Sumo Logic Introduces War Room and App Central Capabilities
February 22, 2022
Share this

Sumo Logic announced new offerings further advancing its Sumo Logic Cloud SOAR with the War Room and App Central features.

The War Room provides security teams with the details of an incident to expedite manual processes that could typically take minutes to now close within a matter of seconds. Within App Central, critical resources, including use cases, integrations, and playbooks, are brought together to boost necessary automation so that security teams can build standard operating procedures and respond faster to incidents.

“Enterprise leaders have long recognized the need to share critical data across and between systems within their organizations. This is also important within a security operations center (SOC) where SOAR solutions have emerged as a necessary tool to close the investigation gap,” said Dario Forte, VP and GM Security Orchestration, Sumo Logic. “The use cases for security automation and response will continue to evolve. Tools like the War Room will provide cybersecurity teams the flexibility to focus on important tasks while leaving the rest to our robust automation, open integration capabilities, and advanced analytics to investigate and respond with confidence.”

The Sumo Logic Cloud SOAR War Room and App Central add greater efficiency and even more automation to drive the most important Security Operations activities.

- Make Quick Decisions: The War Room provides a detailed view in chronological order of every relevant event that has happened in a specific incident and step-by-step processes to follow from start to finish via a series of cards. Each card shows the most critical information of the incident at a glance and provides actionable insights and visibility into the results of execution. With the new graph view, analysts gain timely visibility into the incident to make decisions based on the visualization of previous actions to analyze data in a structured way.

- Increase Automation through the Open Integration Framework (OIF): Sumo Logic Cloud SOAR easily integrates with an existing security stack, including solutions for EDR, NDR, IAM, threat intelligence, SIEM, vulnerability management and more. With no limit on third-party API integrations, teams can integrate existing tools and technologies for automation with ease. The OIF not only allows the cyber team to create actions that can be inserted into a playbook but also has additional features that add flexibility such as daemons, triggers, and custom actions.

- Access a Library of Up-to-Date Playbooks, Actions, and Use Cases: Pre-built, customizable templates, actions and use cases are available in App Central to guide security analysts so they can apply solutions based on the needs of their organization. Curated by Sumo Logic experts, Cloud SOAR is equipped with actions to close investigations on the latest threats.

Share this

The Latest

October 10, 2024

When employees encounter tech friction or feel frustrated with the tools they are asked to use, they will find a workaround. In fact, one in two office workers admit to using personal devices to log into work networks, with 32% of them revealing their employers are unaware of this practice, according to Securing the Digital Employee Experience ...

October 10, 2024

In today's high-stakes race to deliver innovative products without disruptions, the importance of feature management and experimentation has never been more clear. But what strategies are driving success, and which tools are truly moving the needle? ...

October 09, 2024
A well-performing application is no longer a luxury; it has become a necessity for many business organizations worldwide. End users expect applications to be fast, reliable, and responsive — anything less can cause user frustration, app abandonment, and ultimately lost revenue. This is where application performance testing comes in ....
October 08, 2024

The demand for real-time AI capabilities is pushing data scientists to develop and manage infrastructure that can handle massive volumes of data in motion. This includes streaming data pipelines, edge computing, scalable cloud architecture, and data quality and governance. These new responsibilities require data scientists to expand their skill sets significantly ...

October 07, 2024

As the digital landscape constantly evolves, it's critical for businesses to stay ahead, especially when it comes to operating systems updates. A recent ControlUp study revealed that 82% of enterprise Windows endpoint devices have yet to migrate to Windows 11. With Microsoft's cutoff date on October 14, 2025, for Windows 10 support fast approaching, the urgency cannot be overstated ...

October 04, 2024

In Part 1 of this two-part series, I defined multi-CDN and explored how and why this approach is used by streaming services, e-commerce platforms, gaming companies and global enterprises for fast and reliable content delivery ... Now, in Part 2 of the series, I'll explore one of the biggest challenges of multi-CDN: observability.

October 03, 2024

CDNs consist of geographically distributed data centers with servers that cache and serve content close to end users to reduce latency and improve load times. Each data center is strategically placed so that digital signals can rapidly travel from one "point of presence" to the next, getting the digital signal to the viewer as fast as possible ... Multi-CDN refers to the strategy of utilizing multiple CDNs to deliver digital content across the internet ...

October 02, 2024

We surveyed IT professionals on their attitudes and practices regarding using Generative AI with databases. We asked how they are layering the technology in with their systems, where it's working the best for them, and what their concerns are ...

October 01, 2024

40% of generative AI (GenAI) solutions will be multimodal (text, image, audio and video) by 2027, up from 1% in 2023, according to Gartner ...

September 30, 2024

Today's digital business landscape evolves rapidly ... Among the areas primed for innovation, the long-standing ticket-based IT support model stands out as particularly outdated. Emerging as a game-changer, the concept of the "ticketless enterprise" promises to shift IT management from a reactive stance to a proactive approach ...