May 30, 2023

Swimlane Integrates with Amazon Security Lake to Achieve a Cost-Effective Security Cloud

Turbine becomes the industry’s key full-stack cloud-native security automation platform, allowing AWS customers to extend their security cloud beyond the SOC.

BOULDER, Colo. – May 30, 2023 – Swimlane, a low-code security automation company, today announced integration with Amazon Security Lake from Amazon Web Services (AWS), bringing the power of security automation to AWS environments via a cost-effective solution. Swimlane Turbine is a cloud-native platform that helps customers automate responses to security data, resulting in greater visibility, reduced risk, and faster response times.

Amazon Security Lake is a service that automatically centralizes security data from across their AWS environments, leading SaaS providers, on-premises, and cloud sources into a purpose-built data lake so customers can act on security data faster and simplify security data management across hybrid and multi-cloud environments. Amazon Security Lake manages data throughout its lifecycle with customizable data retention settings and converts and conforms incoming security data to the Open Cybersecurity Schema Framework (OCSF) open standard, making it easier to automatically collect, combine, and analyze security data from AWS, security partners, and analytics providers.

“As one of the SOAR launch partners for Amazon Security Lake, Swimlane’s relationship with AWS allows security customers to harness the power of Turbine to accelerate automation across their security program regardless of the technology stack,” said Mike Kay, Senior Vice President of Business Development at Swimlane. “Our transition to a cloud-native architecture and work with AWS will enable advanced automation use cases previously unavailable to AWS customers.”

Low-Code Security Automation Meets AWS

The integration with Swimlane Turbine provides Amazon Security Lake customers with a cost-effective solution that accelerates investigation and response when threats occur. Applying automation to AWS data can help to expedite the adoption of new security tools, increasing the return on investment of an organization’s entire security program. The seamless integration of Turbine and Amazon Security Lake also delivers faster time to value for customers. AWS customers can use pre-paid credits to purchase Swimlane Turbine in AWS Marketplace, simplifying their procurement and billing process. 

Turbine customers will be able to benefit from this integration with Amazon Security Lake at no additional cost. It allows them to ingest security information from Amazon Security Lake and AWS Security Hub into Turbine and action the data through low-code playbooks and case management. The Turbine integration makes it easy for customers to get started with automating the ingestion, correlation, and response actions derived from various AWS services, including Amazon GuardDuty, Amazon Macie, AWS CloudTrail, Amazon Route 53, VPC Flow logs, and many others. Turbine’s OCSF-compliant content removes the need for developers to create custom mapping for security alerts from new data sources. Customers will be able to download the connector in AWS Marketplace and Swimlane Marketplace.

 “The integration of Swimlane with Amazon Security Lake makes it easier and faster for us to respond to any incidents, especially since all of our engineers are familiar with AWS. This includes being able to quickly ingest data stored within Amazon Simple Storage Service (Amazon S3). We are excited to explore the new possibilities with Swimlane’s integration with Amazon Security Lake,” said Jesse Baylin, Principal Security Engineer at Cylitic.

Introducing Turbine’s Cloud-Native Infrastructure

Turbine’s cloud-native infrastructure, built on AWS, provides customers with a low-code security automation solution that is faster to deploy and less infrastructure to manage compared to legacy on-prem security orchestration, automation, and response (SOAR) solutions. Turbine cloud customers will benefit from key features like:

  • Multi-tenant Infrastructure and Application with Multi-region Support: Multi-tenant infrastructure delivers lower cost of goods sold for service providers and managed security service providers (MSSPs) so that they improve the cost efficiency of their security offerings and maximize ROI. Being a multi-tenant application delivers account structure and account level capabilities that optimize the user experience to deliver greater control to MSSPs and enterprises. 
  • Enhanced Scalability: Turbine’s cloud-native infrastructure provides auto-scaling that allows for rapid elasticity and resource pooling to enable automated onboarding of new customers and the ability to autoscale to support increases in workloads.
  • Cloud-Native Computing: The infrastructure provides continuous integration and continuous delivery, resulting in 99.9% availability and zero downtime (ZDT) updates.
  • Serverless-like Experience: Turbine remote agents allow customers to run any language function inside of the agent to achieve a serverless-like experience for security use cases, providing a brand-new developer experience that can be run in the cloud or as an edge computing service.

“Swimlane has always taken a deployment agnostic approach to software, and Turbine is no different,” said Frans Xavier, chief technology officer and senior vice president of engineering at Swimlane. “Swimlane’s cloud architecture and on-premises deployments have the same capability making it the preferred model for many customers as it improves the ease with which security teams leverage all the benefits of our low-code security automation platform.”

Key Resources:

About Swimlane

Swimlane is the leader in cloud-scale, low-code security automation. Swimlane unifies security operations in-and-beyond the SOC into a single system of record that helps reduce process and data fatigue, overcome chronic staffing shortages, and quantify business value. The Swimlane Turbine platform combines human and machine data into actionable intelligence for security leaders.  For more information, visit

Request a Live Demo