RSA is around the corner and there are plenty of announcements hitting the wire leading into the annual security convention.  New waves of technology, product revisions and a fair share of new products can be expected, but once in a while an announcement emerges that uncovers a feature and a new focus on an existing product.  Sumo Logic has announced that they are introducing a new tool that is designed for security deployments and will help rapidly uncover cyber-attacks, minimize consequences of data breaches and reduce compliance costs.  In a briefing with Sumo Logic’s  CMO Sanjary Sarathy, he shared how the company has made this strategic approach and why it matters right now.

Cyber attack reports seemingly come out on a regular basis nowadays – each week there are stories like the incidents at Target, Yahoo, Neiman Marcus, Michael’s – and a list of victims that grows and grows.

New school prevention

These malicious cyber attacks appear to be getting easier and more frequent due to the fire hose of machine data generated by new applications and infrastructure – the more information that companies pump out, the more information is available to cyber criminals. Old-school prevention relies on heavyweight and reactive mechanisms to identify these security threats, and lack the predictive and scalable analytics that the modern enterprise requires. With the volume of machine data expected to grow 15 times by 2020, these traditional monitoring tools will leave companies more vulnerable than ever – and this vulnerability could lead to more identity theft, fraud and malevolent activities.  Sumo Logic’s machine data intelligence platform is the foundation for their new tool.  It will leverage big data structure to rapidly capture and analyze anomalous information introducing an all-new application of the platform’s features.

Analytics and security: a powerful toolset

This new tool will have the following capabilities:

• Elastically scale to handle large volumes of search queries, correlations and streaming data to real-time dashboards for instant visualization of trends, without any overhead

• Quickly uncover the root cause of a threat incident, reducing the mean time to resolution by 50% or more

• Automatically uncover security events in real-time, helping enterprises to ward off threats before they fully impact the organization, without relying on rules or predefined schemas

• Provide access to a range of both Cloud-based and on-premise systems to generate immediate insights via pre-built visualizations and searches.

To be clear, analytic security is one of most significant trends in the security industry today.  By delivering advanced relevant intelligence, the practice is able to narrow down security events from a normative state of operation and thus frees up a lot of security analysis that was limited in scope and ability prior to the introduction of this practice.  One last layer in Sumo Logic’s new security options is the correlation of data from various environments. With this element, establishing anomalous conditions for a certain environment may already have the security reference built in to similar environments from throughout Sumo Logic’s large base of enterprise clients. This de-facto community security intelligence could reduce reaction times and disclose conditions before a security analyst even knows that security conditions have changed – and that’s only the beginning. Very exciting stuff and science going into this.

Sumo Logic’s official entry into this market is less of a new development than it is an evolution of a powerful, flexible and well-suited for the cloud technology that they have built their brand on.  Sumo Logic is known for their particular value add of flexibility and tremendous analytics power in the cloud, in that it is cloud-based and allows customers to instantly scale up without any worry about reconfiguring and adding log capacity.  Their platform has in essence for quite some time been functioning as a SIEM, which stands for Security Information and Event Management – the heart of the modern analytic security platform.  This element combined with its growing DevOps and application performance deployments, along with the elastic cloud elements that are inherent on the platform will likely be a favorable platform that enterprises will gravitate to.  When their existing customers alone come into security applications, it will be an instant standard with a formidable base.

Sumo Logic – check them out.

photo credit: Eric Fischer via photopin cc