Sumo Logic Customer Brown Bag Session 「General Security Mindset and Best Practices of Sumo Logic Security App Catalog」

Introduction

Hemanth from the Alliance Department here. In this blog i wanted to share insight of a recent webinar that caught my attention: Sumo Logic Customer Brown Bag Session "General Security Mindset and Best Practices of Sumo Logic Security App Catalog".

Sumo Logic

A cloud-based log management and analytics software called Sumo Logic which enables businesses to exploit their machine data for useful insights. Sumo Logic's flexible capabilities make log data analysis simple and offer real-time visibility into operational and security insights.

Speaker for the Session

Session was led by JT RakitanJT Rakitan, Security Product Marketer

The Need of Security Measures

According to recent figures, security breaches cost $4.45 million on average every day, and smaller businesses are rapidly becoming targets. The MGM intrusion, in particular, is a sobering reminder of the ever expanding threat landscape. The frequency of security breaches is rising since financial gain is the primary motivation for cybercriminals. With an average of 315 SaaS apps to oversee, secure, and administer, Sumo Logic steps in to efficiently expedite this procedure.

On-premises Security vs Cloud Security

On premises security is all about 1 perimeter which is something like guards like actual physical security protecting secrets of national importance, etc. Now based of AWS Shared Responsibility model we have something called micro perimeters now thinking back of 351 apps and each have micro perimeter that needs to be secure. Based on this model AWS is responsible for the security of the cloud like the infrastructure securing. However data and security inside the cloud responsibility of the customer.

Security is Critical even for Small Businesses

The truth differs from the popular belief that small enterprises are immune to cyberattacks. The Attacks on them range from social engineering schemes to system invasions which can have disastrous financial consequences. Thus, regardless of the size of the company, developing a solid security structure and following best security practices are crucial.

Common Security Challenges addressed by Sumo Logic

Sumo Logic tackles a number of important security issues, such as complexity, threat visibility, lack of manpower and experience, identifying undiscovered risks, and growing expenses. One such example is Sumo Logic cloud SEIM capability—in particular, its User and Entity Behavioral Analytics (UEBA).

Start your Security Journey with Sumo Logic

The first step toward strong security is efficient log handling. In this sense, Sumo Logic shines since it centralizes all logs into an extensive security data lake, which facilitates smooth data analysis for a range of roles and responsibilities. Its powerful analytics and cloud SEIM capabilities also offer real-time threat monitoring and deeper insights.

Sumo Logic App catalog Demo

Using the Sumo Logic App Catalog, we were able to find a wide range of security apps tailored to particular use cases. The straightforward installation procedure and intelligent dashboards highlight Sumo Logic's dedication to providing a complete security experience.

Sign in to your Sumo Logic account and navigate to the App Catalog.
Utilize the search bar to find a specific app that suits your requirements On the left-hand side, select a specific category (AWS, database, devops, etc.). Choose "Security and Compliance" to access a plethora of security and Compliance related and apps. Once you've found the desired app, click on Install. Enter your source category and proceed to the next step successful creation of your dashboards A closer look at the "Failed Sign-Ins" dashboard to gain an understanding of its functionality.

Sumo Logic Community Ecosystem apps

The Sumo Logic Community Ecosystem functions as a central location for developing, exchanging, and utilizing a range of apps. Examine the plethora of community-driven applications, all of which add to a stronger and safer environment.

Security Practices to keep in mind

Focus on mainly 3 areas

Stay Updated

Latest security patches for both software and firmware update. Proper backup for critical data.

Stay Informed

Keep tabs on latest breaches and vulnerabilities eg: google alerts. Review annual Breach reports such as Crowdstrike threat report.

Stay Ready

Review and update access credentials and previliges as necessary. conduct routine security training and audits. practice, practice and practice.

References

Cost of Data Breach Report - IBM

Data Breach Investigation Report - Verizon

MGM Casino Hack - Read more about it here

Explore the Sumo Logic Community Ecosystem and its range of apps here

Find more information on Sumo Logic's Apps and Integrations in the official documentation here