Security Operations, Cloud Security, Content

8 Sumo Logic Security Updates MSSPs Need to Know About


Sumo Logic, a cloud-centric security information and event management (SIEM) solutions provider that works with MSSPs, made several announcements during its virtual Modern SOC Summit on June 8 and 9, 2021. Here's a look at eight Sumo Logic security updates from the event.

1. Sumo Logic Cloud SOAR: Sumo Logic Cloud SOAR is a security orchestration, automation and response (SOAR) solution built with DFLabs capabilities (Sumo Logic finalized its acquisition of DFLabs in May 2021). MSSPs can use Sumo Logic Cloud SOAR to automate repetitive tasks, establish repeatable incident response workflows and measure and optimize the performance of security operations and incident response programs, the company said.

2. Sumo Logic Cloud SIEM Powered by AWS: The company showcased its Sumo Logic Cloud SIEM Powered by AWS multi-cloud and hybrid threat protection offering. Sumo Logic Cloud SIEM provides insights to help MSSPs eliminate security blind spots across multi-cloud and hybrid environments, the company noted.

3. Global Intelligence for Security Insights: The company previewed Global Intelligence for Security Insights as part of its expanded Global Intelligence Services. Global Intelligence for Security Insights provides new Insight confidence scores to give security analysts additional information to prioritize investigations, the company indicated.

4. Cloud Security Monitoring and Analytics Apps: The company unveiled five cloud security and monitoring analytics apps that use AWS Cloud Trail, AWS VPC Flows, Palo Alto Networks Firewall, Windows and Linux as data sources. The apps provide insights into an organization's security posture and analytics to help security and IT teams understand and respond to security issues, according to the company.

5. Expansion of Sumo Logic's Modern Enterprise Security Architecture (MESA) Framework: The company has expanded its MESA framework to help organizations address expanding attack surfaces and threats to cloud and on-premises deployments, the company stated.

6. ServiceNow Security Incident Response Integration: The company has launched a beta version of a ServiceNow Security Incidents Response integration, which combines insights from Sumo Logic's Cloud SIEM Enterprise solution with ServiceNow capabilities.

7. Zscaler Private Access Integration: The company has announced a Zscaler Private Access (ZPA) integration that provides IT and security operations teams with access to dashboards they can use to protect applications against cyber threats.

8. Sumo Logic Cloud SIEM Included in Compliance Certifications: The company's Cloud SIEM has been added to the company's ISO 27001, CSA STAR, HIPAA, PCI and SOC 2 Type 2 certifications.

MSSPs can join Sumo Logic's partner program to integrate the company's SaaS SIEM into their offerings. The program also provides MSSPs with access to a practice builder they can use to deliver security intelligence and SIEM solutions, along with access to sales enablement and marketing tools and resources.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.