Sumo Logic Threat Labs Launched
June 13, 2022
Share this

Sumo Logic unveiled Sumo Logic Threat Labs, a threat research and security detection unit.

The Threat Labs unit is among the expanded services and tools from Sumo Logic to help customers modernize security operations and achieve greater cyber-resilience.

The Sumo Logic Threat Labs Unit is built to deliver a continuous stream of deep detection content, rapid response guidance, and actionable best practices to Sumo Logic security customers. The team is staffed with domain experts with backgrounds in forensics, incident response, and red/blue teaming, as well as offensive and defensive cyber operations in the United States military and intelligence services. Informed by deep human expertise, the Threat Labs Unit will also play a larger role in contributing advanced detection logic and best practices to the security community to help collectivize the defense.

Dave Frampton, VP/GM, Sumo Logic Security Business Unit said, “Our Threat Labs Unit will contribute actionable insights to our customers from leading-edge threat research, we will also share insight with the community to improve the industry's collective defense. Our deep and diverse practitioner expertise translates into advanced detection coverage delivered in a unique SaaS model which combines real-time global updates with deployment customization for individual customers.”

Modern threat surfaces also encompass application security at every layer of the stack. Customers need end-to-end workflows coordinated across detection, investigation and response efforts. Threat Labs insights are delivered across the Sumo Logic security portfolio, ranging from detection and investigation in Cloud SIEM to automated threat response in Cloud SOAR. In its SaaS delivery platform, Sumo Logic updates detection content for all customers at least twice weekly, to shorten the cycle time from research to concrete defense adaption in environments where every minute counts.

As first reported in the media in April, the very first malware exploiting serverless computing was found in the wild creating crypto-miner instances in AWS Lambda. Called Denonia, this cutting-edge malware requires a holistic approach to detection, investigation, and response. The Threat Labs Unit performed research and detection engineering on the Sumo Logic platform. The team then generated content for detection in Cloud SIEM, delivered analysis and hunting across the platform, and orchestrated the response in Cloud SOAR all in one workflow.

Share this

The Latest

January 26, 2023

As enterprises work to implement or improve their observability practices, tool sprawl is a very real phenomenon ... Tool sprawl can and does happen all across the organization. In this post, though, we'll focus specifically on how and why observability efforts often result in tool sprawl, some of the possible negative consequences of that sprawl, and we'll offer some advice on how to reduce or even avoid sprawl ...

January 25, 2023

As companies generate more data across their network footprints, they need network observability tools to help find meaning in that data for better decision-making and problem solving. It seems many companies believe that adding more tools leads to better and faster insights ... And yet, observability tools aren't meeting many companies' needs. In fact, adding more tools introduces new challenges ...

January 24, 2023

Driven by the need to create scalable, faster, and more agile systems, businesses are adopting cloud native approaches. But cloud native environments also come with an explosion of data and complexity that makes it harder for businesses to detect and remediate issues before everything comes to a screeching halt. Observability, if done right, can make it easier to mitigate these challenges and remediate incidents before they become major customer-impacting problems ...

January 23, 2023

The spiraling cost of energy is forcing public cloud providers to raise their prices significantly. A recent report by Canalys predicted that public cloud prices will jump by around 20% in the US and more than 30% in Europe in 2023. These steep price increases will test the conventional wisdom that moving to the cloud is a cheap computing alternative ...

January 19, 2023

Despite strong interest over the past decade, the actual investment in DX has been recent. While 100% of enterprises are now engaged with DX in some way, most (77%) have begun their DX journey within the past two years. And most are early stage, with a fourth (24%) at the discussion stage and half (49%) currently transforming. Only 27% say they have finished their DX efforts ...

January 18, 2023

While most thought that distraction and motivation would be the main contributors to low productivity in a work-from-home environment, many organizations discovered that it was gaps in their IT systems that created some of the most significant challenges ...

January 17, 2023
The US aviation sector was struggling to return to normal following a nationwide ground stop imposed by Federal Aviation Administration (FAA) early Wednesday over a computer issue ...
January 13, 2023

APMdigest and leading IT research firm Enterprise Management Associates (EMA) are teaming up on the EMA-APMdigest Podcast, a new podcast focused on the latest technologies impacting IT Operations. In Episode 1, Dan Twing, President and COO of EMA, discusses Observability and Automation with Will Schoeppner, Research Director covering Application Performance Management and Business Intelligence at EMA ...

January 12, 2023

APMdigest is following up our list of 2023 Application Performance Management Predictions with predictions from industry experts about how the cloud will evolve in 2023 ...

January 11, 2023

As demand for digital services increases and distributed systems become more complex, organizations must collect and process a growing amount of observability data (logs, metrics, and traces). Site reliability engineers (SREs), developers, and security engineers use observability data to learn how their applications and environments are performing so they can successfully respond to issues and mitigate risk ...