2022 Gartner® Magic Quadrant™ SIEM
Get the reportMore
We are a multi-cloud managed services provider (MSP) that works strictly with Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure. We’ve been working with enterprise public cloud leaders in Europe since 2012 and our goal is to provide fully managed public cloud transformation to our customers. This comes in many forms, including infrastructure automation, and application development and managed services that take an IP-driven approach to public cloud provisioning, optimization and ongoing management.
Currently, we serve 100+ customers across Europe, including Austria, Germany, the UK, the Nordic regions, Poland, and more, and have deployed over 500 projects to date.
As the CTO, my primary responsibility is to determine what new offerings we will provide to our customers and how we will help them execute their cloud and DevOps migration strategy.
Half of our business comes from finance and manufacturing industries, and we are increasingly hearing from our customers that their current security operations, and on-premises SIEM tools are failing them in today’s digital world.
At Nordcloud, we are experts in the cloud transformation journey, and taking a security-first approach is a major part of our service offerings. Our customers need the right software to implement their digital transformation efforts, faster than their competition. But it’s a long and complex process — it can take anywhere from a year to 18 months to figure out the right strategy and to find the right choice partners for the digital journey.
What we often find is friction in organizations between development and security teams, which is compounded by a shortage of cloud and security talent within the enterprise. They want to run their security operations center (SOC) in the cloud because that’s the future, but there is a misalignment across the business that makes it challenging.
Digital transformation is about competing with software. Internally, we became an all-cloud shop because legacy IT wasn’t able to process modern day software fast enough. So we decided to build our own cloud-based SOC as a model for our customers. In a sense, we’ve become a prime use case for our customers.
Why are we investing in this? It’s because the traditional SOC process is mostly noise: expensive, time consuming and error prone. It’s not a fully repeatable process and relies too heavily on the skillsets of humans.
This is problematic for a few reasons:
Most of our customers are enterprises and only 2-5 percent of them have all of their workloads in the cloud (the good ones have 10 percent). The remainder of them are in the middle of their journey. This is the right time to significantly improve your processes compared to running on-premises. Changing the way of working for 10 applications is much easier than for 500 applications. In security, this means implementing DevSecOps approaches, automating mitigations tasks and in particular, focusing on application security.
This is where Sumo Logic comes into play. We’ve been a loyal Sumo Logic customer ourselves at Nordcloud for a long time, mostly leveraging the platform for traditional log management.
However, more recently, we’ve been using their security analytics and the overall platform to create a centralized view of all application, cloud and security data in a single dashboard. They provide strong security alerting, indexing and correlation features that allow us to build a customized SOC so that we can begin to show how this effective model can also serve our customers.
Our goal is to deliver a nearly 100 percent alert-based approach security operations. While one can never achieve perfect coverage, the combination of public cloud, our security services and advanced features of Sumo Logic enable us to offer a SOC service that delivers significantly more infrastructure and application security that is available today.
Attackers are more motivated than ever because they’ve realized how lucrative it can be, so there’s more pressure than ever for businesses to innovate and improve how application and cloud security is delivered.
The nature of today’s threats is such that to alert and to investigate them you need developers, and you need development and security aligned, collaborating and using the same tooling in order to be effective across the entire delivery lifecycle, and in this instance, that tooling is Sumo Logic.
We are excited about our partnership with Sumo Logic, and the potential to jointly innovate, collaborate and grow together. We also look forward to leveraging their machine data analytics platform and cloud SIEM solution in the coming year to continue delivering on our core goals, with hopes to launch new alerting and threat modeling features in the near future.
If you’re interested in hearing more about Nordcloud’s vision as well as how we’ve implemented Sumo Logic to help achieve our goals, I will be giving at talk at Sumo Logic’s booth during AWS re:Invent in Las Vegas from Nov. 26-30, 2018. Stop by booth #840 on Tuesday, Nov. 27 from 10:30-11 am PT to hear the presentation and to ask questions. Look forward to seeing you there!
Reduce downtime and move from reactive to proactive monitoring.
Build, run, and secure modern applications and cloud infrastructures.Start free trial
Observability has become one of the most important areas of your application and infrastructure landscape, and the market has an abundance of tools available that seem to do what you need. In reality, however, most products – especially leading open-source based products – were created to solve a single problem extremely well, and have added additional supporting functionality to become a more robust solution; but the non-core functionality is rarely best of breed. Examples of these are Prometheus and Grafana.