Case Study: Siemens achieves 60,000 threat evaluations per second with AWS Glue

Siemens Handles 60,000 Cyber Threats per Second Using AWS Machine Learning

Siemens, the 170-year-old global technology leader, needed to protect itself and customers from an accelerating wave of cybercrime that produced hundreds of thousands of new malware samples. The Siemens Cyber Defense Center built an AI-enabled, high-speed analytics platform on AWS using services including Amazon SageMaker, AWS Lambda, Amazon S3—and AWS Glue for fully managed ETL—to automate threat detection and response at scale.

With AWS Glue as the ETL backbone of the serverless pipeline, Siemens’ CDC uses SageMaker and Lambda against an S3 data lake to evaluate about 60,000 potentially critical events per second and ingest roughly 6 TB of log data per day. The solution enables forensic analysis on years of data without degrading SIEM performance, is operated by a 12-person team, and—according to Siemens—exceeds the strongest published benchmarks while materially reducing false alarms.

Siemens

Jan Pospisil

Senior Data Scientist