Subscribe to our newsletter

AWS Integrations for Avalor’s Data Fabric for Security™

June 12, 2023


Kfir Tishbi

Avalor's data fabric is cloud-agnostic, integrating with more than 100 different data sources including AWS, Azure, GCP, and private clouds. In this blog post, Avalor CTO Kfir Tishbi shares details on all of the data integrations our platform supports for AWS customers including AWS Security Lake and AWS Cloud Security services.

AWS and Avalor logos

This week, our team is excited to be at the AWS re:Invent conference! If you’re also attending and would like to meet up in-person, drop us a line at

To provide our customers with the maximum value of a data fabric architecture, Avalor can ingest and process any data from any source in any format. Therefore, our data fabric is also cloud-agnostic, integrating with more than 100 different data sources including AWS, Azure, GCP, and private clouds.  

Security teams are dealing with disparate data sources created by a myriad of different tools spread across their organization. This often happens because teams choose best-in-breed or specialized tools that are really effective at one particular purpose. These tools also tend to have their own data taxonomy, format, and output making it overwhelming, if not impossible, to access and make sense of all available data, in aggregate and with the appropriate context. 

In a nutshell, Avalor’s Data Fabric for Security™ works like this:

      1. Data is ingested through whatever delivery method the source uses such as API, email, webhooks, S3, etc. 

      2. Data is parsed and processed in whatever file format it comes in (e.g. zip file, Excel, PDF, CSV, JSON, etc.) to extract records of information.

      3. Data is mapped into the customer’s security data knowledge graph in Avalor. 

Turning the complexity of consuming and extracting data from any source and any format into a seamless experience for the security domain is the magic behind Avalor. We make sense of all the bits and bytes of data so security teams can make faster, more accurate decisions.

Integrating Data from an AWS Account 

Life is easy for Avalor customers because we’re on the same cloud platforms they are! For example, the AWS Cross-Account access function allows our customers to create an account for Avalor’s data fabric in their own domain and give our platform direct access to technical data – like VPC flow logs, WAF logs, and any kind of events that are generated by the AWS account – without having to share account credentials or transfer data outside the customer’s AWS environment. This also means customers can enforce their own security rules and compliance controls on the data, including revoking access permission at any time. This is a critical capability for customers operating under strict regulatory or contractual requirements like HIPAA and FedRAMP. 

Avalor’s data fabric can ingest data from any delivery method provided by a customer’s AWS Security Lake (OCSF) such as AWS Kinesis Data Firehose, Amazon SQS, Amazon SNS, Amazon SES, and database’s change data capture (CDC) delivered by Kafka, FTP, HTTP uploads regardless of which security tool or vendor generates that data.

Integrating Data from AWS Security, Identity, & Compliance Services

Avalor’s data fabric can also process data from any AWS Cloud Security service including:  

Identity and access management 

AWS Identity and Access Management (IAM), AWS IAM Identity Center, Amazon Cognito, Amazon Verified Permissions, AWS Directory Service, AWS Resource Access Manager, AWS Organizations


AWS Security Hub, AWS GuardDuty, Amazon Inspector, Amazon Security Lake, AWS Config, Amazon CloudWatch, AWS CloudTrail, AWS IoT Device Defender

Network and application protection

AWS Firewall Manager, AWS Network Firewall, AWS Shield, AWS Verified Access, AWS Web Application Firewall (WAF), Amazon Route 53 Resolver DNS Firewall

Data protection

Amazon Macie, AWS Key Management Service (AWS KMS), AWS CloudHSM, AWS Certificate Manager, AWS Private Certificate Authority, AWS Secrets Manager

Incident response 

Amazon Detective, AWS Elastic Disaster Recovery


AWS Artifact, AWS Audit Manager

How Avalor Uses AWS

We use AWS to run our own business including accessing the latest and greatest SaaS applications, and conducting trusted and insured financial transactions with international customers through AWS Marketplace. 

We also use AWS to adapt and scale our resources based on customer needs. We can ramp up resources for clients going through periods of heavy workload, like an M&A transaction, and then scale down as their workload returns to normal levels. The elasticity of AWS enables us to offer adjustable pricing and to pass on price reductions to our customers. 

To learn more about our 100+ data integrations, including AWS and other cloud platforms, reach out to our team here

Related articles

Read more on this and similar topics.

View all posts
Data fabric illustration

What Security Leaders Need to Know About Data Fabric Architecture

Avalor CEO Raanan Raz explains how a data fabric architecture solves security's greatest data challenge.

Abstract image for Avalor AnySource Connector

Avalor’s AnySource™ Connector and Integrations Library: Powering Our Any Data Source, Any Format Difference

Being able to ingest some, but not all of your organization's data sources means you’re still missing a lot. In this blog post, Timna Carmel, VP of Product at Avalor, explains how the hundreds of integrations available with the Avalor platform enable enterprises to ingest, normalize, and analyze data from anywhere in the tech stack to provide full coverage of all your data.