构建面向未来的安全运营中心：利用 OCSF 和生成式人工智能革新安全日志记录.pdf

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.S E C 3 4 7Sushovan BasakAllan UmandapPratima SinghBuild a future-ready SOC:Transform security log

2、ging with OCSF and generative AIHe/himSr.Technical Account Manager HCLSAWSHe/himDirector Public CloudMerckShe/herSr.Solutions Architect,FSIAWS 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.AgendaChallenges with multi-schema log sourcesOpen Cybersecurity Schema Framework(OCSF)Cen

3、tralized logging with OCSF:A Merck StoryEnhancing triage with OCSF and Agentic AI 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Security is a data problem 2025,Amazon Web Services,Inc.or its affiliates.All rights

4、 reserved.Hybrid Log SourceModern enterprises operate across on-premises data canters,multiple cloud providers,and numerous SaaS applications-each generating security logs independently.Diverse PlatformsSecurity data spans on-prem infrastructure,cloud workloads,and SaaS servicesDifferent FormatEach

5、platform maintains independent logging structure across organizational boundaries 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Complex Data PipelinesMultiple schemas lead to complex data pipelines.Security teams lose time mapping data instead of detecting threats.Talent Optimiz

6、ationEngineering teams spend most time on data transformation,not security capabilitiesDetection ChallengeInconsistent formats lead to missed correlations and false positives,reducing monitoring effectiveness 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Increasing Log VolumesSe