How can my team keep track of the threat landscape? What’s the best way to manage my company’s move to cloud-based and SaaS-based solutions? And how can I keep up with compliance regulations? Is there a better way to do all this?

We have all heard about Key Performance Indicators (KPIs) and how critical they can be for your security program , but confusion remains surrounding what KPIs are important to track and how they can be used to measure and improve the organization’s security program.

Does the SOC really need to be disrupted? In an EY survey, 59% of enterprises admitted experiencing a material or significant breach. Despite the fact that SOC spend dominates an organization’s cybersecurity budget, more than half of these SOCs were actually ineffective in protecting their organizations from attacks.

One of the major buzzwords when talking about cyber incident response is playbooks, advanced workflows with specific actions tailored to deal with and respond to cyber incidents. Over the past few security conferences, I have noticed something of a trend emerging that centers on the uncertainty and hesitance that some incident response teams have regarding the use of playbooks and, in particular, around the notion of automation in incident response.

After a couple of hard-working months full of exciting strategic discussions following the acquisition of DFLabs by Sumo Logic that was concluded this May, we are surely moving forward and laying the groundwork for the future of our Cloud SOAR as a part of Sumo Logic’s Modern SOC Strategy.

Our mission is to create a force multiplier for SOC teams and security analysts so they can reduce the time to verdict or judgment while triaging new Insights. At Sumo Logic, we take a different approach than other SIEM solutions. We don’t just create alerts and leave the analyst to gather other artifacts to gain context. We associate and group alerts, or what we call Signals, to an Entity (IP, User, Hostname, etc...).

Given today’s evolving multi-cloud dynamics and increasingly active threat landscapes, security teams have a greater need for integrated and scalable monitoring that provides meaningful real-time insights into the state of organizational security posture. As organizations adopt cloud-first strategies, cybercriminals have taken note and continuously evolve their tactics to gain access to valuable cloud data.

When it first burst onto the cyber security scene back in 2015, SOAR was dubbed by Gartner as a ground-breaking, revolutionary technology in the cyber security industry. Fast-forward 6 years, Security Orchestration, Automation and Response has lived up to those expectations and is rapidly growing its presence rapidly, with the SOAR market estimated to exceed $550 million by 2023 .

The move to modernize security operations to keep up with the proliferation of complex, highly ephemeral apps and infrastructure has become more daunting than ever with the added explosion of remote work and the resulting acceleration of lift-and-shift and hybrid-cloud initiatives.

It’s not every day that you get four CTOs of leading Cloud companies in a discussion about security, the changing role of the security operations center (SOC), and how best to manage data, artificial intelligence(AI), and service providers in these challenging times. To close out the 2021 Modern SOC Summit, Christian Beedgen, Sumo Logic’s CTO, hosted a discussion with Peter Silberman, CTO at Expel.io, Scott Lundgren, CTO at Carbon Black, and Todd Weber, the CTO at Optiv.

Those who don’t move forward are moving backward. This saying particularly holds true in the cyber security world, as the constantly evolving threat landscape puts enormous pressure on traditional SOC teams. Most traditional SOC teams are understaffed, lack specific skills and are overworked.