Sumo Logic Announces Global Intelligence Service for AWS CloudTrail
November 26, 2019
Share this

Sumo Logic introduced Global Intelligence Service for AWS CloudTrail.

This latest offering provides security teams with valuable real-time security intelligence to scale detection, prioritization, investigation, and workflow to prevent potentially harmful service configurations that could lead to a costly data breach.

The new Sumo Logic Global Intelligence Service for AWS CloudTrail uses baseline algorithms derived from industry best practices, frameworks, and vulnerability scans to analyze event activity and create benchmarks and insights based on potentially risky AWS configurations across population cohorts. With this real-time intelligence, Sumo Logic helps customers address the following questions:

- How does my company’s attack surface compare to peers? Benchmark: Sumo Logic provides teams with visibility into volume of individual AWS resources, variety of those resources, and velocity of change within those resources to identify how their attack surface is similar to or differs from others using AWS.

- Which service configuration changes are normal and which ones are harmful? Prioritize: Sumo Logic provides teams insights and benchmarks to help them visualize and detect harmful configurations that can potentially cause data breaches. With this real-time intelligence, teams can focus on configurations that can be used as a potential point of breach entry and efficiently allocate resources to quickly perform remediation efforts.

- What can my company do now to prevent future attacks? Optimize: Sumo Logic helps customers continuously optimize their security posture by providing security teams with recommendations on how to reduce their attack surface area (i.e. remove unused resources), proactively reconfigure their EC2, IAM, and S3 services based on baseline configurations, and which AWS accounts, users, and machines need to be added to watchlists.

“As more companies go through their digital transformation and cloud journeys, it is important for them to review their security posture and controls to ensure the security of customer-facing digital services, as well as sensitive customer data,” said Bruno Kurtic, co-founding VP, Product and Strategy, Sumo Logic. “The security insights provided by our new Global Intelligence Service for AWS CloudTrail will be a valuable resource for already stretched security teams to proactively identify configuration issues and quickly address them before they turn into incidents and impact their business.”

This solution is the second offering from the company’s Global Intelligence Service, an operational and security benchmarking service that leverages machine learning and statistical analysis to uncover global key performance and risk indicators that allow organizations to measure themselves against the world’s leading adopters of new technologies, modern architectures, and cloud infrastructures. The first offering, Global Intelligence Service for Amazon GuardDuty, is being used by leading companies to further strengthen cloud security posture, improve threat detection, and enhance regulatory compliance.

The Sumo Logic Global Intelligence Service is part of the company’s Global Intelligence solution, a design to extend machine learning and insights to new teams and use cases. The other offerings include the Sumo Logic Continuous Intelligence Report, Sumo Community Insights, and Sumo Data Science Insights.

Global Intelligence Service for AWS CloudTrail is currently in closed beta and expected to be in the Sumo Logic App catalog early 2020.

Share this

The Latest

September 25, 2020

Michael Olson on the AI+ITOPS Podcast: "I really see AIOps as being a core requirement for observability because it ... applies intelligence to your telemetry data and your incident data ... to potentially predict problems before they happen."

September 24, 2020

Enterprise ITOM and ITSM teams have been welcoming of AIOps, believing that it has the potential to deliver great value to them as their IT environments become more distributed, hybrid and complex. Not so with DevOps teams. It's safe to say they've kept AIOps at arm's length, because they don't think it's relevant nor useful for what they do. Instead, to manage the software code they develop and deploy, they've focused on observability ...

September 23, 2020

The post-pandemic environment has resulted in a major shift on where SREs will be located, with nearly 50% of SREs believing they will be working remotely post COVID-19, as compared to only 19% prior to the pandemic, according to the 2020 SRE Survey Report from Catchpoint and the DevOps Institute ...

September 22, 2020

All application traffic travels across the network. While application performance management tools can offer insight into how critical applications are functioning, they do not provide visibility into the broader network environment. In order to optimize application performance, you need a few key capabilities. Let's explore three steps that can help NetOps teams better support the critical applications upon which your business depends ...

September 21, 2020

In Episode 8, Michael Olson, Director of Product Marketing at New Relic, joins the AI+ITOPS Podcast to discuss how AIOps provides real benefits to IT teams ...

September 18, 2020

Will Cappelli on the AI+ITOPS Podcast: "I'll predict that in 5 years time, APM as we know it will have been completely mutated into an observability plus dynamic analytics capability."

September 17, 2020
One of the benefits of doing the EMA Radar Report: AIOps- A Guide for Investing in Innovation was getting data from all 17 vendors on critical areas ranging from deployment and adoption challenges, to cost and pricing, to architectural and functionality insights across everything from heuristics, to automation, and data assimilation ...
September 16, 2020

When you consider that the average end-user interacts with at least 8 applications, then think about how important those applications are in the overall success of the business and how often the interface between the application and the hardware needs to be updated, it's a potential minefield for business operations. Any single update could explode in your face at any time ...

September 15, 2020

Despite the efforts in modernizing and building a robust infrastructure, IT teams routinely deal with the application, database, hardware, or software outages that can last from a few minutes to several days. These types of incidents can cause financial losses to businesses and damage its reputation ...

September 14, 2020

In Episode 7, Will Cappelli, Field CTO of Moogsoft and Former Gartner Research VP, joins the AI+ITOPS Podcast to discuss the future of APM, AIOps and Observability ...