When it comes to your SIEM, your data is only as useful as your ability to ingest and analyze it. To solve complex security problems, your team ideally needs the ability to comprehensively monitor events within your environment with contextual insights from high-volume data sources.

Security information and event management (SIEM) systems are centralized logging platforms that enable security teams to analyze event data in real time for early detection of targeted cyber attacks and data breaches. A SIEM is used as a tool to collect, store, investigate, and report on log data for threat detection, incident response, forensics, and regulatory compliance.

At Illuminate 2020, Kashif Iqbal, Head of Corporate Technology and Cyber Security at SEGA Europe, shared their data security challenges and how they currently leverage Sumo Logic for their security needs. Kashif spoke about the four main benefits their security team have experienced since switching to Sumo Logic.

At Sumo Logic Illuminate 2020, The Energy Authority’s IT Director for Service Delivery and Support Scott Follick spoke about the TEA, how they do things, what they have learned in the process of searching for a SIEM solution, and why they chose Sumo.

During Sumo Logic’s Illuminate user conference, Heath Hendrickson, senior security architect at the Clorox company, and Gary Conner, senior threat protection lead, presented how they are leveraging Sumo Logic across security operations, threat hunting, IT operations, and more.

It's not uncommon for organizations to encounter hundreds of security incidents on a daily basis—from the trivial poking and prodding of script kiddies to nefarious activities that constitute the inner workings of advanced persistent threats (APTs). Transforming this volume of data into actionable information is impossible without the assistance of security intelligence, specifically, the analytic capabilities of security information and event management (SIEM) tools.

The global security community recently learned of a supply chain attack against SolarWinds via their Orion® Platform. In this blog we are providing recommendations for Sumo Logic customers to gain a deeper understanding of how to utilize available Indicators of Compromise (IOCs) within our Cloud SIEM offerings to determine your exposure to the attack. Additionally, we’re sharing targeted search recommendations from our Sumo Logic Special Operations (or SpecOps) threat hunting team.