Augmented SOC Investigations with SOC Analyst Agent - Customer Brown Bag - April 23rd, 2026
Join us as Sam steps into the shoes of a SOC analyst and see how Sumo Logic’s SOC Analyst Agent enhances your investigations.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Observability is security (We just pretended it wasn't)
For years, we’ve drawn this artificial line that equates observability with uptime, performance, and SRE dashboards, while security is about threats, alerts, SIEMs, and “bad things.” While that separation was always convenient, it was never real. The same logs that tell you your service is slow are the same ones that tell you it’s compromised. We just routed them to different teams, different tools, and different budgets, then acted surprised when neither side had the full picture.
Ep 40: What to expect when you are expecting an audit
On this episode of Masters of Data, we brought back GRC expert Cassandra Mooseburger to pull back the curtain on audits, and spoiler: it is far less scary than the IRS knocking on your door. We break down what actually separates a certification from an attestation from a report, how to run a prep process that does not send your engineering team running for the hills, and why the social capital you build across the business is just as important as the evidence you collect. If you have ever wondered how compliance work translates into closed deals and customer trust, this one connects those dots.
Ep 39: This is your first ransomware attack, not ours
On this episode of Masters of Data, we sat down with Steven Manley, CTO of Druva, to get the unfiltered truth about ransomware: it's not a matter of if you'll be breached, but when, and bad actors are now launching hundreds of attacks at a surprisingly low cost. We dig into why attackers lurk undetected for 200-plus days, how AI is being weaponized for everything from eerily convincing voice phishing to secretly training your own AI systems against you, and why your most protected assets are rarely what gets hit first.
92% of security leaders say their SIEM is effective. 51% say it's exceptional. What's living in that gap?
If you hear that a product is 92% effective, you’d assume it’s operating as intended. It seems like a success story. But dig a little deeper, and the picture changes; only 51% say that their security information and event management (SIEM) is very effective. What does it mean when a majority of security relies on a tool that works, but doesn’t work well enough? Not broken, not exceptional. It’s somewhere in between.
Ep 38: Wheels up, systems down: cybersecurity at cruising altitude
In this episode of Masters of Data, we buckle up and explore the staggering technological complexity behind the airline industry, from managing IoT devices across global fleets to navigating the data chaos of mergers and acquisitions. We dig into the delicate balance airlines strike between aging legacy systems and risky upgrades, and why getting that wrong isn't just costly but potentially catastrophic. We also look at how forward-thinking airlines are turning operational logs into real business wins, all while safeguarding the mountains of sensitive passenger data they collect every day.
Your AI SOC still needs a SIEM. Here's why that won't change.
Everyone is building sophisticated intelligence layers with improved models and smarter agents to automate threat detection, investigation, and response. It’s what is needed in order to mature into an AI SOC. However, the organizations seeing the most value from AI in their SOC are not focusing solely on the intelligence layer. They’re focusing on the data foundation first.
HOSPITAL TECH IS A NIGHTMARE #podcast #cloudsecuritypodcast #cybersecurity
#podcast #cloudsecuritypodcast #cybersecurity
Cybercrime is a Business! #podcast #cloudsecuritypodcast #cybersecurity
#podcast #cloudsecuritypodcast #cybersecurity
The coefficient of security friction is slowing teams down. How can you fix it?
Like the sands through the hourglass, so are the days of our SOC lives…. An alert surfaces, and while it doesn’t immediately signal a critical incident, it carries just enough ambiguity to require attention. An analyst opens the investigation, begins pulling in context, reviews authentication activity, pivots into endpoint data, and checks for any corresponding changes in the cloud environment.