Sumo Logic Sponsored Content | eWEEK

How to Turn Security and Compliance From a Tug of War Into the Dream Team

Sponsored — Wed, 14 Jun 2023 22:37:01 +0000

Perhaps once distinct teams within organizations, security and compliance functions today go hand-in-hand — or at least they should, writes Sumo Logic CSO George Gerchow.

Data breaches continue to wreak havoc on today’s enterprise, with rising stakes of both cost and reputation. To help combat this challenge, we’re seeing more government regulations across industries create a compliance roadmap for IT security. To add to the pressures of security and privacy, the skills gap is widening and is being compounded by layoffs in the technology industry.

To protect against the increase of threats in the enterprise and meet new compliance standards, security and compliance teams need to better align. Our recent report found that split and shifting priorities continue to plague security and compliance teams. The report found that 76% of security teams have significantly or completely shifted their organization’s security strategy for regulatory and compliance priorities. This has resulted in many companies having security teams take on privacy controls if/when necessary. Less than half companies (40%) said they have suspended or postponed security projects to address compliance issues, which has resulted in putting security in the backseat.

The reality is that companies are still trying to find the split between security and compliance. But this strategy has to change. There are two simple steps that companies can take to merge budgets and create team collaboration to align security and compliance initiatives.

Merge security and compliance budgets

Security and compliance initiatives are equally important to securing and protecting today’s workforce and should not be siloed. However, when budgets are allocated, one division usually gets more resources. When security and compliance teams have a unified strategy and budget, it allows for each team to focus on what they do best — fighting threats and navigating increasing government regulatory pressures.

Currently, 86% of technology leaders in our survey said they plan to make a significant investment in compliance solutions and data privacy in the future, while just over half (52%) will make a significant investment in a security management suite. By merging budgets, security and compliance teams can invest in comprehensive solutions to unify their strategies.

Security and compliance practices have demonstrated that they are meant to go together. It’s hard to run one cyber division successfully without the other.

Unite teams with collaboration tools and unified responsibilities

More organizations are under regulatory scrutiny, and companies cannot afford to stray from protocol, making compliance a business-driven initiative that funds security. Therefore, compliance and security teams need to remove communication silos and learn to work together to tightly manage security and compliance.

As a first step to boost team collaboration, security and compliance team members need to understand one another’s clear and defined roles and use shared collaboration tools like Slack or other instant-messaging apps. Once aligned on roles and responsibilities, I recommend documenting them in this shared space so it’s easily accessible by teams and can be regularly updated. By merging collaboration tools, security and compliance teams also gain greater visibility into similar challenges, a better understanding of one another’s policies and remove doubled-up oversight to create cost efficiencies.

Once security and compliance teams are regularly communicating, I like to give them both opportunities to overcome hurdles and work on projects together. One simple way to engage teamwork between security and compliance is through employee awareness training for both data security and privacy. Working closely with the compliance team, the security team can update security awareness programs to include privacy concerns and responsibilities impacting the company.

If security and compliance IT teams unify their resources and goals, they will be able to solve compliance challenges, while protecting against cyberattacks.

The post How to Turn Security and Compliance From a Tug of War Into the Dream Team appeared first on eWEEK.

How to keep your apps safe and accelerate release cycles (Guide: Application security)

Sponsored — Wed, 14 Jun 2023 22:32:35 +0000

Your step-by-step guide to implementing application security best practices

Applications are critical to the success of any business. Keeping them secure takes work. Integrating security throughout the software development lifecycle is essential to addressing cybersecurity issues before they happen.

In this guide, “How to keep your apps safe and accelerate release cycles” we review the seven steps you can take to more fully integrate security throughout your CI/CD lifecycle.

Download the guide today to learn more!

The post How to keep your apps safe and accelerate release cycles (Guide: Application security) appeared first on eWEEK.

