|
By Christopher Beier
Artificial intelligence is rapidly reshaping how security operations centers (SOCs) function. Many organizations are now evaluating AI-native architectures to reduce workload and accelerate investigations. A new architectural narrative is emerging. A growing set of AI-native security vendors are proposing centralizing telemetry in a warehouse and deploying AI agents to replace the operational role of the SIEM. They want to centralize telemetry, apply AI, and automate the SOC.
|
By Tamara Bailey
Healthcare organizations are a primary target for cyberattacks. Outdated legacy tech runs rampant, and ransomware attacks are shutting down hospitals, forcing them to revert to paper records and cancel non-emergency procedures. The ripple effects extend beyond the targeted facility, overwhelming neighboring hospitals, putting lives at risk.
|
By David Girvin
There’s a growing wave of “AI SOC” startups promising autonomous everything. They’ll triage your alerts, investigate threats, and even run your playbooks. Push a button, let the machine handle the mess, and enjoy the magic. It sounds great until the moment something breaks. Then everyone, not just security, asks the same question: “What exactly did it do?” And that’s when these systems turn into a liability.
|
By Adam White
You don’t need a 20-person SOC to protect your cloud-native environment. What you need is the right strategy: map your risk, embed security early, automate detection, and let smart tooling do the heavy lifting. Here’s how security and DevOps leaders with limited resources can achieve enterprise-level protection without enterprise-level headcount.
|
By David Girvin
For years, we’ve drawn this artificial line that equates observability with uptime, performance, and SRE dashboards, while security is about threats, alerts, SIEMs, and “bad things.” While that separation was always convenient, it was never real. The same logs that tell you your service is slow are the same ones that tell you it’s compromised. We just routed them to different teams, different tools, and different budgets, then acted surprised when neither side had the full picture.
|
By Michelle Beastall
If you hear that a product is 92% effective, you’d assume it’s operating as intended. It seems like a success story. But dig a little deeper, and the picture changes; only 51% say that their security information and event management (SIEM) is very effective. What does it mean when a majority of security relies on a tool that works, but doesn’t work well enough? Not broken, not exceptional. It’s somewhere in between.
|
By Michelle Beastall
Everyone is building sophisticated intelligence layers with improved models and smarter agents to automate threat detection, investigation, and response. It’s what is needed in order to mature into an AI SOC. However, the organizations seeing the most value from AI in their SOC are not focusing solely on the intelligence layer. They’re focusing on the data foundation first.
|
By Christopher Beier
Like the sands through the hourglass, so are the days of our SOC lives…. An alert surfaces, and while it doesn’t immediately signal a critical incident, it carries just enough ambiguity to require attention. An analyst opens the investigation, begins pulling in context, reviews authentication activity, pivots into endpoint data, and checks for any corresponding changes in the cloud environment.
|
By Michelle Beastall
The SOC was originally designed for a threat landscape that no longer exists. Today, the sheer number and speed of modern threats make it tough for even the best analysts to keep up. Manually sorting through huge amounts of data, dealing with alert fatigue, and relying on fixed rules make it harder to understand the full story behind each threat. The AI SOC addresses this problem, but not in the way most vendors describe. It’s not just a simple product or feature.
|
By Tamara Bailey
Tool proliferation is compounding. Alerts are multiplying faster than teams can triage them. Visibility gaps are hiding real threats. And security teams are stuck babysitting archaic security infrastructure, rather than detecting and stopping threats. Organizations across gaming, fintech, and retail are feeling the weight of traditional, on-premises SIEMs.
|
By Sumo Logic, Inc.
Join us as Senior Technical Account Specialist Trent Driesler walks through Sumo Logic’s threat intelligence capabilities, including built-in feeds from providers like Intel 471 and CrowdStrike, and how to ingest custom indicators using collectors and APIs.
|
By Sumo Logic, Inc.
In this episode of Masters of Data, we untangle the often-confused cousins of data sovereignty and data residency, because where your data lives and who actually controls it are two very different conversations. We dig into the real-world headaches facing multinational companies, from incident response teams locked out of sovereign data zones to the bureaucratic gymnastics that ensue when compliance meets practicality.
|
By Sumo Logic, Inc.
Join us as Sam steps into the shoes of a SOC analyst and see how Sumo Logic’s SOC Analyst Agent enhances your investigations.
|
By Sumo Logic, Inc.
On this episode of Masters of Data, we brought back GRC expert Cassandra Mooseburger to pull back the curtain on audits, and spoiler: it is far less scary than the IRS knocking on your door. We break down what actually separates a certification from an attestation from a report, how to run a prep process that does not send your engineering team running for the hills, and why the social capital you build across the business is just as important as the evidence you collect. If you have ever wondered how compliance work translates into closed deals and customer trust, this one connects those dots.
|
By Sumo Logic, Inc.
On this episode of Masters of Data, we sat down with Steven Manley, CTO of Druva, to get the unfiltered truth about ransomware: it's not a matter of if you'll be breached, but when, and bad actors are now launching hundreds of attacks at a surprisingly low cost. We dig into why attackers lurk undetected for 200-plus days, how AI is being weaponized for everything from eerily convincing voice phishing to secretly training your own AI systems against you, and why your most protected assets are rarely what gets hit first.
|
By Sumo Logic, Inc.
