Build a modern security intelligence program with Sumo Logic that combines DevSecOps practices, Cloud SIEM insights, and automation to detect, investigate, and respond faster while ensuring compliance
Free with your book: DRM-free PDF version + access to Packt's next-gen Reader*
Key Features:
- Master essential skills for security monitoring and analytics using Sumo Logic
- Perform advanced threat hunting using Cloud SIEM in Sumo Logic
- Get up to speed quickly and easily with this practical guide for security analysts
- Purchase of the print or Kindle book includes a free PDF eBook
Book Description:
Modernize your security operations with Sumo Logic's Continuous Intelligence Platform that delivers real-time detection, analysis, and response to threats, and find out how it enables security teams to unify monitoring, apply advanced analytics, and strengthen defenses across diverse environments.
Step by step, this guide takes you through configuring Sumo Logic to ingest and visualize log data, running versatile queries, and using Security Apps to meet compliance and audit demands. You'll learn how to take full advantage of Cloud SIEM by creating enriched records, building correlation rules, proactively threat hunting, and tuning signals to reduce false positives.
Beyond traditional SIEM use cases, discover how Sumo Logic supports modern DevSecOps practices that embed security into the development lifecycle without compromising delivery speed and features such as entity inventory, third-party integrations, and best practices that enhance investigation and detection accuracy.
Finally, you'll prepare for the future of security intelligence, where automation, machine learning, and AI-driven insights reshape threat defense, ensuring you're ready to transform your security operations with Sumo Logic Cloud SIEM.
*Email sign-up and proof of purchase required
What You Will Learn:
- Discover why advanced security intelligence matters and how to achieve it with Sumo Logic
- Explore the Sumo Logic platform to perform security monitoring and analytics
- Understand Sumo Logic Cloud SIEM and modernize your security operations
- Leverage Sumo Logic's cloud-native SIEM for threat detection and threat hunting
- Implement best practices and techniques to make full use of what Sumo Logic offers
- Adapt to the future of security intelligence
Who this book is for:
The book covers everything from basics to best practices so that you can make the most of Sumo Logic. It equips you with the practical knowledge that transforms how you develop and implement cybersecurity intelligence solutions.
Table of Contents
- Introduction to Sumo Logic
- The Role of DevSecOps
- Measuring Security Outcomes and Performance
- Setting Up Your First Collector
- Ingesting Data
- Analyzing Data
- Metrics
- Alerting, Monitoring, and Visualizing Data
- Cloud SIEM
- The Insight Engine
- The Automation Service and Playbooks
- Bringing a Security Intelligence Program to Life with Sumo Logic
- Compliance and Reporting
- The Future of Security Intelligence
Clawson, Chas: - Chas Clawson is a Field CTO and educator with 15 years of experience in consulting and building SecOps best practices. For the past five years at Sumo Logic, they've advised customers on SIEM, detection engineering, and incident response at scale. Earlier, Chas served on the NSA (U.S. Department of Defense) Red Team, supporting adversary-emulation exercises for federal "three-letter" agencies. In industry, they have led MSSP practices as both a SIEM architect and an analyst. Chas currently teaches Networking & Cyber Security as a Professor at the University of Maryland Global College.
Kireeve, Bogdan: - Bogdan is a Solutions Engineer at Sumo Logic, with over 7 years of experience in cyber security, from threat intelligence to security response and operations. Bogdan also has consulted at large banks in order to defend against large-scale cyber attack vectors and has been involved with architecting and deploying secure cloud environments. Currently, Bogdan is supporting hundreds of Sumo Logic prospects and customers to explore innovative technologies cyber security and observability.
