The IT Nerd

Sumo Logic today announced it will expand regional availability of its AI-powered cloud security solutions to the AWS European Sovereign Cloud and AWS Swiss Data Center deployments. The new offerings will support European organizations with their data privacy, sovereignty, data residency and security needs as they support and expand their digital and AI strategies.

Analyst firm IDC predicts that 63% of organizations are now more likely to adopt sovereign cloud services in response to recent geopolitical events, and that spending on sovereign cloud services will reach more than $400 billion by 2029.

Further, according to new research from Sumo Logic with UserEvidence, 96% of security leaders say they’ve adopted AI to some extent. But those uses are still relatively nascent as products are still evolving, with only 9% using AI for incident triage and only 20% for automated incident response. This expands on the IDC analysis, which predicts that by 2028, 60% of multinational firms will split AI stacks across sovereign zones, tripling integration costs as regulatory fragmentation and supply chain risks slow strategic scaling.

Providing cloud security for AWS European Sovereign Cloud deployments

Sumo Logic will deliver its AI-powered Intelligent Security Operations Platform as part of the AWS European Sovereign Cloud, helping European companies and government entities implement cloud services while meeting strict rules on data residency and privacy. Companies will be able to run their infrastructure as part of an independent sovereign cloud and use Sumo Logic to log, track and secure those deployments over time.

Expanding cloud security and log analytics to AWS Swiss Data Center implementations

Sumo Logic will also deploy its platform in Switzerland to support enterprises that need faster in-country data residency to meet the Swiss Federal Act on Data Protection (FADP), as well as General Data Protection Regulation (GDPR) requirements. This move will expand Sumo Logic’s global footprint to the AWS Swiss Data Center, delivering the company’s agentic AI-powered log analytics platform and advanced SIEM to enterprises that require in-country data residency for regulatory compliance.

The new region supports enterprises operating in or serving Switzerland by offering localized processing over data sovereignty, which is especially relevant for organizations in highly regulated industries such as finance and the public sector.  The new data center will also provide a faster, low-latency environment for organizations in the country to take advantage of.

Resources:

• Rethinking data governance and global compliance
• AWS European Sovereign Cloud

Sumo Logic today released its 2026 Security Operations Insights report, which found that security is complicated by a growing number of cloud tools, sprawling tech stacks and a lack of communication that leads to less reliability for security teams.

Security is becoming increasingly complex for enterprise organizations, as application environments are changing rapidly. AI hype has created a rush to develop and adopt AI tools while broadening the attack surface and forcing organizations to reconsider whether their security solutions are actually providing value.

The Sumo Logic 2026 Security Operations Insights report surveyed more than 500 IT and security leaders and was developed with independent research firm UserEvidence. Key findings include:

• 90% of security operations leaders say supporting data sources from multi-cloud and hybrid-cloud environments is very or extremely important for their SIEM, highlighting the continued need for data pipeline management.
• Only 51% say their current SIEM is very effective at reducing mean time to detect and respond to threats. And just 52% are very confident their current SIEM can scale to meet future security and cloud operations needs.
• 90% of security leaders say AI/ML is extremely or very valuable in reducing alert fatigue and improving detection accuracy. Yet their most common AI use cases focus on basic tasks like threat detection. These findings indicate that AI adoption isn’t as widespread through advanced security workflows as marketing narratives often suggest.
• 93% of enterprise organizations use at least three security operations tools, and 45% use six or more. It’s no surprise that over half (55%) of respondents report having too many point solutions in their security stack.
• 80% of enterprise organizations say security and DevOps use shared observability tools, but only 45% say the two teams are very aligned on tooling and workflows. 100% say a unified platform for logs, metrics, and traces would be valuable for their security and DevOps teams.
• 70% of respondents say they’ve fully or mostly automated their threat detection and response process, with 25% reporting it’s fully automated. Those who rely on a mostly or fully manual process are in the extreme minority.

These findings underscore that enterprise security leaders are overwhelmed. As AI continues to complicate the threat landscape, it adds yet another technology that needs to be monitored, secured, and used in security. The solution isn’t a larger security tech stack with more siloed tools. Instead, it’s a unified platform that acts as a single source of truth for DevSecOps, providing real-time insights and visibility across the entire environment.

Resources

• Explore the full report findings and methodology
• Blog about the report

Sumo Logic today announced its new Snowflake Logs App and Databricks Audit App. These strategic apps provide customers with robust visibility into their data pipelines, dependable security analytics, and faster troubleshooting across two of the industry’s leading cloud data platforms.

