Sumo Logic, Inc. announced new AI and security analytics capabilities that allow security and development teams to align around a single source of truth and collect and act on data insights more quickly. These advancements, bolstered by Sumo Logic?s free data ingest licensing, empower customers to use their critical security data to close security gaps and better fuel DevSecOps. These innovations will be on display this week at booth #6271 at RSA Conference 2024.

A recent Cloud Security Alliance survey found that only 30% of respondents believe they have good collaboration between security and development teams. At the root of the problem, security teams get signals of potential threats but often need developers or operations teams to help diagnose, assess and resolve. DevSecOps practices can help solve these challenges, which require a single source of truth, contextual data, cross-team collaboration, and AI and automation to power faster decision-making. Sumo Logic's advanced analytics capabilities allow security teams to find insights within their data to keep up with the rapid pace of cyber threats.

Whether companies are looking to detect threats or troubleshoot issues, Sumo Logic provides the tools teams need to uncover valuable insights in real-time. New and updated capabilities include: MITRE ATT&CK Threat Coverage Explorer: MITRE ATT&CK Threat Coverage Explorer is a new feature within Sumo Logic?s Cloud SIEM solution that helps security teams analyze its threat coverage across the organization and continuously improve its security posture. With the industry?s most comprehensive out-of-the-box rules and content, no other solution provides customers the ability to view and filter both theoretical coverage and historical events relative to adversary tactics, techniques and procedures (TTPs).

Additionally, customers can compare their own exposure against peer benchmarks across the Sumo Logic customer base, leveraging global intelligence using dynamic filters to zero in on specific areas of concern based on their security log sources and rules they?ve disabled, enabled or prototyped. Copilot: Sumo Logic is introducing Copilot, an AI-assisted log analytics experience with pre-built natural language prompts to help early career Dev, Sec and Ops teams gain expert-level insights, uplevel query skills and drive to root cause faster. Copilot?s innovative experience ensures that users can get accurate answers without trial and error, a common pitfall in many GenAI implementations.

AI-driven Alerting: Now generally available to all customers,Sumo Logic?spatent-pending AI-driven Alerting feature enables users to harness the power of AI-driven anomaly detection and automation through playbooks. AI-driven alerts get organizations closer to their goal of self-healing and self-protecting apps by triggering playbooks that automate response to unusual or suspicious application and infrastructure signals. Unlike other solutions, Sumo Logic?s Anomaly Detection builds ML models using several weeks of historical data while leveraging AutoML to detect seasonality and tune model parameters without user intervention.

Playbooks can also be assigned to monitors with a single click, significantly streamlining the experience compared to competitive products.