100% visibility from day one (Case study: SoSafe)

Sponsored — Wed, 14 Jun 2023 22:24:23 +0000

Download case study

About

Founded in 2018, SoSafe is a leading cybersecurity awareness company in the DACH region with 300+ employees rapidly growing across five office locations that serve its more than 2,500 customers and 1.7 billion users.

100% visibility from day one

Challenge

DevOps and security teams needed to unify telemetry to maximize their efficiency and visibility.

Through years of rapid growth, SoSafe’s infrastructure for its IT environment and SaaS product had grown significantly and included a mix of cloud and on-premises systems that were all producing high volumes of telemetry data for a range of users and needs.

The DevOps and site reliability engineers (SRE) teams were generating content to monitor the SaaS platform and infrastructure to understand how things were performing while the security operations center (SOC) team was using a range of tools to monitor the security and integrity of the company’s complex environment—all of which was producing content that had to be separately tracked and analyzed.

Collectively, monitoring the company’s growing data volumes across a sprawl of individual tools was time-consuming and difficult for the DevOps and security teams to work efficiently and obtain the desired insights.

Solution

Pursuing a strategy to simplify and unify telemetry monitoring and analysis for its security, compliance, and observability needs, SoSafe conducted an in-depth evaluation of multiple solutions and selected Sumo Logic as its platform of choice.

“Sumo Logic was the winning choice because it met our requirement for a cloud-native platform that could unify and support our observability, intelligence, and security needs,” said Daniela Ramirez Villarroel, SOC Lead at SoSafe. “Also, another big differentiator was the platform’s extensive SIEM capabilities to support our security and GDPR compliance requirements.”

Results

Gained greater efficiency with a single, unified solution

With Sumo Logic, SoSafe is equipped with efficient data intake and analysis capabilities that provide the company with meaningful insights to continue to drive its phenomenal business growth. The platform provides a single solution that supports all of SoSafe’s many tools and use cases—from optimizing software security and delivery to monitoring the security of the environment and ensuring adherence to GDPR requirements.

“Immediately after our purchase, we were able to send data to Sumo Logic and increase our visibility to 100 percent,” said Ramirez. With some of the initial dashboards, SoSafe experts gained visibility into:

Traffic analytics on visits to the company’s safe-awareness.com website
SaaS platform responsiveness and alerts on any errors that require attention
Mission-critical security dashboards to identify and respond to issues as they arise

User-friendly tool that delivers fast ROI

From the start, SoSafe wanted to onboard users from various departments with access to Sumo Logic. The platform’s simplified management made it easy and efficient for the company’s IT, security, and DevOps users to ramp up and begin experiencing value from Sumo Logic’s telemetry analysis.

“Sumo Logic is very user-friendly. There’s a lot of good documentation and great online and professional support, so we didn’t need to have very senior analysts to get the best out of Sumo Logic,” said Ramirez adding that “this made it a very easy learning curve that delivered a fast return on investment.”

Unified security operations with a single platform

With Sumo Logic ingesting data from SoSafe’s various tools, the security analysts gained a central SOC management solution, which also alleviated the need for them to be experts and pivot across individual security solutions. The SOC team now has go-to dashboards to efficiently monitor the attack surface across the company’s infrastructure and gain insights on the state of SoSafe’s security posture.

“Sumo Logic’s out-of-the-box content gave us a great head start and made it very easy for our security analysts to quickly begin finding interesting things. With all the security insights in one place now, we’ve improved our security incident response times,” said Ramirez.

Supporting SoSafe’s continued growth

As SoSafe looks at what’s next and how Sumo Logic will support the company’s next-level growth, there are several strategic projects on the horizon:

Migration to a new cloud provider

Supported by Sumo Logic’s integration, out-of-the-box content, and dashboards, the security team is prepared for a smooth transition with no security monitoring downtime.
Purple team exercises

Leveraging the platform, the security team will adopt a framework to regularly perform offensive and defensive cybersecurity testing (offensive red team and defensive blue team create collaborative purple team) to improve the company’s security monitoring efforts and overall security posture.
Expanded users and use cases

To support efforts in attracting new customers and providing current customers with a high-quality service, the adoption of the Sumo Logic platform will expand to include users from marketing, sales, and customer service.

