AWS AppFabric Features

SaaS application audit logs (for example, event type, workspace name, actor identifier, or device details) are automatically normalized into the Open Cybersecurity Schema Framework (OCSF), or raw data is made available in two data formats—JSON or Apache Parquet. AppFabric only normalizes usage data for applications authorized in the AWS Management Console. Once authorized, AppFabric automatically ingests and normalizes application data. Data is sent to Amazon Simple Storage Service (Amazon S3) or through Amazon Kinesis Data Firehose. Using Amazon Kinesis, you can also deliver this data to Amazon Security Lake. From Amazon S3, Kinesis, or Security Lake, audit log data is sent to the security tool of your choice. 

AppFabric automatically enriches each application’s audit log data with a user email address when applicable (when user identity [UID] is matched to the employee email address). By enriching each audit log event with a user identifier (email address), security teams can reduce security incident response time. With this feature, security analysts will more easily know which user an anomalous event is related to, enabling a faster incidence response. For example, if there is a large volume of logins from the same user across SaaS applications, a common user email address will help security analysts determine the source user faster. Previously, they would see only app-specific UIDs and would have to look up those UIDs in SaaS applications to determine the user.

Quickly manage employee access to the applications that they need. Security and IT admin teams can use AppFabric to quickly see who has access to what application(s) by running a simple search using the employee’s corporate email address. AppFabric will then verify application access or deprovisioning status across all connected applications.

AppFabric is at the forefront of creating baselines for SaaS applications. AppFabric closely works with the open-source OCSF community to create new event categories and classes. Together, we have introduced Application Activity as an OCSF event category and introduced activities (like export) specific to SaaS applications in the OCSF.

AWS AppFabric productivity feature reimagines end-user productivity in SaaS applications by generating insights and actions with context from multiple applications including Asana, Atlassian Jira suite, Miro, Slack, Smartsheet, Microsoft 365, and Google Workspace.

AppFabric helps application developers provide generative AI-driven insights in the end user’s preferred SaaS application user interface (UI), creating new or enhancing existing generative AI assistants across multiple applications. Application developers embed AppFabric directly into their application’s UI, maintaining a consistent experience for their end users while surfacing relevant context from other applications. This increased context allows app developers to provide a more personalized end-user experience that increases adoption and loyalty, and end users benefit from accessing insights they need without interrupting their flow of work. For example, AppFabric APIs could generate meeting preparation notes, draft emails, create tasks, and initiate other action items with context and content from across a user’s applications.

For application developers, embed AppFabric in your application today by following this step-by-step guide. If you’re an end user interested in using AppFabric for productivity, request access from your favorite application.