December 2020


Recommendations for monitoring SolarWinds supply chain attack with Sumo Logic Cloud SIEM

The global security community recently learned of a supply chain attack against SolarWinds via their Orion® Platform. In this blog we are providing recommendations for Sumo Logic customers to gain a deeper understanding of how to utilize available Indicators of Compromise (IOCs) within our Cloud SIEM offerings to determine your exposure to the attack. Additionally, we’re sharing targeted search recommendations from our Sumo Logic Special Operations (or SpecOps) threat hunting team.


Automatic correlation of FireEye red team tool countermeasure detections

Sumo Logic has reviewed the announced breach on December 8, 2020 by FireEye and their subsequent public release of over 300 countermeasure rules. We are continuing to analyze the available information and would like to share this update to all existing and prospective customers interested in how our Sumo Logic services can assist with this development.


Building your modern cloud SIEM

SIEM has traditionally earned itself a bad reputation as an unwieldy and unmanageable tool that really never lived up to its promises. In my presentation during Illuminate, I talked about what Sumo Logic is doing to modernize log analytics and SIEM as a whole. Today, we see that despite how overall technology is accelerating, security always seems to lag behind. In Sumo Logic, we address this head-on.

Building your modern SIEM, Unique security requirements for cloud and modern technologies

Digital transformation has changed the attack surface, and organizations are generating more data than ever before. What does this mean from a security standpoint? Attend this session and hear more about what makes a modern SaaS SIEM solution and why it’s critical for detecting threats across your hybrid and multi-cloud infrastructures. Finally, we’ll explore what tomorrow’s SIEM might look like.