Platform enhancements strengthening security across every child org

Multi-org environments introduce complexity that most tools simply weren’t built for. Analysts are often forced to jump between different orgs, duplicate configuration work, and maintain parallel dashboards, alerts, and content–inefficiencies that increase risk, overhead, and time-to-response. Every minute spent managing infrastructure is one you’re not spending serving your clients or responding to threats.

At Sumo Logic, we’re committed to making our Intelligent Operations Platform more efficient, scalable, and intuitive for customers operating at this level of complexity. Our latest enhancements streamline administration, enforce consistency across orgs, and reduce repetitive work for our MSSP partners and large enterprise customers. Below are new capabilities designed to help teams accomplish more with less manual effort.

Granular access control and visibility

Complex organizations need precise control over setup, structure, and user permissions. We’ve introduced new capabilities to make this easier:

• Deactivate or delink child orgs: Admins can now manage child organizations directly from the parent org, reducing clutter and minimizing risks from unused orgs.
  
• Custom user permissions: Parent org admins can define which users can view or log in to each child org, improving security and ensuring only authorized personnel can access sensitive data.
  
• Centralized child org management: Admins can now update key child org details, including the organization name, subdomain, and account owner, directly from the Organizations page in the parent org.
  
• Unified collector visibility: Get a centralized view of collectors across all child orgs, aggregated by type and health status, without logging out of the parent org. Filter and search by child org, collector type, or health status to quickly identify and resolve issues.

Content and configuration management

Analysts at multi-org enterprises often repeat the same tasks across each child org. These updates make it easier to manage content and settings from a single place:

• Manage library content across orgs: Create and manage dashboards, saved searches, scheduled searches, connections, and library folders from the parent org.
  
• Manage monitors across orgs: Replicate log, metric, trace, and SLO monitors from the parent org while preserving configurations and permissions.
  
• Manage SIEM rules and tuning expressions: Deploy and update rules and tuning expressions across multiple child orgs with a single click.
  

Search and dashboard across child orgs

Searching child org data previously required switching orgs and manually stitching results. Now you can:

• Run searches across one or many child orgs from the parent org
• Open a dashboard and select a child org variable to filter views dynamically

This unlocks faster investigation, easier insight sharing, and a more scalable analysis workflow.

Content-as-code support

As security programs scale across multiple organizations, manual configurations don’t scale with them. Managing detections, playbooks, and response logic through point-and-click workflows leads to inconsistent behavior across environments, limited visibility into changes, and brittle processes that are hard to audit or improve over time. 

To operate effectively across multiple orgs, security teams need the same rigor and repeatability they apply to application infrastructure. That’s why we’ve added additional infrastructure-as-code workflow support, bringing version control, automation, and CI/CD principles into security operations.

• Detection-as-code: Applies proven engineering practices to detection management, allowing teams to define, version, test, and deploy detections programmatically. This will improve accuracy, reduce false positives, and ensure consistency across orgs.
• Terraform support for playbook management: Extends the same approach to response automation. Instead of managing playbooks manually across multiple child orgs, teams can manage them as code, maintain version control, and integrate seamlessly with IaC workflows.

See for yourself

Whether you’re managing dozens of child orgs or just a handful, these updates provide the tools you need to securely and efficiently operate at scale. 

Log in to explore these enhancements today or request a demo to see how Sumo Logic can help you build resilient, intelligent SOC operations.