New innovations across AI, automation, and integrated threat intelligence converge to help security teams detect earlier, investigate faster, and respond smarter
RSA Conference – SAN FRANCISCO – April 28, 2025 – Sumo Logic, the leading SaaS Log Analytics Platform, today announced a number of new security capabilities that help organizations build and operate intelligent security operations to reduce risks, accelerate threat containment, and ensure stronger security postures. These innovations will be on display this week at booth #6261 at the RSA Conference 2025.
“With the rise of AI-powered attacks, dynamically scaling cloud environments, and growing data complexity, legacy solutions are significantly slowing detection and response,” said Keith Kuchler, Chief Development Officer for Sumo Logic. “The innovations we’re unveiling at RSA this week fuel DevSecOps via the power of logs by centralizing security log management at scale to deliver intelligence through actionable insights that modern SecOps teams need to stay ahead of the evolving threat landscape without suffering from alert fatigue.”
AI-powered threat detection and response shrinks resolution time to near-zero
Sumo Logic transforms security teams from overwhelmed responders into proactive defenders, reducing risks, accelerating threat containment, and ensuring a more resilient security posture.
New and updated capabilities bring together telemetry, context, automation, and AI to give teams the upper hand against modern threats by increasing fidelity, reducing friction, and improving security outcomes. These innovations include:
Multiple Threat Intelligence Feeds - Sumo Logic’s Threat Intelligence now supports multiple threat intelligence feeds, allowing organizations to integrate their own feeds via STIX/TAXII to expand visibility and tailor intelligence to their risk profile. Sumo Logic delivers broader, real-time context to ensure high-fidelity alerts and actionable insights at machine speed.
UEBA Historical Baselining - Sumo Logic UEBA rapidly baselines user and entity behaviors in minutes to improve threat detection accuracy. It analyzes historical data to train detection models that dynamically adapt to changes, reducing alert fatigue and improving accuracy. By identifying anomalies based on learned behavior instead of static thresholds, analysts can receive smarter alerts with fewer false positives. This approach enables earlier threat detection, especially for insider threats or compromised credentials, while minimizing the need for manual tuning.
Detection-as-Code - This new implementation bridges security and DevOps workflows, improving rule accuracy, consistency, and automation by allowing teams to manage detection rules in development environments like GitHub while syncing directly with their live Sumo Logic instance. Applying software development practices to threat detection—testing, refining, and deploying detection logic at scale - brings agility, precision, and automation to rule management and threat coverage.
AI-Driven Insight Summaries Prototype - Sumo Logic’s AI-Driven Insight Summaries automatically generate concise, actionable summaries from large volumes of log and detection data. Powered by generative AI, this feature identifies key patterns, extracts relevant context, and highlights likely root causes, saving analysts hours of investigation time. It enables security teams to quickly understand threats, prioritize actions, and respond decisively—without sifting through mountains of raw data.
What customers are saying
Sumo Logic’s cloud-native, AI-driven platform integrates logs-first analytics, Cloud SIEM, and SOAR to quickly ingest, normalize, and analyze terabytes of data while orchestrating automated responses to evolving threats. Customers are already seeing results across threat detection, SOC maturity, and operational efficiency, with forward momentum toward intelligent security operations.
“We rely on Sumo Logic’s scheduled searches to actively monitor for IOCs during incidents. This lets us focus on addressing ongoing incidents while staying on top of any emerging threats. With Sumo Logic, we can effectively manage incidents and be vigilant for potential additional threats."
Bruno Miguel Cruz Braga, Head of SecOps, TrueLayer
“By filtering out the noise and pinpointing critical insights, Sumo Logic allows us to improve our team’s efficacy. We’re able to zero in on the most pressing threats and reduce alert fatigue.”
Tarek Chalaan, SOC Manager at Security Centric
"Sumo Logic has made my life much easier. It saves me a significant amount of time and allows our team to streamline daily tasks. This gives us the opportunity to focus on new integrations and enhance our overall security posture. As a security engineer, it's important to constantly improve and work on new things, and Sumo Logic has been a game changer in that regard."
Jordan Andonov, Security Engineer at OpenPayd
“Sumo Logic’s Cloud SIEM’s out-of-the-box rules are powerful. Tuning them for our organization and infrastructure helped familiarize ourselves with the tool, prove value in our investment, and optimize the platform so we could focus on true alarms that require our attention.”
Huseyin Karaarslan, Senior Security Engineer, Roku
Resources
Read launch blog
Read about why threat intelligence is essential for cybersecurity
Watch this micro lesson to learn the key features of the Sumo Logic Threat Intelligence
Download our Threat Intelligence solutions brief
Register for a free trial
About Sumo Logic
Sumo Logic, Inc. unifies and analyzes enterprise data, translating it into actionable insights through one AI-powered cloud-native log analytics platform. This single source of truth enables Dev, Sec and Ops teams to simplify complexity, collaborate efficiently and accelerate data-driven decisions that drive business value. Customers around the world rely on the Sumo Logic SaaS Log Analytics Platform for trusted insights to ensure application reliability, secure and protect against modern security threats, and gain insights into their cloud infrastructures. For more information, visit www.sumologic.com.
Any information regarding offerings, updates, functionality, or other modifications, including release dates, is subject to change without notice. The development, release, and timing of any offering, update, functionality, or modification described herein remains at the sole discretion of Sumo Logic and should not be relied upon in making a purchase decision, nor as a representation, warranty, or commitment to deliver specific offerings, updates, functionalities, or modifications in the future.
Media Contact
Melissa Beck, Sumo Logic
