The next generation of SecOps starts in the Dojo

Yes. Dojo AI leverages foundation models securely hosted through Amazon Bedrock.

Agent interaction with customer data varies by capability.

Mobot (including Query Agent and Knowledge Agent) and Summary Agent do NOT process or analyze customer data.

The SOC Analyst Agent (in preview as of February 2026 with certain chosen customers) processes customer data in order to help review insight data, correlate activity, and assist in triage and investigation as directed by the user.

Any AI capability that processes customer data:

• Is available only through explicit customer opt in (never automatically provisioned)
• Requires execution of the applicable AI addendum to the client agreement

Customers retain control over whether these data-processing capabilities are enabled in their environment.

Sumo Logic AI capabilities follow strict legal, compliance, and security standards to ensure data minimization and fit-for-purpose processing.

• Customer data is never used to train AI models, shared externally, or used to improve global models.
• Data remains within the customer’s environment and is processed only to deliver results back to that customer.
• Sumo Logic applies strong safeguards and filtering to ensure sensitive data is handled securely and appropriately at all times.

Capabilities that process customer data–including the SOC Analyst Agent (beta as of February 2026)–are available only through explicit customer opt-in and require execution of the applicable AI addendum. These capabilities are never automatically provisioned.

No. Customer data is never used to train AI models.

All Sumo Logic AI capabilities are designed to serve customer-specific outcomes within their own environment. Mobot uses a Large Language Model (LLM) via Amazon Bedrock, which processes data securely and does not retain or use customer information for training or other external purposes.

Traditional machine learning (ML) features, such as AI-driven alerts, generate models specific to each customer’s environment and are never shared or made public.

For more information, see the security and compliance page of our help docs.

Dojo AI leverages foundation models securely hosted through Amazon Bedrock.

When customer data is processed using Amazon Bedrock:

• Customer inputs and outputs are treated as Customer Content under AWS terms.
• AWS does not use Customer Content to train models or improve Amazon Bedrock.
• AWS may access Customer Content only as necessary to provide the service or comply with law.
• Third-party model providers (such as Anthropic) do not have access to customer inputs or outputs.
• Customer inputs and outputs are not shared with model providers and are not used to train external models.

In summary, customer data processed through Dojo AI remains within Sumo Logic’s secure environment and is used only to deliver results for that customer. It is not used to train foundation models or shared with model providers.

Dojo AI and classical ML features store data only temporarily to optimize performance:

• AI-driven alerts use a rolling 60-day data window, retraining weekly and expiring the oldest data automatically.
• Mobot may temporarily retain query history in a rolling window to improve conversational context and response accuracy.

All stored data follows Sumo Logic’s data retention and deletion policies, ensuring customer information is never retained longer than necessary.

Sumo Logic is currently reviewing AI Compliance within a rapidly evolving framework, in particular ISO 42001 as designed to help organizations implement AI responsibly.

Sumo Logic AI capabilities operate within our existing industry-recognized security and compliance framework, including FedRAMP Moderate, SOC 2 Type 2, HIPAA, PCI DSS 4.0.1, and ISO 27001:2022. These attestations govern the confidentiality, integrity, and protection of customer data.

Availability of specific AI capabilities may vary by deployment region (including FED) based on compliance boundary requirements.

The current GA versions of Mobot (including Query Agent and Knowledge Agent) and Summary Agent are available in the FED deployment.

The SOC Analyst Agent and certain newer Dojo AI capabilities are not currently available in FED. These capabilities depend on underlying model configurations that do not yet meet the requirements of our FED compliance boundary.

We are actively evaluating future availability of these capabilities in FED as underlying model support and compliance requirements evolve.

Our Generative AI model is licensed and securely hosted via Amazon Bedrock, meaning it is not directly accessible by Sumo Logic, or Customers, or third parties.

All new AI capabilities and features undergo comprehensive legal, compliance, and application security reviews before release. These reviews ensure data protection, privacy, and regulatory alignment.

Additionally, recurring reviews are conducted with every major update—particularly when a capability introduces new analytics or processes previously unused data types—to maintain ongoing trust and compliance across our AI ecosystem.

Yes. Customers can opt out of specific AI features at any time by submitting a support ticket.

For a complete overview of everything included in Sumo Logic’s AI portfolio, click here.