Download case study

The post 100% visibility from day one (Case study: SoSafe) appeared first on eWEEK.

Monitor and secure 10,000 clouds (Case study: HashiCorp)

Sponsored — Wed, 14 Jun 2023 22:19:30 +0000

About

HashiCorp’s suite of multi-cloud infrastructure automation products underpin the most important applications for the largest enterprises in the world, supporting thousands of customers. They have open source and commercial offerings for HashiCorp Terraform, Vault, Consul, Nomad, and also maintain open source projects for HashiCorp Vagrant, Packer, Boundary, and Waypoint. Their open source products are downloaded by IT practitioners more than 100 million times a year.

Download this case study

Monitor and secure 10,000 clouds

Challenge

Collectively supporting cloud infrastructure for tens of thousands of customers and HashiCorp itself generates massive volumes of various events.

Sifting through this telemetry to conduct a single security investigation and search on a series of related events was a time-consuming process for the security team, plagued with excruciatingly slow search results.

“Our sheer mass of data made everything slow. From collecting all the events we needed to gaining context around alerts and seeing what was going on, we couldn’t investigate in real time to understand if something was relevant or find things that are critically important,” said Ryan Breed, Senior Security Engineer at HashiCorp, noting that “running a large search took so long that it would break an analyst’s concentration and slow down the investigation process.”

Solution

HashiCorp, known for its innovation that never sleeps, requires security that can keep up. For that, they selected Sumo Logic.

Unlocking security visibility for HashiCorp required real-time monitoring across the company’s complex operating environment, which spans three infrastructure-as-a-service (IaaS) cloud environments and API integrations with each cloud vendor’s full suite of products.

As a cloud-native solution, Sumo Logic provides HashiCorp with centralized and scalable Cloud Security Analytics and security information and event management (Cloud SIEM) across the company’s and its customers’ multi-cloud environments.

According to Ryan Breed, “Sumo Logic helps us scale our security visibility and keep pace with the business as we launch new products, add customers and adopt new tools. As we grow, the marginal cost of adding visibility and enhancing what we have is minimal, which allows us to accommodate some pretty fundamental changes and scale the business much more quickly.”

Results

Low latency, insight-driven security investigations — in real time

After deploying Sumo Logic Cloud SIEM to integrate and ingest telemetry from all aspects of the company’s infrastructure, HashiCorp experienced the first game changer for managing security investigations: the ability to do low-latency search.

Sumo Logic’s cloud scale empowers HashiCorp security experts to search and conduct investigations in real time. In addition, Cloud SIEM streamlined workflows enabled the security operations center (SOC) team to implement a system where alerts automatically initiate searches.

“Sumo Logic proactively helps us understand an alert, whether it’s important or not and, in some cases, automatically disposes of the alert,” said Breed, adding that “having a low latency search system with Sumo Logic makes that kind of real-time workflow automation possible.”

Applies Alerting and Detection Strategy (ADS) to optimize security investigations

Cloud SIEM parses, maps and creates normalized records upon ingestion from HashiCorp’s structured and unstructured data and then automatically triages alerts to provide the security experts with actionable insights. To further optimize Cloud SIEM’s performance in distilling down tens of thousands of daily alerts, the SOC team applies Palantir’s ADS framework.

The framework helps the security team develop theories and think deeply about how best to leverage Cloud SIEM during investigations. For example, the team has mapped out threat-hunting searches to uncover traces a threat actor might leave on the infrastructure and workflows to support the next steps the analyst should take if they find one of those traces.

“Leveraging ADS lets us really focus on the performance side of using Cloud SIEM. Having an idea of what we’re looking for before we go looking helps us optimize things like field extractions and making the most common search patterns return very quickly. This helps the analyst stay in the zone when an investigation has multiple layers of abstraction and Cloud SIEM has made all of that supporting information available upfront,” said Breed.

