diff --git a/Security.md b/Security.md
index da4faf5..0f3914e 100644
--- a/Security.md
+++ b/Security.md
@@ -11,6 +11,7 @@
 - [Instance Metadata Service (IMDS)](./Security/aws_metadata/)
 - [GuardDuty](./GuardDuty/)
 - [Security Hub](./SecurityHub/)
+- [Security Lake](./SecurityLake/)
 - [Verified Permissions](./VerifiedPermissions/)
 
 ---
diff --git a/SecurityLake/README.md b/SecurityLake/README.md
new file mode 100644
index 0000000..c621253
--- /dev/null
+++ b/SecurityLake/README.md
@@ -0,0 +1,14 @@
+# Security lake
+
+- [Useful Libs and Tools](#useful-libs-and-tools)
+- [Useful Articles and Blogs](#useful-articles-and-blogs)
+
+
+---
+## Useful Libs and Tools
+
+- [Security Lake OCSF Queries](https://github.com/awslabs/aws-security-analytics-bootstrap/tree/main/AWSSecurityAnalyticsBootstrap/amazon_security_lake_queries)
+
+## Useful Articles and Blogs
+
+- [How to share security telemetry per OU using Amazon Security Lake and AWS Lake Formation](https://aws.amazon.com/blogs/security/how-to-share-security-telemetry-per-ou-using-amazon-security-lake-and-aws-lake-formation/), AWS, 2023-11-02