How to control the flood of security and compliance logs

The time a threat actor is present undetected in a network is known as dwell time, with most corporate environments experiencing an average dwell time of around 99 days. Many companies keep only 7-14 days worth of data due to high costs associated with running Elasticsearch clusters or the ELK stack. While Amazon Athena allows querying security and compliance events, managing query costs remains a challenge, often requiring additional tools for visualization. The complexity of integrating multiple services like S3, Glue, EMR, and Athena can be overwhelming. Some companies have turned to the open-source ELK stack, but this comes with its own set of challenges, such as choosing between retention and AWS bills. CHAOSSEARCH offers a solution by indexing all fields in Amazon S3 documents, allowing for seamless querying without the need for database servers or additional tools like Kibana or Tableau.