Sumo Logic ahead of the packRead article
Sumo Logic Enterprise Security Analytics
“ Once we understood how easily Sumo Logic could generate proactive insights at scale, it was clear that our customers and prospects could use it immediately to strengthen their security posture.” - Robert Herjavec, CEO, The Herjavec Group
With over 90% of breaches going undetected by corporations a new approach is needed to counter today’s cyber attacks. This approach should be based on speed of detection, the ability to proactively root out potential security issues before they impact the organization, and scale to meet current and future data volumes.
In working with numerous customers, we understand the most critical requirements to handle their enterprise security analytics.
- The ability to analyze data generated across their entire environment including custom applications, networks, security devices, operating systems and more
- Out-of-the-box visualizations and content for specific machine data sources that help with forensic and trending analysis
- The ability to uncover data anomalies that may indicate a cyber attack or compliance violation, without the need to write rules
- The ability to easily scale to multiple terabytes per day with minimal operational overhead
Sumo Logic Enterprise Security Analytics provides essential platform and content capabilities built on top of a highly scalable machine data architecture to rapidly uncover data breaches, reduce compliance costs, and minimize modern-day threats. With today’s attacks originating from both outside and inside the firewall, legacy tools rely on heavyweight and reactive mechanisms to identify threats and lack the predictive analytics that today’s enterprises require. With Sumo Logic Security Analytics, companies can:
- Identify data exfiltration by uncovering and correlating security events across multiple data sources
- Reduce compliance costs by accelerating and simplifying compliance reporting and auditing as well as providing continuous compliance management
- Audit access to sensitive and mission-critical applications that are both on-premise and in the cloud
Sumo Logic Enterprise Security Analytics incorporates a number of different capabilities to help security teams deal with the multitude of daily security issues.
Multi-Terabyte Per Day Scale:
To ensure that customers can handle both expected and unexpected surges in machine data volume, the patented Sumo Logic Elastic Log Processing engine can scale every node of the Sumo Logic service independently to meet the compute, storage and processing needs of that particular customer.
LogReduce® for Security Forensics:
This patent-pending capability allows companies to quickly uncover the root cause of threats or compliance gaps via unique pattern recognition, reducing the mean time to resolution by 50 per.cent or more.
Sumo Logic Anomaly Detection incorporates machine learning to automatically uncover security events in real-time, and extend beyond the human limitation of pre-defined rules and reports.
Out-of-the Box Security Content:
Sumo Logic Applications provide immediate insights into a range of security-relevant data sources via pre-built visualizations and searches. The following applications are included as part of Enterprise Security Analytics
Cloud-based data sources: AWS CloudTrail, Akamai Cloud Monitor
On-premise data sources: Palo Alto Networks, Sourcefire, Snort, Cisco ASA, OSSEC, HyperGuard
Sumo Logic Difference
Built from the ground up to take advantage of the flexibility, management and cost-saving efficiencies of the cloud. Deploys in less than 15 minutes.
Elastic Log Processing
Ingest and burst on demand multiple terabytes of data per day, regardless of type, volume or location.
Patent-pending LogReduce® and Anomaly Detection technologies use machine learning to generate insights without need for human input.
Use Sumo Logic for Free
- Easy to deploy: Sumo Free enables you to collect and analyze logs in minutes with no hardware or storage to manage
- Enterprise-level functionality: Sumo Free contains all the features of our enterprise-class solution
- Perpetual usage: Sumo Free is perpetually free for up to 3 users, and offers the ability to send 500MB of data per day and retain for 7 days (total 3.5GB of data). To send additional data, add more users, or retain data for a longer period of time, easily upgrade to our enterprise version.
Sumo Logic cloud-native SaaS analytics
Build, run, and secure modern applications and cloud infrastructures.Start free trial