Security and Threat Detection
Docs for Sumo apps for Security and Threat Detection.
Sumo provides a variety of apps for security products and platforms, from firewalls and endpoint protection to security automation and orchestration. This guide has documentation for those apps.
- Cisco ASA
- Gives you insight into website visitor patterns, monitors infrastructure operations, and provides easy access to threat monitoring.
- CloudPassage Halo
- You can leverage the security visibility provided by CloudPassage's Halo platform with Sumo Logic’s correlation and visualization capabilities to deliver a security reporting and analysis tool. This app enables security operators and administrators to correlate security events across their Halo-managed infrastructure.
- CrowdStrike Falcon Platform
- The Sumo Logic App for CrowdStrike Falcon Platform allows you to analyze CrowdStrike security events by type, status, and detection method. You can use the App to investigate CrowdStrike-specific events and provide operational visibility to team members from pre-configured searches and Dashboards, without logging into the CrowdStrike console.
- Cylance
- The Sumo Logic App for Cylance allows you to analyze Cylance security events by type, status, and detection method.
- Duo Security
- The Sumo Logic App for Duo Security presents information from your Duo account’s authentication, administrator, and telephony logs.
- Evident.io Evident Security Platform
- Information on Evident.io Evident Security Platform (ESP)
- Imperva - Incapsula Web Application Firewall
- The Sumo Logic app for Imperva Incapsula helps you monitor your WAF service. The preconfigured dashboards provide insights on the BOT access control, blocked countries, and user agents.
- Observable Networks
- The Sumo Logic App for Observable Networks allows you to monitor your Observable Networks deployment from Sumo Logic. The Apps’ Overview Dashboard provides insight to high-level data about your network.
- Palo Alto Networks 6
- Uses Palo Alto Network’s threat categories in several Panels to deliver a graphical representation of threats.
- Palo Alto Networks 8
- The Sumo Logic app for Palo Alto Networks 8 gives you visibility into firewall and traps activity.
- Threat Intel Quick Analysis
- The Sumo Logic Threat Intel Quick Analysis App lets you correlate your logs against the CrowdStrike Threat Intelligence database and identify possible threats.
- Trend Micro Deep Security
- The Sumo Logic App for Trend Micro Deep Security works with system and security events to monitor event history such as anti-malware, IPS, web reputation, firewall, integrity and log inspection events.
- Zscaler Web Security
- The Sumo Logic App for Zscaler Web Security collects logs from Zscaler via Nanolog Streaming Service (NSS) to populate pre-configured searches and Dashboards in order to visualize and provide insight into web traffic behaviors, security, user browsing activities, and risk.