--- title: "Improve your security posture by focusing on velocity, visibility, and vectors" page_name: "Improve your security posture by focusing on velocity, visibility, and vectors" type: "blog" slug: "improve-security-posture-velocity-visibility-vectors" published_at: "2021-01-11" modified_at: "2025-06-17" url: "https://www.sumologic.com/blog/improve-security-posture-velocity-visibility-vectors" canonical: "https://www.sumologic.com/blog/improve-security-posture-velocity-visibility-vectors" markdown_url: "https://www.sumologic.com/blog/improve-security-posture-velocity-visibility-vectors.md" lang: "en" excerpt: "Improving your organization’s security posture is a complex issue that can be deconstructed into a few different focus areas we’ll call: Velocity, Visibility, and Vector." taxonomy_blog_category: - "SecOps & Security" --- [ All blogs ](https://www.sumologic.com/blog "blog")[SecOps & Security](https://www.sumologic.com/blog/secops-security) # Improve your security posture by focusing on velocity, visibility, and vectors [Chas Clawson](#blog-author-block-78)[Justin Dodge](#blog-author-block-359) January 11, 2021 3 min read [SecOps & Security](https://www.sumologic.com/blog/secops-security) ##### Table of contents In the wake of the widely publicized [FireEye breach](https://www.fireeye.com/blog/products-and-services/2020/12/fireeye-shares-details-of-recent-cyber-attack-actions-to-protect-community.html) and the alarming [SolarWinds supply chain attack](https://www.solarwinds.com/securityadvisory), this presents an ideal opportunity for reflection on the broader shift taking place across the world—the transition from legacy on-prem infrastructures to the cloud. When a sophisticated nation-state obtains utilities intended for Red Team activities– all but assuring nefarious intent– it should give our community pause as to the collective state of security readiness should an attacker leverage such tools. *So what does a modern security analytics platform provide that can help defend critical assets in this continuously evolving threat landscape?* As it relates to your [SIEM](https://www.sumologic.com/guides/siem) platform, improving your organization’s security posture is a complex issue that can be deconstructed into a few different focus areas we’ll call: **Velocity, Visibility, and Vector**. ## Velocity The reality on the frontlines is, SecOps and security analysts simply do not have time to track all of the evolving threats to an organization’s critical assets. Technology stacks being deployed are expanding with more niche and cross-vendor solutions that it becomes difficult to know which vulnerabilities in the latest headlines are relevant and what priority they should take. Further, deploying patches and content packs with new detection rules, signatures require many operational man-hours. Fortunately, cloud-native SaaS solutions are providing much-needed relief. Solutions like Sumo Logic’s Cloud SIEM Enterprise release new actionable content in the form of correlation rules to the customer environment several times a week on average. That means, as we discover new threats, we can globally deploy content to all customer environments equipping them to automatically detect the threats. Additionally, writing SIEM correlation rules requires specialized skill, because Sumo Logic supports community standards like Sigma and [YARA rules](https://www.sumologic.com/blog/siem-yara-rules/), customers can also find and import rules already developed by industry experts. As defenders, it is critical we share intelligence and content freely because if we don’t, the adversary will always be one step ahead. In short, evaluate your current solution and consider: 1. How updates are actively applied? 2. At what regular cadence? 3. What support the solution has for community-contributed content? ## Visibility Professor Patrick Wolf accurately stated “the rate at which we’re generating data is rapidly outpacing our ability to analyze it. The trick is to turn these massive data streams from a liability into a strength.” Now that log analytics and security solutions have shifted to the cloud, organizations can finally keep pace with the rapid growth of machine data being generated. Furthermore, they’re now able to scale elastically–not only with collection–but with the compute power required to make sense of the data. For example (as of October 2020) Sumo Logic analyzes **1.6 quadrillion events** and built a cloud-scale analytics platform that scans an average of **873 petabytes** of data — *every day*. All of this is accomplished without the deployment of any legacy on-prem hardware or infrastructure. The ability to search and visualize across such massive amounts of data has been a game changer for organizations. Taken to the next level, we can provide additional global intelligence insights across all our customers’ data, allowing them to compare security attacks against their enterprise with the cyber landscape at large. This invaluable perspective would not be possible without a modern microservices-based, cloud-native architecture. ## Attack Vector The last area to consider is the attack vectors being leveraged, and are signals being collected sufficiently to identify cyber events across all areas of IT infrastructure? Specifically, as organizations move from on-prem to hybrid cloud and then to multi-cloud, is the security team able to defend all of these beachheads? For example, does the solution provide out-of-the-box content for traditional Windows infrastructure, as well as Azure, AWS, and GCP? Does it allow for deeper inspection of both North-South and East-West traffic flowing between systems with open-source network analytics solutions like Bro/Zeek? Solely relying on firewall logs for network visibility can leave critical blind spots. At a bare minimum, support for newer data sources like Zeek, Kubernetes+Falco, AWS VPC flow logs, and AWS Network Firewall are a must-have. Combined, these also bring new observability that helps modern security practitioners find the needle in the needles stack before a breach occurs. If you’re looking to modernize your security stack for greater visibility and reduce your time to detection and response, we’d love to share with you how Sumo can help with your security team’s digital transformation. ### Article Tags - [SecOps & Security](https://www.sumologic.com/blog/secops-security) Chas Clawson Field CTO, Security As a technologist interested in disruptive cloud technologies, Chas joined Sumo Logic’s Cyber Security team with over 15 years in the field, consulting with many federal agencies on how to secure modern workloads. In the federal space, he spent time as an architect designing the Department of Commerce ESOC SIEM solution. He also worked at the NSA as a civilian conducting Red Team assessments and within the office of compliance and policy. Commercially, he has worked with MSSP practices and security consulting services for various fortune 500 companies. Chas also enjoys teaching Networking & Cyber Security courses as a Professor at the University of Maryland Global College. Justin Dodge [](https://www.sumologic.com/feed "RSS Feed")[](https://twitter.com/intent/tweet?text=Improve%20your%20security%20posture%20by%20focusing%20on%20velocity%2C%20visibility%2C%20and%20vectors&url=https%3A%2F%2Fwww.sumologic.com%2Fblog%2Fimprove-security-posture-velocity-visibility-vectors "X")[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sumologic.com%2Fblog%2Fimprove-security-posture-velocity-visibility-vectors "Facebook")[](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fwww.sumologic.com%2Fblog%2Fimprove-security-posture-velocity-visibility-vectors "Linkedin") [Previous blog How to monitor Amazon Aurora RDS logs and metrics](https://www.sumologic.com/blog/monitoring-amazon-aurora-rds-logs-metrics)[Next blog Embracing open source data collection](https://www.sumologic.com/blog/embracing-open-source-data-collection) People who read this also enjoyed [ AI across the security lifecycle June 18, 2026 ](https://www.sumologic.com/blog/ai-across-security-lifecycle)[ Balance AI innovation and governance with Sumo Logic AI and ML apps June 10, 2026 ](https://www.sumologic.com/blog/sumo-logic-ai-ml-apps-governance)[ Sumo Logic AWS Region European Sovereign Cloud is now generally available June 2, 2026 ](https://www.sumologic.com/blog/sumo-logic-aws-region-european-sovereign-cloud-generally-available)[ How digital banking is redefining fraud prevention May 28, 2026 ](https://www.sumologic.com/blog/digital-banking-redefining-fraud-prevention) [AI Instructions](https://www.sumologic.com/ai-instructions.md)