With data volumes and associated vulnerabilities rapidly growing, security, operations, and data teams require unified, real-time insight into user activity, configuration changes, performance issues, and potential threats across their environment. These new apps expand Sumo Logic’s industry-leading coverage for Databricks and Snowflake platforms to help teams detect anomalies, investigate incidents, and monitor and optimize operations.

Snowflake Logs App

Snowflake provides a single, fully managed data platform, but our customers often lack visibility into performance, login activity, and operational health.

The Sumo Logic Snowflake Logs App enables customers to:

• Analyze login and access activity to identify anomalies or potentially suspicious behavior
• Optimize data pipelines and workloads with insights into long running or failing queries
• Centralize log data for easier correlation across applications, cloud services, and data platforms

With real-time dashboards and alerting, teams can troubleshoot faster, improve reliability, and maximize the value of their Snowflake investment.

Databricks Audit App

Databricks offers a unified platform for data, analytics and AI. For our customers using the platform for highly sensitive workloads, visibility into user behavior and configuration changes is critical.

The Sumo Logic Databricks Audit App delivers:

• Centralized visibility into user activity, job execution, access patterns, and administrative operations
• Real-time detection of unauthorized access attempts, privilege escalations, and anomalous behavior
• Faster incident investigations with visualizations that contextualize activity across multiple workspaces

With unified insights across Databricks audit logs, security and compliance teams can more effectively identify emerging critical threats, reduce detection time, and maintain a strong security posture.

Availability

Both the Databricks Audit App and Snowflake Logs App are now available in the Sumo Logic App Catalog.

Sumo Logic today announced new advancements to Sumo Logic Dojo AI, its agentic AI platform for security operations. This expansion of Dojo AI introduces new agents, including SOC Analyst Agent, Knowledge Agent, and a Model Context Protocol (MCP) server. These new agents help security teams reduce alert fatigue, accelerate investigations, and streamline security workflows, allowing customers to focus on real threats and respond more effectively. These innovations will be on display at AWS re:Invent 2025, at Sumo Logic’s booth #1329.

Modern security operations centers (SOCs) face a perfect storm of complexity: growing alert volumes, fragmented tools, and pressure to respond faster than ever. Dojo AI brings intelligence and control to this frantic environment, combining agentic AI, log intelligence, and secure model integration to transform how investigations are conducted.

Launched earlier this year, Dojo AI is Sumo Logic’s agentic AI system for Intelligent Security Operations. Within the Dojo, agents can ingest signals and develop context-aware responses. This continuous feedback ensures agents improve over time, become more resilient, and deliver higher-fidelity insights when deployed in production. Dojo AI is an enterprise-grade, agentic AI platform purpose-built for the modern SOC and gives security teams the ability to analyze the highest value security issues facing their organization at any given moment.

Sumo Logic Dojo AI New Capabilities

• SOC Analyst Agent (Beta) — The SOC Analyst Agent applies agentic AI reasoning to streamline triage and investigation. It delivers verdicts on alert severity, collects related activity, and presents a clear context for analysts to quickly understand impact and scope. By filtering out noise and repetitive reviews, analysts can focus on real threats and potentially achieve faster, more consistent outcomes across teams.

• Knowledge Agent — The Knowledge Agent provides immediate, AI-powered answers to “how-to” questions in natural language, reducing friction and accelerating onboarding. By asking Mobot — Dojo AI’s conversational interface — users receive straightforward, citable responses drawn from documentation and product knowledge, empowering efficient self-service and faster platform adoption.

• Sumo Logic Model Context Protocol (MCP) Server (Prototype) — The Sumo Logic MCP Server extends Dojo AI into a connected, agentic ecosystem. It integrates customer-owned copilots, proprietary models, and third-party AI systems into the Dojo, allowing organizations to bring their own AI while maintaining Sumo Logic’s scale, consistency, and security. With unified access across integrated development environments (IDEs) and collaboration tools, customers can blend their unique AI innovation with Dojo AI’s operational intelligence to helpfuture-proof their SecOps strategy.

Availability

The SOC Analyst Agent and MCP server are currently available in beta and prototype to select customers, with general availability planned for 2026. The Knowledge Agent is available today within the Sumo Logic platform.

