Sumo Logic Delivers Enterprise Security Analytic Product

Posted: Feb 21 2014, 11:21am CST | by , Updated: Feb 21 2014, 1:39pm CST, in News | Technology News

 

Sumo Logic Delivers Enterprise Security Analytic Product
/* Story Top Left 2010 300x250, created 7/15/10 */ google_ad_slot = "8340327155";
 

Sumo Logic is a company that has slowly and quietly been building credibility for its machine data platform. Essentially Sumo Logic ingests all the information that technology systems spit out and delivers insights into what it all means. Solutions like this are used by large IT shops to make sense of the massive amount of data their systems produce, and to increase the efficiency of IT operations.

That’s a useful product (as evidenced by customers like Netflix and Easton-Bell) but it doesn’t really gain attention at the pointy end of IT operations. I’ve long felt that Sumo Logic needed to deliver more front end solutions that leveraged the core data, but presented and delivered it in some new ways.

Well, Sumo Logic seems to have listened to my opinion and is introducing a new enterprise security analytics tool that sees it move away from being all about pure play machine data analytics and more about real solutions. They’re introducing a SIEM (Security Information and Event Management) tool – the idea of the new tool is that it will help inform operations teams about irregular activity – cyber-attacks, breaches and other less malicious problems. Sumo Logic believes it has an edge on more traditional SIEM products due to its cloud-first approach which gives it better scalability, lower TCO and the ability to capture data from physical, virtual, cloud and SaaS data sources.

At the moment the product covers a number of data sources:

  • Cloud-based data sources include: Amazon Web Services (AWS) CloudTrail, Akamai Cloud Monitor
  • On-premise data sources include: Palo Alto Networks, Sourcefire, Snort, Cisco ASA, OSSEC, Hyperguard

Sumo Logic sees a number of different use cases for the new product offering:

  • Identifying data exfiltration by uncovering and correlating security events across multiple data sources
  • Reducing compliance costs by accelerating and simplifying compliance reporting and auditing as well as providing continuous compliance management
  • Auditing access to sensitive and mission-critical applications that are both on-premise and in the cloud
  • Enabling high-speed forensic investigations into security incidents spanning terabytes of security and operational machine data

I like the idea that Sumo Logic is focusing on real products rather than services that are more “plumbing” in nature. Whether its SIEM product manages to gain attention is to be seen. But I can see a number of other angles they might take with this – including some discovery and analysis of cloud application usage within an enterprise – a move that would bring them into direct competition with NetSkope and Skyhigh Networks.

Source: Forbes

This story may contain affiliate links.

Comments

The Author


Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

 

Advertisement

comments powered by Disqus