As Security Centric’s customer base grew and our security operations matured, we saw an opportunity to leverage Sumo Logic’s latest platform innovations. Our team was using Sumo Logic’s Log Analytics Platform, security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solutions.
By further integrating the Platform, Cloud SIEM, and Cloud SOAR into our internal security processes, Security Centric sought to improve efficiency, achieve faster threat detection, and better align with their diverse customer needs.
This collaborative relationship with Sumo Logic allowed Security Centric to provide valuable feedback, influence product development, and ensure that both our security operations and Sumo Logic’s product roadmap evolved in tandem.
Security Centric continues to choose Sumo Logic as our vendor of choice for these top reasons:
Unified data collection with universal collector and OpenTelemetry Sumo Logic’s universal collector and OpenTelemetry support have streamlined data collection and processing of diverse data sources for Security Centric. With this feature, Security Centric continues to scale its security infrastructure without worrying about compatibility issues, even if we decide to adopt new platforms in the future.
Sumo Logic handles the heavy lifting by integrating different data sources clients have into one platform and normalising them, which simplifies what would otherwise be a challenge
- Tarek Chaalan, SOC Manager
Advanced SOAR capabilities and custom playbooks Security Centric developed and deployed custom playbooks, which streamlined our security operations, reduced manual intervention, and improved efficiency when mitigating client-side security risks.
Ongoing customer support and collaboration Any issues or questions we had were quickly addressed, and we received consistent and effective customer support no matter the situation. "It’s not about the product. It’s about the people. It’s about the people behind the product and the support they’re providing. That’s the strength of Sumo Logic."
Seamless ingestion of structured and unstructured data Sumo Logic’s user-friendly interface allowed Security Centric to quickly implement the Platform into our security operations, reducing onboarding time and making it easy for our SOC team to efficiently process and analyse diverse data types.
As Security Centric’s customer base expanded, each with its own unique requirements and data sources, the SOC team easily customised the solution for deeper insights into our clients’ distinct security environments.
One of the hardest parts about SIEM is parsing logs. Parsing the logs is one of the toughest things you can have in a product. With Sumo Logic, I didn't have to worry about log parsing and creating custom parsing for unsupported log sources.
Improved SLA response times With Sumo Logic’s real-time detection, automated incident analysis, and rapid notification, Security Centric kept incident response times well below our SLA commitment. "Once Sumo Logic's Cloud SIEM generates an incident, we ensure SLA response times are consistently met. Our team promptly picks up the incident, analyses it, updates the severity if necessary, provides a conclusive analysis, and takes the appropriate action using Sumo Logic's CSE automation or Cloud SOAR. All of this is done within our SLA commitment."
Expanded incident response capacity and improved compliance maturity Our partnership with Sumo Logic helps them manage a high volume of incidents with efficiency. A team of analysts on shift can process up to 100 incident alerts per minute. We achieved this scalability through a custom integration on Sumo Logic’s API and automation tools, using Apache Zeppelin.
Sumo Logic helped our team close security gaps, improve compliance, and foster better cybersecurity practices within client organisations. "Our role is not to just stop external threats. It's also to assist the organisation to mature and enhance their compliance level."
Query support with Sumo Logic Mo Copilot Simplicity and efficiency are vital for Security Centric’s SOC team. Sumo Logic Mo Copilot streamlines complex query creation and offers intelligent suggestions for Security Centric. "What I love about Sumo Logic Mo Copilot is how quickly I can write and visualise a log query. Many times, a client will ask me for a query, and I simply search for it on Copilot, and provide it to them instantly. It’s a huge value add for partners."
96% noise reduction Handling over 300k daily signals and reducing them to 200 actionable insights, Sumo Logic helped Security Centric’s SOC team effectively prioritise which alerts needed analysis or investigation, allowing analysts to focus on approximately nine critical issues per day. The security team can handle a high volume of data and focus on what truly matters most — helping clients improve their cybersecurity hygiene.
You can also read the case study on Sumo's website.By filtering out the noise and pinpointing critical insights, Sumo Logic allows us to improve our team’s efficacy. We’re able to zero in on the most pressing threats and reduce alert fatigue.