Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Sumo Logic

Many sources, one truth: Applying DevSecOps best practices

It’s no secret threat actors, and cloud attacks have evolved, yet traditional security responses have languished, much to the detriment of many organizations. In this session, Cas Clawson, Field CTO for Security at Sumo Logic, will explore cloud threat detection challenges and how to do it better using a real-world incident response example, leveraging a single source of truth, breaking down team silos, and utilizing the best practices with DevSecOps.

Inside the war room: Best practices learned from the Sumo Logic security incident

In November 2023, Sumo Logic experienced a security incident. While no one wants to be a victim of a cyberattack, and we certainly learned a lot about things that we can do better in the future, our team was lauded by customers and media alike for how we handled the situation underscoring the importance of a good incident response plan. One of the core values at Sumo Logic is that we’re in it with our customers. But more broadly speaking, we’re in it with the InfoSec community.

How AI will impact cybersecurity: the beginning of fifth-gen SIEM

The power of artificial intelligence (AI) and machine learning (ML) is a double-edged sword — empowering cybercriminals and cybersecurity professionals alike. AI, particularly generative AI’s ability to automate tasks, extract information from vast amounts of data, and generate communications and media indistinguishable from the real thing, can all be used to enhance cyberattacks and campaigns.

Responding to CVE-2024-3094 - Supply chain compromise of XZ Utils

It seems as though responders cannot catch a break when it comes to 0-day vulnerabilities and supply chain compromise avenues. On March 29th, 2024, the Cybersecurity & Infrastructure Security Agency published an alert regarding a supply chain compromise of the XZ Utils package. At time of writing, there is no information regarding exploitation of the vulnerability and follow-on post-compromise activity.

Hunt for cloud session anomalies with Cloud SIEM

In today’s cloud-native world, systems are usually accessed by users from multiple devices and in various geographic locations. Anyone who has tried to operationalize an impossible travel type alert for cloud resources will understand the myriad nuances and gotchas involved in such an endeavor. A user may be accessing a cloud resource from a mobile device that is tied to a carrier network well away from their normal geographic location.

Guarding the game: securing digital playgrounds

Imagine needing to stop a playoff game because viewers were actively impacting the sport, helping players catch impossible passes or score points they never should have gotten. That’s the equivalent of what happened when an Apex Legends hack during the North American finals interrupted the tournament and raised cybersecurity concerns for everyone involved. With global esports a billion-dollar industry, and competitive video gaming in general worth much more than that, this has a serious impact.

DevSecOps in an AI world requires disruptive log economics

We’ve been talking about digital transformation for years (or even decades?), but the pace of evolution is now being catapulted forward by AI. This rapid change and innovation creates and relies upon exponential data sets. And while technology is rapidly evolving to manage and maintain these massive data sets, legacy pricing models based on data ingest volume are lagging behind, making it economically unsustainable.