SIEM & Logifle Analysis


SIEM & Logifle Analysis

Key Tenets of the Modern Enterprise Observability & The Sumo Security Architecture (MESA) 
1. Cloud Architected & Delivered - Modern threat surfaces create massive dynamic data volumes which require cloud elastic scale performance and on demand provisioning
2. Unified Security Across Full Stack - Digitizing businesses require expanding the traditional infrastructure defense into the application layer
3. Integrated IT, DevOps & Security - Emerging security incident to recovery workflows require seamless collaboration, shared data, coordinated analytics across previously silo’d groups & tools
4. Cloud Scale Economics - Data volumes & unpredictable bursts require flexible consumption models which grow costs at much slower rates than data inputs
5. DevSecOps Across the Digital Life Cycle - Digitizing businesses with internet facing applications require tighter closed-loop life cycle security across build, deploy and run phases

The Modern Enterprise Security Architecture
Sumo Logic’s Modern Enterprise Security Architecture (MESA) framework defines the core requirements for securing a modern cloud business and how a combination of different tools, technologies and vendors must be assembled in new ways to provide a complete and effective solution. In addition, the framework lays out key transitions occurring in evolving solution categories, a continuous intelligence platform to integrate data, analytics, and visibility, and a closed loop model in which SOC and SIEM monitoring of production applications is linked to DevSecOps and application security.For example, linking cross site vulnerabilities in an application to specific monitoring and alerting logic in the SIEM for that application requires new collaboration workflows and intelligence sharing across several previously siloed systems.