In this episode of Masters of Data, we buckle up and explore the staggering technological complexity behind the airline industry, from managing IoT devices across global fleets to navigating the data chaos of mergers and acquisitions. We dig into the delicate balance airlines strike between aging legacy systems and risky upgrades, and why getting that wrong isn't just costly but potentially catastrophic. We also look at how forward-thinking airlines are turning operational logs into real business wins, all while safeguarding the mountains of sensitive passenger data they collect every day.
|
By Sumo Logic, Inc.
As we gear up for RSA Conference, we give viewers a sneak peek at Sumo Logic's SOC analyst agent, which turns a 45-minute analyst investigation into a five-minute AI-powered sprint. We walk through live demos showing how the agent automatically generates queries, maps threats to MITRE ATT&CK, and hands you recommended remediation actions all without making you switch tabs or tools. We also show off MCP integration that lets teams collaborate on active investigations right from Slack, because no one should be chained to their war room when there's dinner to be had.
|
By Sumo Logic, Inc.
Join us as Christopher explores how to build a modern, intelligent SOC with decision-ready detection, shared adversary context, and automated response that empowers faster, more confident security operations, featuring the role of the Sumo Logic SOC Agent in streamlining investigations and accelerating response.
|
By Sumo Logic
Security information and event management (SIEM) solutions have been around since 2000, and they were developed with the goal of helping organizations in the early detection of targeted attacks and data breaches.
|
By Sumo Logic
SIEM stands for Security Information and Event Management and these solutions have been around since 2000. They were developed with the goal of helping organizations in the early detection of targeted attacks and data breaches.
|
By Sumo Logic
In this paper we will discuss some of the general philosophies and perspectives that will assist anyone who wants to securely leverage the benefits the cloud by using its strengths to overcome issues that have traditionally been labeled as weaknesses.
|
By Sumo Logic
This white paper describes the technologies and processes used by Sumo Logic to secure customer data, and provides background on the company's deeply ingrained security culture.
|
By Sumo Logic
This white paper is intended to support stakeholders movement of applications to the cloud, and provide some fundamental approaches to adopt in order to better protect every layer of the AWS infrastructure.
- May 2026 (5)
- April 2026 (11)
- March 2026 (5)
- February 2026 (9)
- January 2026 (7)
- December 2025 (7)
- November 2025 (7)
- October 2025 (4)
- September 2025 (6)
- August 2025 (7)
- July 2025 (14)
- June 2025 (3)
- May 2025 (4)
- April 2025 (2)
- March 2025 (2)
- February 2025 (1)
- December 2024 (2)
- November 2024 (4)
- October 2024 (3)
- September 2024 (4)
- July 2024 (2)
- June 2024 (2)
- May 2024 (9)
- April 2024 (4)
- March 2024 (4)
- February 2024 (2)
- January 2024 (5)
- December 2023 (1)
- November 2023 (8)
- October 2023 (5)
- September 2023 (6)
- August 2023 (5)
- July 2023 (5)
- June 2023 (5)
- May 2023 (14)
- April 2023 (5)
- March 2023 (2)
- February 2023 (3)
- January 2023 (3)
- December 2022 (4)
- November 2022 (5)
- October 2022 (3)
- September 2022 (13)
- August 2022 (1)
- July 2022 (3)
- June 2022 (5)
- May 2022 (2)
- April 2022 (4)
- March 2022 (4)
- February 2022 (3)
- January 2022 (5)
- December 2021 (5)
- November 2021 (4)
- October 2021 (8)
- September 2021 (18)
- August 2021 (13)
- July 2021 (11)
- June 2021 (6)
- May 2021 (2)
- April 2021 (2)
- March 2021 (3)
- February 2021 (2)
- January 2021 (5)
- December 2020 (8)
- November 2020 (1)
- October 2020 (4)
- September 2020 (1)
- August 2020 (1)
- July 2020 (8)
- June 2020 (7)
- May 2020 (7)
- April 2020 (4)
- March 2020 (6)
- February 2020 (5)
- January 2020 (2)
- December 2019 (2)
- October 2019 (7)
- September 2019 (5)
- August 2019 (6)
- July 2019 (2)
- June 2019 (5)
- May 2019 (2)
- April 2019 (2)
- March 2019 (4)
- February 2019 (3)
- January 2019 (2)
- November 2018 (2)
- October 2018 (1)
- July 2018 (1)
- June 2018 (1)
Empowering the People Who Power Modern Business. A Cloud-native Machine Data Analytics Platform for DevSecOps.
Sumo Logic is a secure, cloud-native, machine data analytics service, delivering real-time, continuous intelligence from structured, semi-structured and unstructured data across the entire application lifecycle and stack.
Build, run and secure your AWS, Azure, Google Cloud Platform or Hybrid applications with Sumo Logic, a cloud-native, machine data analytics service for log management and time series metrics.
- Optimize Continuous Delivery: Accelerate development, testing, & deployment of your application.
- Monitor & Troubleshoot in Real Time: Enable DevOps to proactively identify and fix performance issues.
- Secure Your Platform: Detect, investigate and respond to security issues instantly.
- Simplify Compliance Management: Ensure compliance with HIPAA, PCI, GDPR and much more.
One platform for real-time, Continuous Intelligence.