New innovations across AI, automation, and integrated threat intelligence converge to help security teams detect earlier, investigate faster, and respond smarter
Sumo Logic, the leading SaaS-based log analytics platform, announced a suite of advanced security innovations designed to empower organizations to build intelligent security operations that reduce risk, speed up threat containment, and bolster overall security resilience. These latest capabilities will be showcased this week at the RSA Conference 2025, booth #6261.
“With the rise of AI-powered attacks, dynamically scaling cloud environments, and growing data complexity, legacy solutions are significantly slowing detection and response,” said Keith Kuchler, Chief Development Officer for Sumo Logic. “The innovations we’re unveiling at RSA this week fuel DevSecOps via the power of logs by centralizing security log management at scale to deliver intelligence through actionable insights that modern SecOps teams need to stay ahead of the evolving threat landscape without suffering from alert fatigue.”
Accelerating Threat Detection and Response Through AI and Automation
Sumo Logic’s latest advancements are built to shift security teams from reactive postures to proactive threat hunters. By bringing together telemetry, context, automation, and artificial intelligence, these capabilities help improve detection fidelity, streamline workflows, and deliver better security outcomes. Key features include:
-
Multiple Threat Intelligence Feeds: Sumo Logic’s upgraded Threat Intelligence solution now supports integration with multiple intelligence feeds, including custom STIX/TAXII feeds. This allows organizations to enhance visibility, tailor alerts to their unique risk landscape, and gain real-time contextual insights—enabling rapid and high-fidelity threat detection.
-
UEBA Historical Baselining: With User and Entity Behavior Analytics (UEBA), Sumo Logic can now establish behavioral baselines in minutes using historical data. This improves detection accuracy by dynamically adapting models to evolving behaviors, significantly reducing false positives and alert fatigue. The result: smarter alerts, earlier detection of insider threats, and minimal manual tuning.
-
Detection-as-Code: This newly introduced approach brings security and DevOps workflows closer together. Security teams can now manage detection rules within development platforms like GitHub and automatically sync them with their Sumo Logic environments. By leveraging DevOps best practices—testing, version control, and automation—teams gain agility, consistency, and scalability in rule management.
-
AI-Driven Insight Summaries (Prototype): Using generative AI, this new feature automatically distills large volumes of log and detection data into concise, actionable summaries. It identifies patterns, provides critical context, and highlights root causes—saving analysts hours of manual investigation and helping teams prioritize and respond faster.
Also Read: AppViewX and PKI solutions launch Post-Quantum Readiness Tools Helping Enterprises Against New Cryptographic Threats
Customer Insights: Real-World Impact of Intelligent Security Operations
Sumo Logic’s cloud-native platform—combining logs-first analytics, Cloud SIEM, and SOAR—ingests, normalizes, and analyzes vast amounts of data to enable automated and efficient threat response. Customers across industries are already benefiting from improved detection, operational maturity, and security efficiency.
“We rely on Sumo Logic’s scheduled searches to actively monitor for IOCs during incidents. This lets us focus on addressing ongoing incidents while staying on top of any emerging threats. With Sumo Logic, we can effectively manage incidents and be vigilant for potential additional threats.” — Bruno Miguel Cruz Braga, Head of SecOps, TrueLayer
“By filtering out the noise and pinpointing critical insights, Sumo Logic allows us to improve our team’s efficacy. We’re able to zero in on the most pressing threats and reduce alert fatigue.” — Tarek Chalaan, SOC Manager at Security Centric
“Sumo Logic has made my life much easier. It saves me a significant amount of time and allows our team to streamline daily tasks. This gives us the opportunity to focus on new integrations and enhance our overall security posture. As a security engineer, it’s important to constantly improve and work on new things, and Sumo Logic has been a game changer in that regard.” — Jordan Andonov, Security Engineer at OpenPayd
“Sumo Logic’s Cloud SIEM’s out-of-the-box rules are powerful. Tuning them for our organization and infrastructure helped familiarize ourselves with the tool, prove value in our investment, and optimize the platform so we could focus on true alarms that require our attention.” — Huseyin Karaarslan, Senior Security Engineer, Roku