Reduced time-to-decision with interactive dashboards

Sumo Logic’s security analytics and dashboards provide the security team with single-pane-of-glass visibility across HashiCorp’s extensive cloud environments. The SOC has also implemented a range of custom dashboards to advance the team’s playbooks and processes for conducting daily investigations.

When an analyst is investigating suspicious login activity, for example, they can fill in important parameters into the dashboard, such as the user ID and a time range, which then returns an interactive heads-up display where the analyst can ‘click’ to drill further into specific data.

“Interactive dashboards give us the context and color that help our security analysts minimize the time-to-decision. They can plug in the parameters and get the information very quickly, so they don’t have to stop whatever they’re doing to reach a decision and take action,” said Breed.

Download this case study

The post Monitor and secure 10,000 clouds (Case study: HashiCorp) appeared first on eWEEK.

How to right-size security for small and emerging teams

Sponsored — Wed, 14 Jun 2023 22:12:06 +0000

It’s not just established enterprises, all businesses are increasingly targeted in cyberattacks. Are you ready to address the vulnerabilities in your environment?

Download the eBook now!

Emerging security teams don’t have the same resources and dedicated cybersecurity expertise as established SOCs in enterprises. The following issues often hamper emerging security teams when building out their security program:

Complexity — too many tools and distributed workforces
Lack of visibility — siloed tools, a mix of on-prem and cloud infrastructure
High costs — licensing costs from security tool sprawl
Limited security expertise — overworked teams in need of more training

Sound familiar?

What works for the top one percent of elite security teams differs from the needs of the other 99% of organizations.

Read this ebook to explore how data from security analytics can be used across four common use cases and get your emerging security program started on the right foot.

Download the eBook now!

The post How to right-size security for small and emerging teams appeared first on eWEEK.

How security and performance redefine banking (Case study: Standard Chartered nexus)

Sponsored — Wed, 14 Jun 2023 15:23:54 +0000

Standard Chartered nexus is a white-label Banking-as-a-Service (BaaS) solution powered by Standard Chartered. By embedding financial products directly on mass digital ecosystems, customers can enjoy easy access to financial services, such as digital savings accounts, personal loans, and other targeted financial solutions that were previously unavailable to them.

Get a demo

Download study

Challenge

Standard Chartered nexus needed a unified analytics platform to support security analytics, DevOps, customer experience, and more. It needed to be easy for technical and non-technical users.

From the company’s launch in 2020, Standard Chartered nexus made a conscious decision to embed observability across every aspect of the company’s operations.

The company wanted to adopt a unified analytics platform to support its end-to-end use cases — from security analytics and DevOps to customer experience, business metrics monitoring and more. They also wanted a platform with an intuitive user interface that would be easy for technical and non-technical users to navigate so every employee could successfully use the solution.

Solution

Standard Chartered nexus evaluated multiple solutions, including Sumo Logic, Datadog and Splunk. After rigorous analysis, Sumo Logic stood out as the best solution to support the company’s goals.

Several factors lead to the decision to adopt Sumo Logic, including:

Cloud-native architecture that provides hyper scalability
User-friendly for all employees — technical and non-technical
Single platform for company-wide observability and security use cases
High-quality support for logs and metrics
Outstanding vendor engagement and level of professional services
Extensive API and data collection support for turnkey integration into the company’s ecosystem

Highest security standards

Standard Chartered nexus only adopts solutions that meet the highest security standards. In addition to meeting the company’s functional requirements, the Sumo Logic platform demonstrated best-in-class security principles. “We had a third-party conduct an extensive security assessment on Sumo Logic that went well, and we liked the fact that Sumo Logic had several certifications like SOC 2 Type 2, ISO 27001 and PCI,” said Mathias Faure, CTO at Standard Chartered nexus.

