While we are a long way from implementing Skynet, using machine learning combined with automation to make real-time decisions is here. In a recent talk at Sumo Logic Illuminate, Dave Frampton, General Manager of Cloud SIEM and Security Analytics, discusses the future of security with Vijaya Kaza, Head of Engineering and Data Science for Trust & Safety and Chief Security Officer at Airbnb. Kaza describes how automation, machine learning and AI can strengthen a company's overall security posture.
Technology environments are rapidly evolving as organizations look to remain competitive, accelerate innovation and make themselves more agile. But in the process, many of the observers, i.e., stakeholders who track infrastructure and application metrics, are falling behind, unable to monitor and manage modern, cloud-native apps and multi-cloud environments due to the complexity that comes with them.
We’re excited to announce updates to Sumo Logic AWS Quick Start Integrations that enable customers to automate the integration of AWS Security Reference Architecture within Sumo Logic Cloud SIEM powered by AWS. The new integrations automate the collection, ingestion, and analysis of applications, infrastructure, security, and IoT data to derive actionable insights for security engineering teams.
Let’s take a look into why and how you should be closely monitoring your Windows server environments from a security perspective. We’ll investigate the types of logs, events and other actions that you should consider. Finally, we’ll look at how you centralize monitoring into a central dashboard, and automate many of the tedious aspects of Windows security monitoring.
Back in 2018, AWS first released its Graviton processor—their 64-bit Arm processor—and followed that with the release of Graviton2—Version 2 — just a year later. Now customers running ECS and EKS on EC2 can choose between X86 and ARM64 depending on which processor best fits their application workload.
Enterprise SOCs are becoming a crucial part of most organizations’ management departments due to the increase in digitization and interconnectivity. SOCs play a major role in monitoring, managing, and responding to security alerts within a company's daily operations. Since cyber attacks have become more sophisticated, the requirements for SOCs have changed due to increased volumes of data, the complexity of security ecosystem tools, and increased data sources and attack vectors. When it comes to efficiency, SOCs need to expand their focus beyond log management and data analytics to include more advanced functionalities such as automation, leveraging big data and AI for intelligent decision support, and increasing visibility into their product through observability.
Application performance management (APM) and distributed tracing are practices that many teams have been using for years to help detect and mitigate performance issues within applications—while the first one was born in the era of big single-host monoliths, the latter is especially useful for distributed applications that use a microservices architecture, in which tracing is critical for pinpointing the source of performance issues.
When you’re planning an application performance monitoring (APM) strategy, collecting metrics from storage services like Amazon S3 may not seem like a priority. After all, part of the point of object storage is that applications can read and write from storage buckets seamlessly, with minimal configuration and overhead.
In today's digital transformation journey, observability has emerged as the hot topic. The ability to capture, analyze and correlate all of your machine data is critical to ensure you can meet your reliability objectives. Every level of the application stack emits logs, metrics, traces, and events. The collection of all of these signals is the first step of having an observable system.