Detect and respond to security threats in real time
The ever-increasing number of online, interconnected systems creates a large attack surface that is challenging to defend against malicious actors. Organizations that take a proactive approach to protecting their data and infrastructure can mitigate the legal, financial, and reputational risks posed by security threats.
OpenSearch offers out-of-the-box Security Analytics to help you detect, investigate, and respond to threats in real time. With Security Analytics, the security log data from your critical infrastructure can provide insight into potential risks to your systems, users, confidential data, and applications. Built-in functionality like customizable detection rules, integrated dashboards, and a robust correlation engine gives your security teams a powerful, lexible toolkit to investigate potential threats and take necessary mitigation steps.
Open-source detection rules
2,200+ prepackaged rules for your security event log sources.
Access user-friendly security threat detection, investigation, and reporting tools.
Create alerts on matched detection rules so that incident response teams are notified in real time.
Configure correlation rules to automatically link security findings and investigate them using a visual knowledge graph.
Use any custom log source and define your own rules to detect potential threats.
|Security Analytics Use Cases|
|Event correlation||Use correlation rules to help identify and investigate potential issues across multiple systems.|
|Analyze custom logs:||Create customized detection rules to help analyze data from custom log types.|
|Real-time detection:||Detect adversarial actions in real time and notify security teams about potential threats.|