Sumo Logic announced new offerings further advancing its Sumo Logic Cloud SOAR with the War Room and App Central features.
The War Room provides security teams with the details of an incident to expedite manual processes that could typically take minutes to now close within a matter of seconds. Within App Central, critical resources, including use cases, integrations, and playbooks, are brought together to boost necessary automation so that security teams can build standard operating procedures and respond faster to incidents.
“Enterprise leaders have long recognized the need to share critical data across and between systems within their organizations. This is also important within a security operations center (SOC) where SOAR solutions have emerged as a necessary tool to close the investigation gap,” said Dario Forte, VP and GM Security Orchestration, Sumo Logic. “The use cases for security automation and response will continue to evolve. Tools like the War Room will provide cybersecurity teams the flexibility to focus on important tasks while leaving the rest to our robust automation, open integration capabilities, and advanced analytics to investigate and respond with confidence.”
The Sumo Logic Cloud SOAR War Room and App Central add greater efficiency and even more automation to drive the most important Security Operations activities.
- Make Quick Decisions: The War Room provides a detailed view in chronological order of every relevant event that has happened in a specific incident and step-by-step processes to follow from start to finish via a series of cards. Each card shows the most critical information of the incident at a glance and provides actionable insights and visibility into the results of execution. With the new graph view, analysts gain timely visibility into the incident to make decisions based on the visualization of previous actions to analyze data in a structured way.
- Increase Automation through the Open Integration Framework (OIF): Sumo Logic Cloud SOAR easily integrates with an existing security stack, including solutions for EDR, NDR, IAM, threat intelligence, SIEM, vulnerability management and more. With no limit on third-party API integrations, teams can integrate existing tools and technologies for automation with ease. The OIF not only allows the cyber team to create actions that can be inserted into a playbook but also has additional features that add flexibility such as daemons, triggers, and custom actions.
- Access a Library of Up-to-Date Playbooks, Actions, and Use Cases: Pre-built, customizable templates, actions and use cases are available in App Central to guide security analysts so they can apply solutions based on the needs of their organization. Curated by Sumo Logic experts, Cloud SOAR is equipped with actions to close investigations on the latest threats.
The Latest
When employees encounter tech friction or feel frustrated with the tools they are asked to use, they will find a workaround. In fact, one in two office workers admit to using personal devices to log into work networks, with 32% of them revealing their employers are unaware of this practice, according to Securing the Digital Employee Experience ...
In today's high-stakes race to deliver innovative products without disruptions, the importance of feature management and experimentation has never been more clear. But what strategies are driving success, and which tools are truly moving the needle? ...
The demand for real-time AI capabilities is pushing data scientists to develop and manage infrastructure that can handle massive volumes of data in motion. This includes streaming data pipelines, edge computing, scalable cloud architecture, and data quality and governance. These new responsibilities require data scientists to expand their skill sets significantly ...
As the digital landscape constantly evolves, it's critical for businesses to stay ahead, especially when it comes to operating systems updates. A recent ControlUp study revealed that 82% of enterprise Windows endpoint devices have yet to migrate to Windows 11. With Microsoft's cutoff date on October 14, 2025, for Windows 10 support fast approaching, the urgency cannot be overstated ...
In Part 1 of this two-part series, I defined multi-CDN and explored how and why this approach is used by streaming services, e-commerce platforms, gaming companies and global enterprises for fast and reliable content delivery ... Now, in Part 2 of the series, I'll explore one of the biggest challenges of multi-CDN: observability.
CDNs consist of geographically distributed data centers with servers that cache and serve content close to end users to reduce latency and improve load times. Each data center is strategically placed so that digital signals can rapidly travel from one "point of presence" to the next, getting the digital signal to the viewer as fast as possible ... Multi-CDN refers to the strategy of utilizing multiple CDNs to deliver digital content across the internet ...
We surveyed IT professionals on their attitudes and practices regarding using Generative AI with databases. We asked how they are layering the technology in with their systems, where it's working the best for them, and what their concerns are ...
40% of generative AI (GenAI) solutions will be multimodal (text, image, audio and video) by 2027, up from 1% in 2023, according to Gartner ...
Today's digital business landscape evolves rapidly ... Among the areas primed for innovation, the long-standing ticket-based IT support model stands out as particularly outdated. Emerging as a game-changer, the concept of the "ticketless enterprise" promises to shift IT management from a reactive stance to a proactive approach ...