AWS and Sumo Logic Webinar: Simplify Compliance with Proactive Machine Data Analytics
•Download as PPTX, PDF•
1 like•1,486 views
Sumo Logic’s proactive security analytics helps customers gain critical, real-time visbility into their AWS and on-premises infrastructure. Guaranteed query performance combined with purpose built applications, pre built searches, dashboards and reports help you demonstrate compliance in real-time while reducing the cost and time associated with audits. By correlating logs across various data sources you can reduce false-positives and run detailed root-cause analysis. Join this webinar to learn how: •InsideView is leveraging AWS CloudTrail and Sumo Logic to meet security and compliance requirements •Pattern recognition and Anomaly Detection can uncover compliance events in real-time •You can automatically adapt to changing compliance needs •AWS and Sumo Logic can help you reduce audit costs and cycles
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to AWS and Sumo Logic Webinar: Simplify Compliance with Proactive Machine Data Analytics
Similar to AWS and Sumo Logic Webinar: Simplify Compliance with Proactive Machine Data Analytics (20)
More from Sumo Logic
More from Sumo Logic (20)
Recently uploaded
Recently uploaded (20)
AWS and Sumo Logic Webinar: Simplify Compliance with Proactive Machine Data Analytics
- 1. Simplify Compliance with Proactive Machine Data Analytics Brandon Mensing Solutions Engineer Sumo Logic Confidential
- 2. Sumo Logic- An Overview The Sumo Logic Advantage Customer Case Study: InsideView Q&A Wrap Up Agenda
- 3. Search Visualize Predict Applications Mobile Internet of Things Network and Server The Machine Data Challenge
- 4. On-Prem Data Centers Cloud Sources Collector Collector Powerful & Secure Architecture, Effortless Deployment Hybrid Data Sources Private Public PaaSIaaS SaaS Hosted Collector
- 5. Sumo Logic Enterprise Security Analytics Sumo Logic Confidential Security ApplicationsLogReduce Reduce log messages into patterns Search across multiple data sources Reduce MTTI by 50% or More Annotate results, influence future ranking Anomaly Detection Automatically detect unknown events Predictive machine – learning analytics Continuously Demonstrate Compliance Annotate anomalies for future reference 5
- 6. Applications for AWS Services
- 7. Sumo Logic Confidential Sumo Logic Application for CloudTrail 7 User Monitoring Network & Security Operations
- 8. User Monitoring Geo Location of All Users Main users in the AWS account Admin users activities over time Recent Activity by Administrative Users Launched and terminated instances by user Operations Requested AWS services over time API calls by AWS region Elastic IP address operations Created and deleted resources over time Network and Security Authorization failures over time Created and Deleted Network Security Events Network and Security Events Over Time Recent Security Group and Network ACL Changes Network ACL with All Allowed Ingress/Egress CloudTrail Use Cases
- 9. AWS CLOUD TRAIL DEMO Sumo Logic Confidential
- 10. InsideView is a market intelligence platform that aggregates, curates and delivers inside information and intelligence about customer’s target market Multiple Accounts in AWS Legacy infrastructure on-prem Plan to load-balance workloads Sumo Logic tied to key production account Use AWS CloudTrail to gather compliance logs Believe in the value of Sumo Logic and AWS integration
- 11. Sumo Logic Confidential Challenges • Visibility across hybrid infrastructure • Querying across cloud and on-prem sources to demonstrate ISO 27000 series compliance • Analyzing compliance logs generated by AWS CloudTrail • Monitoring and auditing access to widespread resources • Did not want costly and complex on-premise analytics solutions • Wanted a comprehensive solution that could cover current and future compliance needs
- 12. Sumo Logic Confidential Results with Sumo Logic • Simplified querying across hybrid infrastructure for end-to-end infrastructure monitoring • Leverage the Sumo Logic Application for AWS CloudTrail to monitor compliance logs • The Application simplifies real-time monitoring with pre-built searches, dashboards and reports • AWS CloudTrail gathers compliance log data for every command generated and Sumo Logic analyzes in real-time • Role-based access grants teams and individuals appropriate permissions which aids in meeting compliance • Sumo Logic helps audit access to resources and the associated user actions that is helping meet ISO 27000 requirements • Sumo was far less complex and costly as compared to the leading competitive solution • Looking to use Sumo Logic for other compliance needs in the future
- 13. SaaS infrastructure, fully operational within hours Guaranteed 5X plus elastic index bursting and SLA’s on query performance Reduce compliance audit costs by 30% , diminish complexity associated with security and compliance audits Future proof your investment with applications that adapt to changing compliance Built-in Machine Learning with Anomaly Detection and LogReduce Secure by Design service complies with all major regulations One service does it all – works with on-prem and cloud data sources to provide security, operations and business insights Advantage The
Editor's Notes
- Why Machine data insights are critical for organizations 1.Customer challenges: Massive Explosion of data types and sources ( apps, cloud, on-prem, IOT) is resulting in: -Fragmented infrastructures (cloud/on-prem) and gaining end to end visibility across these environments is becoming challenging --Complex application environments and plethora of devices is adding to the chaos as IT is loosing visibility and control - This results in Amplified availability, security and compliance challenges 2. Sumo Logic is a cloud based machine data intelligence service that helps organizations get comprehensive visibility across all infrastructures, applications, networks etc. and helps you transform these challenges into business advantages: Powerful analytics engine helps you get meaningful insights such as availability, performance, security and customer insights through search, pattern recognition , brilliant visualization and proactive machine learning features.
