Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

sumologic

Detecting SHA1-Hulud: the logs must flow

Nov 26, 2025 By Daniel Kaiser In Sumo Logic
Sha1-Hulud has burrowed back into our lives, spreading rapidly and causing more destruction than ever. Named after the famous worm from the Dune franchise, this attack is also impacting global organizations. Since its first widescale spread on September 16, 2025, this worm has demonstrated its ability to propagate rapidly with high impact using the following techniques: This variant includes some new behavior, including.
Read Post

Ep 19: The atomic habits of cybersecurity professionals

Nov 25, 2025 By Sumo Logic, Inc. In Sumo Logic
In this Masters of Data episode, we welcome back Zoe Hawkins and Roland Palmer to discuss building better security practices through small, incremental improvements personally and professionally. We emphasize regularly auditing security policies to avoid unnecessary friction that forces workarounds, treating security as sociology rather than just technology. We cover practical approaches like habit-stacking, weekly business reviews, staying informed about threats through intentional news consumption, and developing cognitive humility with security prompts.
View Video
sumologic

You can't secure what you can't see: Why AgentCore logs matter

Nov 20, 2025 By David Girvin In Sumo Logic
AI agents are finally moving past cute demos and into actual production workflows. With AWS AgentCore, teams can build agents that write tickets, call APIs, deploy infrastructure, invoke external tools, and make changes faster than any human operator ever could. That’s powerful, but it also introduces a brand-new operational and security surface. And here’s the uncomfortable truth: most organizations have no idea what their agents are actually doing. Agentic AI isn’t magic.
Read Post
sumologic

Why your security analytics needs proactive threat hunting

Nov 19, 2025 By Christopher Beier and Janet Alexander In Sumo Logic
Even the mightiest and most prestigious companies and enterprises are not exempt from the sophisticated threats posed by cyber attackers. Your security team needs robust security measures for network security, endpoint security, threat detection, anomaly detection, data protection, security monitoring, application security and information security.
Read Post
sumologic

Why your security needs a modern SIEM solution

Nov 13, 2025 By Sridhar Karnam In Sumo Logic
Not investing in a Security Incident and Event Management (SIEM) solution means you’re missing out on significant business benefits. A SIEM platform provides real-time detection and response to security incidents, helping you reduce the risk of costly compliance violations. Combine that with SIEM use cases such as consolidating and streamlining reporting, and your security team saves time and operational costs.
Read Post
sumologic

Faster security investigation with Cloud SIEM playbooks

Nov 6, 2025 By Peter Kazmir In Sumo Logic
Playbooks — and automated processes in general — were once primarily associated with security orchestration, automation and response (SOAR) platforms, but that has changed recently. Many modern security information and event management (SIEM) solutions have started incorporating SOAR-like functionality, enabling you to automate security workflows and improve your mean time to detect (MTTD) and mean time to respond (MTTR).
Read Post
sumologic

Why the Gartner Critical Capabilities for SIEM report belongs in every buyer's toolkit

Oct 30, 2025 By Christopher Beier In Sumo Logic
Have you ever wished for a tool that could guide you, even on the foggiest days? That was my father’s compass. He carried it not because it told him where he was, but because it reminded him where true north was. I spent twelve years in the U.S. Navy as a cybersecurity practitioner, and that same compass has stayed with me. And in the world of SIEM and threat detection, the Gartner Critical Capabilities for Security Information and Event Management (SIEM) report feels like that compass.
Read Post

Ep 15: Beginner's guide to security tools

Oct 21, 2025 By Sumo Logic, Inc. In Sumo Logic
In this episode, we run through our beginner's guide to security tools, emphasizing the importance of people, processes, and technology. We chat about the NIST framework as a foundational resource for building security programs, highlighting key steps such as identifying and managing risks. We also discuss basic tools like password managers and multifactor authentication as essential for enhancing security, particularly against threats like phishing. Finally, we explore the integration of AI in security and its potential to improve efficiency while maintaining human oversight.
View Video

Ep 14: Security IS observability: Prove us wrong

Oct 17, 2025 By Sumo Logic, Inc. In Sumo Logic
In this episode, we discuss the critical intersection of security and observability within organizations. We highlight the often contentious relationship between security analysts and SREs, emphasizing the importance of fostering a collaborative culture to effectively address incidents. All teams should focus on solutions rather than blame, as user experience is affected by both security and infrastructure issues. We explore how to break down silos, especially in the context of AI security, and encourage cross-disciplinary learning to enhance overall security practices.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.