Results

Seamless deployment and hyperscaling observability

As a cloud-native solution with extensive APIs and collectors, Sumo Logic integrated easily, leveraging Kubernetes and supporting hundreds of microservices, distributed computing jobs and other business applications. This enabled the company to quickly gain full-stack visibility across the environment in a single snapshot.

Easily handling the bank’s data volumes, Sumo Logic analyzes 500,000 data points per minute for metrics and 100GB of daily log data, which empowers Standard Chartered nexus with hyperscaling observability. “Because we have all digital banking capabilities bundled in a box — from digital onboarding, self- servicing and assisted channel reporting — we have quite a lot happening in our hyperscale platform. Sumo Logic readily scales to our needs and gives us extreme observability around our business and technical metrics and logs,” said Faure adding that “It gives us millisecond responsiveness for capabilities around querying, dashboarding and alerting.”

Ease of use empowers technical and non-technical users

The Sumo Logic platform is so straightforward to navigate that technical and non-technical teams have all onboarded and created custom dashboards for their specific needs. The company’s 220-plus employees — from business users in marketing and finance to technical users in security and development — use Sumo Logic. Logs, metrics and dashboards deliver valuable insights that drive daily decision making as well as support strategic planning for the future.

“Sumo Logic’s simplicity is quite key for our business-wide use; otherwise, it would’ve just been a technical tool for technologists.”

Enabling best-in-class customer onboarding and responsiveness

Improving the customer onboarding journey was an early and impactful success using Sumo Logic. At the outset, Standard Chartered nexus created a best- practice service level objective (SLO) that customers would experience a fast and frictionless process when adopting a digital banking service. The bank set an SLO to service customer transactions in less than 100 milliseconds.

Leveraging Sumo Logic’s monitoring and data analytics across the onboarding cycle — both from the banking platform’s backend and the user interface — the DevOps teams pinpointed bottlenecks and identified potential drop offs. Armed with these insights, the team then rapidly rapidly optimized the business process.

“Sumo Logic’s observability of our customer onboarding experience helped us sense exactly what the customer was feeling and guided our design and direction for optimizing the process. We delivered ten process improvements over five months that significantly accelerated our responsiveness. We’re currently within the three minute range for an end-to-end onboarding — well below our original SLO target,” shared Faure. “Our list accounts and transaction api response time is now under 30ms.”

Fueling and fostering business-wide use cases

Sumo Logic has enabled teams across the company to collaborate and work from a single source of truth. As a result, this data-driven collaboration has empowered teams to move more efficiently and swiftly to fix product defects, address security issues, launch new features to market and more. A handful of the company’s many use cases include:

Security monitoring
“We’ve built a really good information set from our platform’s logs that feeds into Sumo Logic for all the security monitoring use cases across our customer platform. The Sumo Logic platform provides us with powerful security analytics and dashboarding capabilities that keep us informed on anything related to the application security of our solution,” said Faure. As one example, Faure shared, “We scan our code base hourly and log all the vulnerabilities that pop up. Then, we automatically create tickets for the teams to action within a given SLA, depending on the criticality. This process fosters great collaboration between our DevSecOps and DevOps teams.”
Delivering product fixes
With Sumo Logic observability, the quality assurance and DevOps teams rapidly move through product issues. “The testing team has dashboards for defects that they can submit to development with
a query link. From there, the developer can look back in the data to the time when the defect was found and understand everything. For example, they can look at technical metrics and logs from one of the many microservices to obtain the whole context at a given point in time. Equipped with all that information, our turnaround time between defect-to-solution is very fast,” said Faure.
Application performance
The site reliability engineering (SRE) team monitors the reliability of the company’s software in the production environment. Leveraging custom dashboards, the team can quickly highlight potential bottlenecks or areas that need improvement. “Working closely with functional squads, our SRE team shares the data insights on any areas that need attention. Focused on maintaining a high point value for application performance, the squad will fix the performance issue before they roll out new functionalities,” said Faure.

Get a demo

Download study

The post How security and performance redefine banking (Case study: Standard Chartered nexus) appeared first on eWEEK.