- We are different! We are a service. We are in the cloud. Because we are a SaaS service, we can overcome the limitations of traditional solutions and offer unique differentiators such as: We can ingest data from any source including on-prem and any cloud source, so you get a single solution to query across your entire infrastructure Sumo Logic offers guaranteed 5X plus elastic index bursting to help customers meet seasonal and unexpected surges on-demand, without investing in expensive hardware. Sumo Logic offers Service Level Agreements (SLAs) on query performance Also notice what is missing in this picture. The machines monitoring the machines!. We are an effortless service offering industry –leading Mean time to value. The service can be set up within minutes and requires no additional investment We run on AWS, the most reliable cloud platform. We leverage the performance and security features the platform offers and have build additional capabilities on top of it. We are secure by design - SOC 2 Type II, HIPAA, FIPS 140, US-EU Safe Harbor , encryption at rest and in transit We are also a AWS advanced technology partner and a big data competency partner
- ANIMATION ON SLIDE – Sumo Logic Enterprise Security Analytics helps enterprises strengthen their security and compliance posture by transforming separate, reactive, and manual processes to integrated, proactive and automated ones. Our next-gen analytics engine is powered by 3 key differentiated capabilities 1.LogReduce Sifting through hundreds of thousands of security logs to identify a specific issue is an extremely challenging undertaking. Sumo Logic drastically simplifies querying by correlating logs across various data sources to reduce false-positives and the patent-pending LogReduce technology reduces hundreds of thousands of pages of results into a handful of meaningful patterns so you focus on events that matter. LogReduce™ helps to reduce the mean time to resolution by 50 percent or more. 2.Anomaly Detection Leveraging machine learning, Anomaly Detection extends beyond the human limitation of pre-defined rules and reports to unearth the “unknown unknowns” within enterprise data sets in real-time. Traditional solutions, which are more static in their approach, cannot address the dynamic security threats that organizations face today. Users can annotate and add contextual information to express future event detection and response time 3.Enterprise Applications Help customers started with the service within minutes. Real-time, infrastructure monitoring with purpose built compliance apps, pre built searches, dashboards and reports make compliance adherence and audits a breeze. And because Sumo Logic is a cloud-based service, it routinely updates the compliance applications to meet current regulations so customers can automatically adapt to changing compliance needs with minimal effort.
- We deliver seamless experiences to all AWS customers via pre –built integrations and application for key AWS services such as CloudFront, S3, CloudTrail and ELB. The real-time dashboards are built with customer feedback to help monitor your AWS infrastructure for availability, security , compliance and customer insights effortlessly
- Lets dig into our application for AWS CloudTrail. This is a popular application used by most of our customers that run part or their entire infrastructure in AWS. Our customers tell us : They use AWS CloudTrail because its a great tool for collecting all compliance logs into the S3 bucket They need a solution that can help them then audit, monitor these logs for security, compliance and governance purposes Our application allows customers get insights around user access monitoring, network and security infrasture and operations visibility. Our customers are able to demonstrate compliance in real-time with purpose built dashboards, searches and reports. Let take a look at how it all works (demo)
- The Sumo Logic differentiators include: Security-as-a-service, fully operational within hours with pre-built views, reports and dashboards On-demand elastic scale to meet planned and unexpected spikes End- to-end infrastructure monitoring , source no bar Simplify and automate PCI audit processes and reduce audit cost and duration No need to worry about changing compliance – we adapt our app and do the work so you don’t have to
- On average traditional SIEMs can handle 3,000 EPS which is the equivalent of 100 - 200 GB / Day Enable high –speed forensic investigations, reduce MTTI of security incidents by up to 40%