Sumo Logic to Scale SecOps for Modern Enterprises with Wave of New Innovations Built on Leading Log Analytics Platform

  • May 12, 2023

Sumo Logic, the SaaS analytics platform to enable reliable and secure cloud-native applications, recently announced several native innovations across the Sumo Logic platform to give security analysts better visibility to solve new use cases and enable coordinated defense.

“Siloed tools and teams are a major barrier to scaling security operations and addressing the dynamic threat landscape of cloud-developed applications,” said Dave Frampton, senior vice president and general manager, Security Business Unit at Sumo Logic. “By combining SIEM, UEBA, SOAR, and log analytics with comprehensive observability capabilities in an integrated platform, we’re enabling seamless collaboration across the DevOps, application and security teams which all play essential roles in modern defense.”

Acknowledges one early adopter, “Sumo Logic gives us the opportunity to accelerate and expand growth and adoption of behavioral analytics across our organization. With the number of potential unknown threats to investigate, it is easier for us to make confident, data-driven decisions quickly,” said Brandon Hess, a Security Architect with deep experience in both the financial and professional services sectors.

Here are the new benefits:

Native UEBA threat detection for greater transparency, increased flexibility. Previous generations of UEBA anomaly detection have been plagued by problems with false positives, complexity and tuning limitations. Sumo Logic Cloud SIEM addresses these challenges with new UEBA capabilities delivering transparent, configurable, tunable detection and base-lining – fully integrated with all other detection tools. With this distinct advantage, Sumo Logic preserves the benefits of identifying unknown threats, insider threats, and user/entity profiling without the drawbacks of previous industry UEBA solutions. Extending its heritage as a leader in log analytics, Sumo Logic takes UEBA one step further to address new classes of use cases in application security and observability.

Efficient automation and enrichment from Cloud SOAR. Current SIEM offerings have difficulty contextualizing real threats and security analysts must pivot to other tools – threat intelligence, DDOS, malware, lateral movement or phishing, and a plethora of other enrichment capabilities – to deal with the huge volume and wide variety of alerts generated. Delivering automation at cloud scale, Sumo Logic introduces Cloud SIEM Automation Service, a marriage of Cloud SOAR with Cloud SIEM. Today, security analysts can more efficiently automate the data from alerts, telemetry and enrichment.

ML-powered detection, investigation. Built to help security engineers and security analysts tune threat detection logic to minimize false positives and boost true positives, Sumo Logic introduces Cloud SIEM Insight Trainer. Insight Trainer applies ML to understand patterns in the data and automatically suggests detection logic severity and tuning adjustments. When recommendations are applied on a regular basis, Sumo Logic Cloud SIEM enables SOC teams to focus attention on true indicators of compromise. As a result, overall security posture is improved with high-fidelity signals. To accelerate security investigations, Sumo Logic introduces its integration of ChatGPT with its powerful automation and orchestration solution, Cloud SOAR. With this integration, security analysts can quickly identify best practices within documented incident management framework with SOAR investigation workflows.

Featured

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3