The IT Nerd

Sumo Logic today announced new advancements to Sumo Logic Dojo AI, its agentic AI platform for security operations. This expansion of Dojo AI introduces new agents, including SOC Analyst Agent, Knowledge Agent, and a Model Context Protocol (MCP) server. These new agents help security teams reduce alert fatigue, accelerate investigations, and streamline security workflows, allowing customers to focus on real threats and respond more effectively. These innovations will be on display at AWS re:Invent 2025, at Sumo Logic’s booth #1329.

Modern security operations centers (SOCs) face a perfect storm of complexity: growing alert volumes, fragmented tools, and pressure to respond faster than ever. Dojo AI brings intelligence and control to this frantic environment, combining agentic AI, log intelligence, and secure model integration to transform how investigations are conducted.

Launched earlier this year, Dojo AI is Sumo Logic’s agentic AI system for Intelligent Security Operations. Within the Dojo, agents can ingest signals and develop context-aware responses. This continuous feedback ensures agents improve over time, become more resilient, and deliver higher-fidelity insights when deployed in production. Dojo AI is an enterprise-grade, agentic AI platform purpose-built for the modern SOC and gives security teams the ability to analyze the highest value security issues facing their organization at any given moment.

Sumo Logic Dojo AI New Capabilities

• SOC Analyst Agent (Beta) — The SOC Analyst Agent applies agentic AI reasoning to streamline triage and investigation. It delivers verdicts on alert severity, collects related activity, and presents a clear context for analysts to quickly understand impact and scope. By filtering out noise and repetitive reviews, analysts can focus on real threats and potentially achieve faster, more consistent outcomes across teams.

• Knowledge Agent — The Knowledge Agent provides immediate, AI-powered answers to “how-to” questions in natural language, reducing friction and accelerating onboarding. By asking Mobot — Dojo AI’s conversational interface — users receive straightforward, citable responses drawn from documentation and product knowledge, empowering efficient self-service and faster platform adoption.

• Sumo Logic Model Context Protocol (MCP) Server (Prototype) — The Sumo Logic MCP Server extends Dojo AI into a connected, agentic ecosystem. It integrates customer-owned copilots, proprietary models, and third-party AI systems into the Dojo, allowing organizations to bring their own AI while maintaining Sumo Logic’s scale, consistency, and security. With unified access across integrated development environments (IDEs) and collaboration tools, customers can blend their unique AI innovation with Dojo AI’s operational intelligence to helpfuture-proof their SecOps strategy.

Availability

The SOC Analyst Agent and MCP server are currently available in beta and prototype to select customers, with general availability planned for 2026. The Knowledge Agent is available today within the Sumo Logic platform.

Amazon Web Services (AWS) identified Sumo Logic as a Top 100 AI ISV, and we’re proud to present at AWS re:Invent 2025. For demonstrations and customer briefings, please visit Sumo Logic at Booth #1329. You can also see Sumo Logic at events at re:Invent:

• Scaling agent tools with AgentCore Gateway for enterprises, Mandalay Bay, Monday, Dec 1st, 11:30AM – 12:30PM PST
• ISV Executive Forum on Agentic AI moderated by Carol Potts, The Venetian Theater, Monday, Dec 1st, 1:00PM – 6:30PM PST