Micro Lesson: Cloud SIEM First Seen Rules
Learn more about Cloud SIEM's new First Seen Rules, which can generate signals when certain behavior or activity is detected for the first time.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Sumo Logic
Micro Lesson: Cloud SIEM Entity Timeline & Relationship Graph
Learn more about two key tools in Cloud SIEM: the Entity Timeline and Entity Relationship Graph and how they can help analyze security incidents.
Building a Kubernetes purple teaming lab
Kubernetes, and containerization in general, has a wealth of benefits for many teams operating cloud-native applications. From a threat detection standpoint, however, it is often difficult for newcomers to this space to gain the relevant hands-on experience without trampling over production environments. The Sumo Logic team has previously authored articles on Kubernetes DevSecOps vulnerabilities and best practices as well as Kubernetes logging and monitoring.
Micro Lesson: Cloud SOAR Automated Responder Knowledge (ARK)
Learn more about Cloud SOAR's Automated Responder Knowledge (ARK) feature, which uses machine learning to dynamically suggest playbooks in response to incidents, based on other similar incidents.
Micro Lesson: Cloud SIEM Insight Trainer
Learn about Sumo Logic's Insight Trainer feature for Cloud SIEM Enterprise, a tool to help SOC teams reduce false positive and "no action" insights.
Micro Lesson: Cloud SIEM Global Intelligence for Security Insights
Learn about Sumo Logic's Global Intelligence for Security Insights system, which "crowdsources" cybersecurity information from customers around the globe to provide accurate confidence scores for security insights.
Micro Lesson: Cloud SIEM Insight Trainer
Learn about Sumo Logic's Insight Trainer feature for Cloud SIEM Enterprise, a tool to help SOC teams reduce false positive and "no action" insights.
Micro Lesson: Cloud SIEM Enterprise Audit App
Learn about Sumo Logic's Cloud SIEM Enterprise Audit App, containing dashboards to give you visibility into Cloud SIEM Insights, Records, Signals, and Rules.
Fine-tuning Cloud SIEM detections through machine learning
Security engineering teams spend hours every week tuning their security information and event management (SIEM) systems to ensure that they are effective at detecting security threats and minimizing false positives. Such “tuning tax” is common as customers add new SIEM rules to cope with rapidly changing threat landscape and attacker tactics and as their attack surface evolves through automated changes to their application and infrastructure stacks.
Micro Lesson: Cloud SIEM Global Intelligence for Security Insights
Learn about Sumo Logic's Global Intelligence for Security Insights system, which "crowdsources" cybersecurity information from customers around the globe to provide accurate confidence scores for security insights.