practices and help
Applications in AWS. solve your business challenges.

Visit AWS Marketplace Get Connected

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. How to integrate security into the DevOps pipeline in AWS | 14
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. How to integrate security into the DevOps pipeline in AWS | 14