Skip to main content

Sumo Logic Security Solutions


Sumo Logic's security solutions support the entire spectrum of security use cases, from security analytics to SIEM and SOAR:

Cloud monitoringThreat detection and investigationThreat response
Cloud Infrastructure SecurityCloud SIEMCloud SOAR
Provides enhanced insight for security analysts into threat activity via a unified security and compliance audit view of your cloud infrastructure. Leveraging cloud-native tools and telemetry, it accelerates development, operations, security, and reliability management teams in maintaining security visibility into their environment, managing their risk and attack surface.Gives SOC (security operations center) analysts prioritized and contextualized actionable threats with automated security workflows. Out-of-the-box automated detection reduces manual work, saving valuable resource time and enabling your team to be more effective by allowing them to focus on higher-value security functions.Fully automates triage, investigation, and remediation of threats for any security professional. The open integrations framework allows you to connect to a multitude of third-party applications. The platform provides full incident response lifecycle management with machine learning and threat hunting, accelerating mean time to respond (MTTR).

Security feature comparison

Following are features available with our security solutions. If you have any questions on availability or a free trial, you can reach out to your Sumo Logic account team.

FeatureCloud Infrastructure SecurityCloud SIEMCloud SOAR
Log collectioncheckcheckcheck
App catalog (out-of-the-box analytics)checkcheckcheck
Deep search (Sumo Logic Search Query Language)checkcheckcheck
Advanced analytics with machine learning (GIS for GuardDuty and CloudTrail)checkcheckcheck
Threat Intelligence (CrowdStrike threat intel feed and threat analysis app)checkcheckcheck
Normalization with parsing of unstructured data and Field Extraction Rulescheckcheckcheck
Normalization with parsing, mapping, and enrichmentcheck
Streaming processingcheck
Out-of-the-box detection contentscheck
Advanced analytics for user behaviorcheck
Rules Engine (built-in, types, custom, criticality, Rule Expression tuning)check
Correlation of Signals to an Entitycheck
Insight Engine (including case management)check
Entity Types (Entity Normalization, Related Entities, Entity Criticality)check
Entity Relationship Graphcheck
Entity Timelinecheck
Machine learning capabilities (Global Confidence Score for Insights, Insight Trainer)check
Tags (MITRE ATT&CK, custom tag schema, network blocks)check
Automation Servicecheckcheck
Open Integration Framework (OIF)checkcheckcheck
App Centralcheckcheckcheck
SecOps dashboardcheck
Case Managercheck
War Roomcheck
Supervised active intelligence with alert triage and playbooks suggestionscheck
Progressive automationcheck
Highly customizable dashboards and KPIscheck
Automatic incident reportscheck
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.