Amazon Web Services (AWS) identified Sumo Logic as a Top 100 AI ISV, and we’re proud to present at AWS re:Invent 2025. For demonstrations and customer briefings, please visit Sumo Logic at Booth #1329. You can also see Sumo Logic at events at re:Invent:

• Scaling agent tools with AgentCore Gateway for enterprises, Mandalay Bay, Monday, Dec 1st, 11:30AM – 12:30PM PST
• ISV Executive Forum on Agentic AI moderated by Carol Potts, The Venetian Theater, Monday, Dec 1st, 1:00PM – 6:30PM PST

 Sumo Logic today announced a new era for its popular educational training program, now called Sumo Logic Academy. The academy is designed to help Security, Operations, and Development teams validate critical skills, build on and enhance industry expertise and maximize the value of Sumo Logic’s platform to drive security, reliability, and operational efficiency, allowing participants to demonstrate their professional abilities.

Building on a commitment to education, Sumo Logic Academy includes a new role-based Sumo Logic Certified program that introduces a refined course catalog with in-depth training, live remote exam proctoring, and industry-recognized digital credentials. This structured certification path helps ensure that technology professionals gain specialized knowledge, earn verified credentials, and follow an industry-aligned learning journey—all while showcasing their proficiency with confidence.

Validated expertise with industry-recognized certifications

The new Sumo Logic Certified program offers a skills-based assessment that validates a user’s ability to effectively and proficiently leverage Sumo Logic products within their organization. With live, remote exam proctoring through its testing partner, Kryterion, candidates benefit from a certification process that is secure, fair, and reflective of the latest industry standards and Sumo Logic solutions. After completing the exam, learners will earn a digital badge issued through Credly, allowing them to share and promote their verified expertise with their professional network.

Flexible and accessible learning for every user

Sumo Logic remains committed to democratizing access to knowledge by ensuring that certain hands-on live instructor-led, virtual training classes and workshops, as well as self-paced learning, remain free for any user. In addition to the new certifications, organizations can also access custom and private training options tailored to their specific needs for a fee. New workshops include automation service, API and Terraform, and best practices for query efficiency to help users at every stage in their maturity.

Additional Resources

• Discover the full catalog of Sumo Logic skill-based assessments
• Learn more about Sumo Logic’s private training
• Read the new Sumo Academy blog

Sumo Logic today announced the launch of its new Sumo Logic Dojo AI, powered by Amazon Web Services, Inc. (AWS), a breakthrough in intelligent, agent-powered security operations. Dojo AI was built leveraging Amazon Bedrock and the new Amazon Nova family of models to help enterprises address the growing volume and complexity of cyber threats. It introduces specialized agents that can help automate routine tasks, streamline investigations, and give security teams the freedom and ability to focus on analyzing the highest value security issues facing their organization.

By combining the powerful Amazon Nova foundation models of AWS with Sumo Logic’s cloud‑native Intelligent Operations Platform, the company will accelerate innovation for customers in highly regulated industries, helping them detect threats faster, meet compliance requirements, and optimize performance in real time.

Sumo Logic Intelligent SOC Agents

The initial agents available from the Dojo AI platform include:

• Mobot (beta) – A unified conversational interface that enables seamless interaction with Dojo AI through natural language multi-turn conversations, empowering users to deploy agents and request insights without the need for complex queries. New and experienced Sumo Logic users can get to the root cause faster with natural language investigation.
• Query Agent – Translates natural language questions into efficient Sumo Logic queries, streamlining data exploration. The new Query Agent leverages agentic architecture, improving accuracy and outcomes. It’s built on AWS and integrates seamlessly with the new Mobot interface to deliver a more robust experience.
• Summary Agent – Automatically creates clear, AI-generated summaries of real-time threat insights from Sumo Logic’s market-leading SIEM, adding to Mobot for accelerated investigation context.

Sumo Logic continues to build on their more than decade‑long collaboration with AWS, uniting the secure, scalable cloud infrastructure of AWS with Sumo Logic’s AI‑powered, Intelligent Operations Platform. As an AWS Partner with 13 AWS Competencies — including the AWS Generative AI Competency — Sumo Logic delivers proven expertise across industries such as financial services, government, retail, and education, helping joint customers accelerate innovation, strengthen security, and achieve compliance at scale

Why Dojo AI?

Sumo Logic customers benefit from Dojo AI because they gain:

• Proven data advantage – The Sumo Logic Platform ingests more than 4.5 exabytes of data every day, so Dojo AI agents ramp faster and act more effectively with a single source of truth for data.
• Enterprise agentic architecture – Specialized agents collaborate to help drive higher accuracy and efficiency, all implemented on an enterprise-grade AWS foundation.
• Designed for SOC teams – Dojo AI enhances analyst productivity rather than replacing human expertise, all while maintaining data privacy and security.

Dojo AI Availability

Query Agent and Mobotwill be available to all Sumo Logic customers, and Summary Agent will be included at no additional cost for all Cloud SIEM customers. Dojo AI is also available in AWS Marketplace.