AWS, as of April 2022, has 226 services that generate a myriad of different log types and formats. In order to operationalize the vast amounts of data produced by these log entries, security teams must aggregate, normalize and automate based off of the log contents.
We wanted more insight into the current challenges, frustrations, and desires of teams using AWS. To answer these questions, we sought out security professionals who use AWS to better understand what they're seeing, what they’re concerned about, and what they want to improve.
Some of the key findings include:
- 48.8% of respondents find it difficult to redirect or copy logs out of AWS into an external log management solution.
- Increasing log retention and implementing a SIEM are the highest priorities for the most significant pluralities of respondents.
- 18.8% of respondents log data from more than 40 accounts, yet over 54.4% say their environments are “very complex,” and 64.8% have “only existed in the cloud."
- The survey responses may indicate overconfidence in the capabilities of SIEMs.