Security Analytics

Platform

Capabilities

Community

Documentation

Most Recent Articles
Boosting k-NN exact search performance	Nov 19, 2024
Introducing OpenSearch nightly playgrounds: Preview new OpenSearch features live	Nov 07, 2024
Get started with OpenSearch 2.18	Nov 06, 2024
Step-by-step: Creating a new database integration using Data Prepper	Nov 05, 2024
Gain deeper insights with OpenSearch Query Insights	Oct 31, 2024
Introducing enhanced search functionality on OpenSearch.org	Oct 30, 2024
Tiered caching in OpenSearch	Oct 24, 2024
Streamline your OpenSearch development workflow on macOS with Apple silicon	Oct 22, 2024
Session spotlight: Keynote address at OpenSearchCon North America 2024	Oct 21, 2024
How sorting works in hybrid queries	Oct 17, 2024

Detect and respond to security threats in real time

OpenSearch platform for security analytics applications hero banner.

The ever-increasing number of online, interconnected systems creates a large attack surface that is challenging to defend against malicious actors. Organizations that take a proactive approach to protecting their data and infrastructure can mitigate the legal, financial, and reputational risks posed by security threats.

OpenSearch offers out-of-the-box Security Analytics to help you detect, investigate, and respond to threats in real time. With Security Analytics, the security log data from your critical infrastructure can provide insight into potential risks to your systems, users, confidential data, and applications. Built-in functionality like customizable detection rules, integrated dashboards, and a robust correlation engine gives your security teams a powerful, lexible toolkit to investigate potential threats and take necessary mitigation steps.

Defend systems and data

Help protect organizational systems and sensitive data from malicious activity, including insider threats.

Comprehensive visibility

Collect security event data from a wide variety of log sources to generate critical insights.

Flexible Toolkit

Detect potential threats with prepackaged or customizable detection rules that follow a generic, open-source format.

Real-time Response

Monitor and correlate adversary actions in real time across devices, hosts, and applications.

Key Features

Open-source detection rules

2,200+ prepackaged rules for your security event log sources.

Unified interface

Access user-friendly security threat detection, investigation, and reporting tools.

Automated alerts

Create alerts on matched detection rules so that incident response teams are notified in real time.

Correlation engine

Configure correlation rules to automatically link security findings and investigate them using a visual knowledge graph.

Customizable tools

Use any custom log source and define your own rules to detect potential threats.

Use Cases

Security Analytics Use Cases
Event correlation	Use correlation rules to help identify and investigate potential issues across multiple systems.
Analyze custom logs:	Create customized detection rules to help analyze data from custom log types.
Real-time detection:	Detect adversarial actions in real time and notify security teams about potential threats.

To learn more about OpenSearch Security Analytics and start exploring your event logs, visit About Security Analytics and Setting up Security Analytics in our documentation.

Download OpenSearch

Check Out Github

OpenSearch Project Org OpenSearch Project Org OpenSearch Project Org

Security Analytics

Detect and respond to security threats in real time

Key Features

Open-source detection rules

Unified interface

Automated alerts

Correlation engine

Customizable tools

Use Cases

Getting Started

Featured Blog Posts

OpenSearch

Correlating security events across different log sources

Amazon Web Services

Identify and remediate security threats to your business using security analytics with Amazon OpenSearch Service

Resources

Participate

Partners

Resources