Support
language switcher
Deutsch 日本語 한국어
Login
Get started

Schedule

Book a live demo

Schedule a demo with a Sumo Logic expert.

Watch

Recorded demo

Watch a pre-recorded demo at your own pace.

Click

Interactive product tours

Explore our clickable demos.

Talk

Contact sales

Discuss how Sumo Logic fits your needs.

Try

30-day free trial

Trial the platform and access pre-built dashboards.
Pricing Login Free trial Support
Dojo AI New Multi-agent AI platform
The Platform

Monitor, troubleshoot, automate, and defend
Powered by AI/ML

Proprietary algorithms, machine learning, and generative AI
What’s new

See our latest releases
Dojo AI Dojo AI
New
Multi-agent AI platform
Intelligent Security Operations
Cloud SIEM

Discover threats faster and respond smarter
Logs for Security

Unlock cloud security with powerful log visibility
Intelligent Cloud Operations
Monitoring and Troubleshooting

Log analytics to detect and resolve issues fast
Powerful integrations
opentelemetry page Amazon Web Services – App Catalog Google Cloud Platform – App Catalog Microsoft Azure – App Catalog
Trusted and certified
All an engineer has to do is click a link, and they have everything they need in one place. That level of integration and simplicity helps us respond faster and more effectively.
Sajeeb Lohani
Global Technical Information Security Officer (TISO), Bugcrowd
Read case study

BY SECURITY USE CASE

SecOps Threat detection PCI compliance Security data lake Cloud SOAR

BY OBSERVABILITY USE CASE

Log Management Infrastructure Monitoring Application Observability AWS Monitoring Kubernetes Monitoring

BY INDUSTRY

Education Finance Gaming Manufacturing Public sector Retail Tech/SaaS

BY COMPETITION

vs Splunk vs Google SecOps vs Datadog vs Elastic vs Microsoft Sentinel vs Qradar
APIs Community Documentation Getting started GitHub Integrations Release notes Security response
Gartner Critical Capabilities report
Download report
Secure your Slack environment
Read article
Top five Sumo Logic shortcuts
Read article
How log management protects your security stack
Read article

LEARN

Blog Briefs Competitors Customer stories Glossary Guides

ENGAGE

Interactive Demos Events Partners Videos Webinars Podcast

TRAIN

Support Services Training Certifications

COMMUNITY

Docs Integrations GitHub Open Source OpenTelemetry Collector
About Us Careers Leadership Newsroom Partners Contact us

Schedule

Book a live demo

Schedule a demo with a Sumo Logic expert.

Watch

Recorded demo

Watch a pre-recorded demo at your own pace.

Click

Interactive product tours

Explore our clickable demos.

Talk

Contact sales

Discuss how Sumo Logic fits your needs.

Try

30-day free trial

Trial the platform and access pre-built dashboards.

Glossary

Software as a Service (SaaS)


A


B


C


D


E


F


G


H


I


J


K


L


M


N


O


P


Q


R


S


T


U


V


W


X


Y


Z

Table of contents

    What is SaaS?

    Software as a Service (SaaS) is a cloud computing model where a SaaS provider hosts a software application on its own infrastructure and delivers it to customers over the internet. Instead of purchasing and installing traditional software on local servers, customers access the SaaS application through a web browser and pay a recurring subscription fee.

    In the SaaS model, the software vendor manages the entire underlying infrastructure, such as the servers, storage, networking, operating systems, updates, and security, while customers simply log in and use the application.

    Key takeaways

    • In the SaaS model, rather than purchasing a physical copy of an application and installing it on a local server, the customer relies on the software vendor to facilitate access to the application via the internet, hosting and maintaining it on their own servers.
    • For SaaS companies, the method of delivering an application through the internet means easier and more convenient application access for customers in a variety of contexts.
    • The SaaS software delivery model helps to reduce the cost and time to deploy a new piece of software, creates increased certainty around annual cost-of-ownership for software, reduces costs, and outsources labor tasks that would otherwise have to be performed in-house.
    • A growing need for unified management solutions for cloud-based applications has more organizations turning to Sumo Logic’s operations analytics platform.

    How does SaaS work in cloud computing?

    The defining characteristic of the SaaS model is that customers pay a monthly or annual subscription to access a hosted application. The SaaS provider handles:

    • Server maintenance
    • Performance updates
    • Patch management
    • Data security
    • Scalability
    • Availability

    Unlike traditional software deployments — where organizations must purchase hardware, install the software application, and maintain servers — SaaS companies centralize management in the cloud.

    SaaS applications are typically accessed through a web browser and can be used on a computer, tablet, or mobile device without complex installation.

    SaaS vs. IaaS

    SaaS, IaaS (infrastructure-as-a-service) and PaaS (platform-as-a-service) together make up the three most common models of cloud service delivery. They differ only in terms of which parts of the technology stack are managed by a vendor or third party and which are managed in-house.

    When a company chooses to host an application on-premises, it manages every aspect of the technology stack. This includes applications, data, runtime, middleware, the operating system, virtualization, servers, storage and networking.

    If a company purchases IaaS, it still manages nearly the entire technology stack. In this model, third-party vendors handle servers, storage and networking functions.

    PaaS provides an even greater level of outsourcing, with only applications and data managed in-house and all the rest of the technology stack functions outsourced to an application service provider.

