According to Gartner®, “The SOAR market continues to build toward becoming the control plane for the modern SOC environment, with the potential of becoming the control plane for a variety of security operations functions (e.g., vulnerability management (VM), compliance management and cloud security).” Further, the report adds, “SOAR tools are still primarily leveraged by organizations with a security operations center. Use cases to support security operations beyond threat monitoring and detection, threat intelligence, and incident response and threat hunting are still nascent.” [1]
Sumo Logic Cloud SOAR builds on the company’s security offerings to include orchestration and automation to quickly address incidents with native integration Sumo Logic Cloud SIEM or other SIEMs as part of a comprehensive modern security solution. With Sumo Logic Cloud SOAR, enterprise SecOps teams can:
• Minimize response time. Improves standard operating procedures for fast response by using playbooks and Supervised Active Intelligence to suggest relevant processes for specific use cases, boosting SecOps productivity.
• Focus on real threats. Reduces false positives, provides accurate alert enrichment, deduplicates similar incidents and automates time-consuming tasks.
• Measure success and improve collaboration. Makes it easy to manage the escalation process and enables analysts to work simultaneously on incidents, providing detailed incident reports with related IOCs, timeline and corrective actions.
• Easily orchestrate and balance disparate tools. Integrates with hundreds of technologies with Sumo Logic’s Open Integration Framework, allowing SecOps teams to create custom integrations with almost no coding experience required.
"Sumo Logic Cloud SOAR covers all the requirements of a modern end-to-end SOAR platform for cloud and on-premises deployments, and it enables organizations and MSSPs to move forward with building their next generation SOC,” said Olivér Urzica, Regional Country Manager at Prianto & CEE. “The SOAR solution scales to solve sophisticated security operations use cases and we have been quite pleased with the professionalism, partnership, excellent services and support.”
The general availability of Sumo Logic Cloud SOAR follows the company’s acquisition of DFLabs S.p.A earlier this year and combines with Sumo Logic Cloud SIEM to provide customers of varying sizes and maturities with comprehensive cloud-native security intelligence solutions that are built for today’s digital businesses leveraging modern applications, architectures and multi-cloud infrastructures. Sumo Logic also recently launched Cloud SIEM Powered by AWS to provide deep insights to eliminate security blind spots across multi-cloud and hybrid environments to enhance security posture, and reduce an organization’s risk profile.
“We are experiencing a new era that demands security operations play a vital role at the heart of every organization. Yet in the midst of constant change prompted by the digital revolution, security teams are presented with persistent challenges that impede their progress,” said Dario Forte, VP and General Manager, Orchestration and Automation for Sumo Logic. “Sumo Logic is at the forefront of helping SOC teams modernize their security operations and navigate the evolving threat landscape, through a best-in-class SOAR solution to eliminate manual tasks, augment incident response plans with automated workflows, and overcome critical security challenges.”