Sumo Logic Announces Global Intelligence Service for AWS CloudTrail
November 26, 2019
Share this

Sumo Logic introduced Global Intelligence Service for AWS CloudTrail.

This latest offering provides security teams with valuable real-time security intelligence to scale detection, prioritization, investigation, and workflow to prevent potentially harmful service configurations that could lead to a costly data breach.

The new Sumo Logic Global Intelligence Service for AWS CloudTrail uses baseline algorithms derived from industry best practices, frameworks, and vulnerability scans to analyze event activity and create benchmarks and insights based on potentially risky AWS configurations across population cohorts. With this real-time intelligence, Sumo Logic helps customers address the following questions:

- How does my company’s attack surface compare to peers? Benchmark: Sumo Logic provides teams with visibility into volume of individual AWS resources, variety of those resources, and velocity of change within those resources to identify how their attack surface is similar to or differs from others using AWS.

- Which service configuration changes are normal and which ones are harmful? Prioritize: Sumo Logic provides teams insights and benchmarks to help them visualize and detect harmful configurations that can potentially cause data breaches. With this real-time intelligence, teams can focus on configurations that can be used as a potential point of breach entry and efficiently allocate resources to quickly perform remediation efforts.

- What can my company do now to prevent future attacks? Optimize: Sumo Logic helps customers continuously optimize their security posture by providing security teams with recommendations on how to reduce their attack surface area (i.e. remove unused resources), proactively reconfigure their EC2, IAM, and S3 services based on baseline configurations, and which AWS accounts, users, and machines need to be added to watchlists.

“As more companies go through their digital transformation and cloud journeys, it is important for them to review their security posture and controls to ensure the security of customer-facing digital services, as well as sensitive customer data,” said Bruno Kurtic, co-founding VP, Product and Strategy, Sumo Logic. “The security insights provided by our new Global Intelligence Service for AWS CloudTrail will be a valuable resource for already stretched security teams to proactively identify configuration issues and quickly address them before they turn into incidents and impact their business.”

This solution is the second offering from the company’s Global Intelligence Service, an operational and security benchmarking service that leverages machine learning and statistical analysis to uncover global key performance and risk indicators that allow organizations to measure themselves against the world’s leading adopters of new technologies, modern architectures, and cloud infrastructures. The first offering, Global Intelligence Service for Amazon GuardDuty, is being used by leading companies to further strengthen cloud security posture, improve threat detection, and enhance regulatory compliance.

The Sumo Logic Global Intelligence Service is part of the company’s Global Intelligence solution, a design to extend machine learning and insights to new teams and use cases. The other offerings include the Sumo Logic Continuous Intelligence Report, Sumo Community Insights, and Sumo Data Science Insights.

Global Intelligence Service for AWS CloudTrail is currently in closed beta and expected to be in the Sumo Logic App catalog early 2020.

Share this

The Latest

January 28, 2020

With a projected 7 billion mobile users by 2021, mobile is becoming the most dominant digital touchpoint for customer engagement. Annual mobile app downloads are projected to reach 258 billion by 2022 — a 45% increase from 2017. But downloads alone do not indicate mobile success — retention and engagement are key. While there are many factors that influence these metrics, application performance may be one of the most critical ...

January 27, 2020

Cloud-based project management (PM) software has become increasingly popular in the last five years. In this blog, we'll dig into the data from our 2019 PM software user report and expand on the rise of cloud-based PM tools, highlighting who is using these tools and what they're using them for ...

January 23, 2020

EMA is about to embark on some new research entitled Data-Driven Automation: A Vision for the Modern CIO. We're trying to piece a puzzle together that so far we don't believe anyone to date has fully done — seek out where and how IT is moving toward integrated strategies for automation in context with real-world objectives and obstacles. We'll be looking at four use cases, each of will no doubt tell its own story ...

January 22, 2020

Many pitfalls await CIOs on the journey to the cloud. In fact, a majority of companies have been only partially successful, while some are outright failing. To learn more about this migration, Business Performance Innovation (BPI) Network surveyed IT and business executives and conducted in-depth interviews ...

January 21, 2020

The online retail industry has yet to have a Black Friday/Cyber Monday weekend unscathed by web performance (speed and availability) problems. Luckily, performance during 2019's hyper-critical online holiday shopping weekend was better than in years past, as we did not see any systemic, lengthy outages. While no website went completely down, several retailers did experience significant problems. Why have online retailers yet to figure out how to be crash-free during this all-important peak traffic period? We've identified several reasons for this ...

January 16, 2020

Gartner highlighted the trends that infrastructure and operations (I&O) leaders must start preparing for to support digital infrastructure in 2020 ...

January 15, 2020

Edge computing usage is starting to increase. The obvious follow-up question is, "So, what can I do with edge computing?" I'm glad you asked. There are lots of things you can do ...

January 14, 2020

Industry experts offer predictions on how Network Performance Management (NPM) and related technologies will evolve and impact business in 2020. Part 2 offers predictions about 5G and more ...

January 13, 2020

Industry experts offer predictions on how Network Performance Management (NPM) and related technologies will evolve and impact business in 2020 ...

January 09, 2020

With AI on the edge, companies will more easily monitor desktops, tablets and other end-user devices. AIOps will enable IT to guide employees on improving productivity from the applications installed on their devices while delivering greater visibility and control around the entire IT environment ...