Jakub JirsÃ¡k - stock.adobe.com
Continuous intelligence specialist Sumo Logic has acquired cloud-native autonomous security operations centre (Asoc) software supplier Jask Labs for an undisclosed sum, bringing together Sumo Logic’s own platform – which includes cloud SIEM (security information and event management) and compliance solutions – with Jask’s offering to deliver cloud-native security intelligence.
Jask’s product is designed to improve workflows for security analysts by automating some of the more repetitive parts of the job and putting an end to alert fatigue. By integrating this with Sumo Logic’s cloud SIEM, the aim is to generate actionable insights from said alerts, enabling analysts get on top of incidents more quickly.
It will be bundled into Sumo Logic’s Continuous Intelligence Platform service by the end of 2019, said Sumo Logic. Delivered as a service, the upgraded product will link emerging DevSecOps models with downstream Soc [security operations centre] workflows. Sumo Logic said this would “close the loop for adaptive cloud-scale defence”.
Ramin Sayar, president and CEO of Sumo Logic, said: “Security in the modern world is moving from a human-scale problem to a machine-scale problem.
“Customers are looking for a approach to help them overcome the pain and complexity around an increasingly perimeter-less world. The Jask team are experts in helping customers navigate this world. By aligning our efforts as a single team, we are able to democratise security intelligence for all.”
Sayar cited recent work by analysts at Dimensional Research that purported to show that security analytics tools – particularly legacy SIEM tools – were, by and large, failing to deliver when it comes to actionable insights. Dimensional claimed that 93% of security professionals reckoned traditional SIEM products were ineffective in cloud environments.
Further pain came from myriad alerts, incomplete visibility of the application stack, and siloed tools and teams, meaning they could not effectively operate modern Socs.
Scott Crawford, research vice-president of security at 451 Research, said: “While SIEM was one of the markets in security analytics and helped define security operations, the rise of the cloud and digital transformation initiatives have challenged security teams to find ways to effectively monitor and defend against attacks at scale and better automate response.
Read more about SIEM
- SIEM supplier LogRhythm introduces three-year, term-based pricing that lets enterprises ingest as much data as they want without breaking the bank.
- Endgame agents can now send endpoint security data to the Elastic SIEM, but UI and data schema integration – and the ability to take action on endpoints – will come next year.
- More organisations are using SIEM, AI and cloud technology to minimise security breaches. Though despite interest, this combination is still in its infancy.
“Jask’s approach to Soc automation complements Sumo Logic’s cloud SIEM and security analytics capabilities to help organisations tackle these disruptive challenges to traditional security approaches.”
Jask CEO Greg Martin, who will move across to become vice-president and general manager of Sumo Logic’s security business unit, added: “The team at Jask set out to fundamentally disrupt traditional security solutions that are no longer meeting the needs of modern security teams.
“Over the past five years, we’ve worked with customers and experts on the front lines of this disruption to uncover what will truly have an impact on improving the performance of security analysts that have been mired with alert fatigue. We’re excited to bring together our collective security DNA and joint customers and partners to create a powerful security intelligence solution that provides a cloud-native best-in-class modern Soc and analytics solution.”