Trust & security you can count on

Get peace of mind with top-grade platform security.

Platform Security

Security is in our DNA

Sumo Logic security applies best-in-class technologies and a rigorous process to put the safety of your data first.

World Class Security

World-class security organization

Founded by IT Security veterans with 100+ years of experience. CSO, DPO and a dedicated SOC team focused on ensuring platform and data security.

Best In Class

Best-in class DevSecOps

Bullet-proof platform by integrating security principles into development process from the get go.

In Depth Security

Highly secure platform

Including: whole-disk encryption; whitelisting of individual processes, users, ports and addresses; AES 256 encryption for data at rest; TLS1.2 or higher for data in transit and regular penetration tests and vulnerability scans.

How does our platform security work

Empower your team with a platform built for the modern application.

Physical security

In cybersecurity, the importance of physical protections can’t be overstated. Sumo Logic runs in the cloud, operates in ISO-certified data centers with PCI DSS Service Level 1 compliance. Only key personnel know the location of the physical data centers, which are protected 24/7 by armed guards, video surveillance and biometric access controls.

Logical data storage

Data is kept logically separate on various layers throughout our service. We tag all data per customer, throughout the lifecycle, and enforce tagging at all layers. No data is transmitted to Sumo Logic without encryption, and within the system, AES 256-bit encryption protects all data at rest. All data is encrypted for long-term storage in Amazon S3. All data is encrypted for long-term storage in the cloud.

User-level security

User account security is our priority. To securely register the collector, the one-time collector registration ID generated upon installation must be provided. When authenticating to our security service, a highly secure session-ID tracking mechanism ensures that only authorized users initiate requests. Role-based permissions can be set from within the Sumo Logic console.

Node security

The Sumo Logic production system consists of many individual nodes running as a cluster, many clusters for each deployment. Each of these nodes is a hardened and well-protected system at the network and application layers. Each cluster node is booted with the latest, up-to-the-minute security releases and updates that are installed as they become available.

Data access

Only Sumo Logic employees with a validated need for access may access the production cluster, and all production access requires highly secured two-factor authentication.

Testing program

Critical to platform security is regular testing, including penetration testing and scanning. The Sumo Logic security team runs daily scans of all nodes. On a weekly basis, we run fully credentialed scans of every new build. Every quarter, we run ASV scans, and penetration testers go to work on our platform every six months.

Interested in learning more about platform security?

river lines Platform-security-cloud-siem

New cloud SIEM solution for modern IT

Sumo Logic’s guide to SIEM explains traditional SIEM solutions, modern security needs and how organizations can adapt to ever-evolving threats.

river lines Platform-security-design

Secure by design

Read about the technologies and processes used by Sumo Logic to secure customer data; provides background on the company’s deeply ingrained security culture.

Have security concerns that need to be addressed?

Well then, what are you waiting for?