    In the SaaS model, organizations outsource the entire technology stack. Networking, storage, servers, virtualization services, operating systems, middleware, runtime, data and the application itself are all hosted by a third-party vendor and none of the functions are managed in-house.

    Advantages of the SaaS software delivery model

    Applications are easy to access

    SaaS applications are typically hosted through the internet, which makes them accessible from any connected device. Computers, tablets, and mobile phones can all be used to access and interact with hosted applications. In the past, licensed applications that were hosted on a company’s internal servers might be accessible exclusively through the company intranet. For SaaS companies, the method of delivering an application through the internet means easier and more convenient application access for customers in a variety of contexts.

    Third-party host performs updates and maintenance

    Contracting with a SaaS software provider can relieve your in-house IT organization from significant labor overhead in the form of routine server maintenance, patch management and performance updates. When you purchase physical software from a vendor and install it on your own servers, your IT organization will be responsible for discovering, downloading and implementing any software updates or patches. If you choose to subscribe to Software-as-a-Service, the vendor takes responsibility for server maintenance, installing patches, and ensuring the availability of the application.

    SaaS solutions offer excellent vertical scalability

    One of the key advantages of hosted applications in the SaaS delivery model is the ease with which they can be scaled. When customers require additional bandwidth, more servers, additional licenses, or more features, the software vendor can typically deliver on those requirements relatively quickly. With a reliable SaaS provider, organizations can expand IT infrastructure and capacity without the additional overhead expense of new servers and networking equipment.

    SaaS solutions help reduce upfront costs

    The SaaS business model has played a major role in enabling more companies to adopt a greater variety of software solutions and expand their respective IT infrastructure and capabilities without taking on massive capital costs. In the past, organizations that wanted to implement a new software solution would have to purchase the application, customize it to their requirements and install and host it on their servers. SaaS companies use economies of scale to minimize the cost of hosting their application for all of their customers. They also play a role in ensuring customer satisfaction by managing the availability and downtime of their applications, and by providing customer support when necessary.

    How Sumo Logic supports your SaaS products with cloud monitoring tools

    Two of the biggest challenges faced by companies adopting multiple SaaS solutions are obtaining a unified view of network activity and security, and effectively managing cloud-based applications. A growing need for unified management solutions for cloud-based applications has more organizations turning to Sumo Logic’s operations analytics platform, which uses machine learning to help reduce application downtime, troubleshoot errors and optimize the customer experience.

    FAQs

    SIEM delivers superior incident response and enterprise security outcomes through several key capabilities, including:

    Data collection – SIEM tools aggregate event and system logs and security data from various sources and applications in one place.

    Correlation – SIEM tools use various correlation techniques to link bits of data with common attributes and help turn that data into actionable information for SecOps teams.

    Alerting – SIEM tools can be configured to automatically alert SecOps or IT teams when predefined signals or patterns are detected that might indicate a security event.

    Data retention – SIEM tools are designed to store large volumes of log data, ensuring that security teams can correlate data over time and enabling forensic investigations into threats or cyber-attacks that may have initially gone undetected.

    Parsing, log normalization and categorization – SIEM tools make it easier for organizations to parse through logs that might have been created weeks or even months ago. Parsing, log normalization and categorization are additional features of SIEM tools that make logs more searchable and help to enable forensic analysis, even with millions of log entries to sift through.

    Popular SIEM use cases include:

    Compliance – Streamline the compliance process to meet data security and privacy compliance regulations. For example, to comply with the PCI DSS, data security standards for merchants that collect credit card information from their customers, SIEM monitors network access and transaction logs within the database to verify that there has been no unauthorized access to customer data.

    Incident response – Increase the efficiency and timeliness of incident response activities. When a breach is detected, SecOps teams can use SIEM software to quickly identify how the attack breached enterprise security systems and what hosts or applications were affected by the breach. SIEM tools can even respond to these attacks through automated mechanisms.

    Vulnerability management – Proactively test your network and IT infrastructure to detect and address possible entry points for cyber attacks. SIEM software tools are an important data source for discovering new vulnerabilities, along with network vulnerability testing, staff reports and vendor announcements.

    Threat intelligence – Collaborate closely to reduce your vulnerability to advanced persistent threats (APTs) and zero-day threats. SIEM software tools provide a framework for collecting and analyzing log data that is generated within your application stack. With UEBA, you can proactively discover insider threats.

    Identity and Access Management (IAM):

    • Use multi-factor authentication (MFA) and role-based access controls (RBAC).
    • Regularly review permissions based on the principle of least privilege.

    Data encryption:

    • Encrypt data both in transit and at rest, using tools like AWS KMS or Azure Key Vault for key management.

    Network security:

    • Use virtual private clouds (VPCs) and security groups to control traffic.
    • Monitor network traffic for suspicious activities.

    Monitoring and logging:

    • Enable comprehensive logging and use tools like security information and event management (SIEM) solutions for monitoring.
    • Set up alerts for potential security incidents.

    Incident response and recovery:

    • Develop and test an incident response plan.
    • Regularly back up critical data and test restoration processes.

    Patch management:

    • Regularly update software and implement automated patching.
    • Conduct vulnerability assessments and penetration testing.

    Compliance and governance:

    • Adhere to industry-specific compliance requirements and conduct regular audits.

    API security:

    • Secure APIs with authentication, use API gateways, and implement Web Application Firewalls (WAFs).

    Container security (if applicable):

    • Use container security practices, such as scanning images and using secure orchestration tools like Kubernetes.