Sumo Logic Cloud SOAR enhancements increase automation for security teams
Sumo Logic announced new offerings further advancing its Sumo Logic Cloud SOAR with the War Room and App Central features.
The War Room provides security teams with the details of an incident to expedite manual processes that could typically take minutes to now close within a matter of seconds. Within App Central, critical resources, including use cases, integrations, and playbooks, are brought together to boost necessary automation so that security teams can build standard operating procedures and respond faster to incidents.
“Enterprise leaders have long recognized the need to share critical data across and between systems within their organizations. This is also important within a security operations center (SOC) where SOAR solutions have emerged as a necessary tool to close the investigation gap,” said Dario Forte, VP and GM Security Orchestration, Sumo Logic. “The use cases for security automation and response will continue to evolve. Tools like the War Room will provide cybersecurity teams the flexibility to focus on important tasks while leaving the rest to our robust automation, open integration capabilities, and advanced analytics to investigate and respond with confidence.”
The Sumo Logic Cloud SOAR War Room and App Central add efficiency and even more automation to drive the most important Security Operations activities.
- Make quick decisions: The War Room provides a detailed view in chronological order of every relevant event that has happened in a specific incident and step-by-step processes to follow from start to finish via a series of cards. Each card shows the most critical information of the incident at a glance and provides actionable insights and visibility into the results of execution. With the new graph view, analysts gain timely visibility into the incident to make decisions based on the visualization of previous actions to analyze data in a structured way.
- Increase automation through the open integration framework (OIF): Sumo Logic Cloud SOAR easily integrates with an existing security stack, including solutions for EDR, NDR, IAM, threat intelligence, SIEM, vulnerability management and more. With no limit on third-party API integrations, teams can integrate existing tools and technologies for automation with ease. The OIF not only allows the cyber team to create actions that can be inserted into a playbook but also has additional features that add flexibility such as daemons, triggers, and custom actions.
- Access a library of up-to-date playbooks, actions, and use cases: Pre-built, customizable templates, actions and use cases are available in App Central to guide security analysts so they can apply solutions based on the needs of their organization. Curated by Sumo Logic experts, Cloud SOAR is equipped with actions to close investigations on the latest threats.
Sumo Logic Security Intelligence
Sumo Logic Cloud SOAR is part of the Sumo Logic Security Intelligence Suite, which includes Cloud Security Monitoring & Analytics, Audit & Compliance, and Cloud SIEM. Powered by the Sumo Logic Continuous Intelligence Platform, Sumo Logic delivers modern, cloud-native solutions for modern security operations.