Medigate by Claroty and Amazon Security Lake

Medigate by Claroty is a complete cybersecurity solution for clinical environments. Highly flexible and rapid deployment options enable Medigate to reveal and protect all XIoT — the extended internet of things, consisting of IOMT, IoT, OT and BMS assets — within the network, while automatically detecting the earliest indicators of threats to operations. Medigate strengthens and increases the utility of Amazon Security Lake by sending alerts detected within clinical networks to Security Lake with minimal configuration. Further extending the value of these controls, Claroty maintains a vast integration ecosystem and robust API.

The Medigate and Security Lake integration’s advantage lies in its ability to import alerts into third-party SIEMs seamlessly. Syslog has long served as the de-facto interoperability “standard” for various tools to send event data to SIEMs. Almost every device can output events via syslog and offering syslog as a data ingestion capability is tablestakes for all of the SIEM vendors. But even though all of these tools use syslog to communicate, the formatting within the protocol typically varies making integrations cumbersome and burdening asset owners with technical debt to maintain the integration. There’s no longer a need for specific integrations with third-party SIEMs as long as they support Amazon Security Lake and the Open Cybersecurity Schema Framework (OCSF) format. With the data formatted using OCSF consumers of the integration can rely on a more complete and capable integration.