Sumo Logic Enhances Security Analytics with Amazon GuardDuty Integration

Integration with Amazon GuardDuty Continuous Security Monitoring Service Provides Real-Time Actionable View of Amazon Web Services to Bolster Protection of Cloud Application and Data


LAS VEGAS, Nov. 29, 2017 (GLOBE NEWSWIRE) -- AWS re:INVENT -- Sumo Logic, a leading cloud-native, machine data analytics platform that delivers continuous intelligence, today announced an integration with Amazon GuardDuty, a new Amazon Web Services (AWS) continuous security monitoring and threat detection service. Coupled with existing monitoring and threat intelligence applications on AWS, including Amazon Virtual Private Cloud (Amazon VPC) and AWS CloudTrail event logs, the new integration provides real-time contextual and actionable visibility on AWS for the continuous intelligence that Security Operations (SecOps) teams need to rapidly detect, investigate and remediate potential threats. The integration of Sumo Logic and Amazon GuardDuty helps security teams reduce the time and resources required to protect cloud applications and critical data. Sumo Logic’s integration with Amazon GuardDuty will be showcased at Sumo Logic’s booth #1804 at AWS re:Invent 2017 in Las Vegas this week.

According to the Ponemon Institute, the odds of an organization experiencing a data breach are one in four, making data security a top concern for organizations of all sizes. IT teams are battling the tsunami of data within their infrastructure and modern applications, challenging them to figure out how to effectively monitor and correlate data to get the deep insights needed to identify and respond to security incidents and mitigate damage. Sumo Logic’s integration with Amazon GuardDuty helps security teams pull in AWS security findings and alerts in real-time to help organizations increase the velocity and accuracy of threat detection in modern applications.

“Amazon GuardDuty delivers a continuous security monitoring solution to identify and respond to AWS-specific security events," said Randy Streu, VP of business development for Sumo Logic. “As a long time AWS design technology partner, we are excited to be able to expand our comprehensive and best-in-class security analytics solution support on AWS, multi-cloud and on-premises applications and architectures to give customers real-time intelligent security monitoring, threat detection, and data analytics to help strengthen the protection of critical cloud applications and data.” 

Amazon GuardDuty can be enabled with a few clicks in the AWS Management Console to immediately start analyzing billions of events across multiple AWS data sources such as AWS CloudTrail, Amazon VPC and DNS Query Logs. Amazon GuardDuty uses threat intelligence feeds, behavioral analytics and machine learning to detect threats more accurately. Amazon GuardDuty can detect Amazon Elastic Compute Cloud (Amazon EC2) instances serving malware or mining bitcoin. It can detect attackers probing web servers for known application vulnerabilities, or accessing AWS resources from an unusual geo-location. It also monitors AWS account access behavior for signs of compromise, such as unauthorized infrastructure deployments or unusual API calls. When a threat is detected, Amazon GuardDuty delivers a detailed and actionable security finding to AWS CloudWatch Events.

“Sumo Logic’s machine data analytics platform enables security teams to conduct deeper investigation of activity associated with Amazon GuardDuty alerts and the resources affected,” said David Wright, general manager, Global ISV Partners for Sumo Logic. “With Amazon GuardDuty and Sumo Logic, customers get intelligent security monitoring, threat detection, and data analytics build for the scale and flexibility of the cloud.”

Sumo Logic provides an integrated suite of applications that provides automated predictive analytics and deep insights for SecOps teams to help them more effectively manage and audit their entire modern application environment. In addition, Sumo Logic delivers comprehensive visibility into the security and compliance posture of applications running on AWS, including Amazon Inspector, AWS Config, AWS CIS Benchmarks and Threat Intelligence, powered by CrowdStrike.

Additional Resources

  • Visit Sumo Logic at AWS re:Invent at Booth #1804
  • Read more about the integration with AWS Guard Duty on our blog
  • Learn more about Sumo Logic’s security analytics capabilities
  • Sign up for Sumo Logic for free

About Sumo Logic
Sumo Logic is a secure, cloud-native, machine data analytics service, delivering real-time, continuous intelligence from structured, semi-structured and unstructured data across the entire application lifecycle and stack. More than 1,500 customers around the globe rely on Sumo Logic for the analytics and insights to build, run and secure their modern applications and cloud infrastructures. With Sumo Logic, customers gain a multi-tenant, service-model advantage to accelerate their shift to continuous innovation, increasing competitive advantage, business value and growth.

Founded in 2010, Sumo Logic is a privately held company based in Redwood City, CA and is backed by Accel Partners, DFJ, Greylock Partners, IVP, Sequoia Capital and Sutter Hill Ventures. For more information, visit www.sumologic.com.

Media Contacts
Melissa Liton
Sumo Logic
mliton@sumologic.com
(650) 814-3882

Danielle Salvato-Earl
Kulesa Faul for Sumo Logic
sumo@kulesafaul.com
(650) 922-7287