Log in
Show password
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 


SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector news

Building a Cloud-Native SOC: Fantasy or Reality?

09/21/2021 | 06:42pm EDT

Can you really build a cloud-native SOC? As more organizations adopt cloud-native and cloud-hosted technologies, what do security teams and security practitioners need to consider when it comes to the SOC and cloud security?

Girish Bhat, Vice-President of Security, CI & Platform Marketing at Sumo Logic, asked Dave Shackleford, CEO of Voodoo Security and a member of Sumo Logic's CISO Advisory Board, to share his take on the challenges of cloud security and what's involved in creating a cloud-native SOC. A long-time security practitioner, Dave is also involved with the SANS Institute, where he is a course author, instructor, and analyst focused on cloud security.

Survey says…

According to data from the SANS Institute, organizations are much more willing now than ever to put sensitive data types in the cloud-ranging from employee records and intellectual property to financial data, health records, and even payment card information.

The 2021 Data Breach Investigations Report from Verizon noted that, for the first time ever, more attacks and breaches occurred in cloud-based environments than in other environments, such as on-premise. "That," says Dave, "is a really significant data point. With so much use of the cloud, attackers are focusing there as a priority."

Cloud security challenges

It's past time, then, to make sure that cloud environments are adequately protected and in parity with the controls that traditional security relies on to meet regulatory requirements and security best practices. Right now, security teams are facing a wide variety of challenges in dealing with cloud-based systems-from unauthorized access to lack of cloud skills and knowledge, lack of visibility in what is being processed in the cloud, and how to track and manage configuration changes on such a varied and extensive set of control planes.

The Cloud Security Alliance reported that data breach misconfiguration and inadequate change control lead the list of security threats. As Dave says, "Not only are we worried about attacks, we're seeing these attacks actually happen."

Going back to the SANS research, Dave shared that the big challenges of cloud security are very similar across most organizations. The number one issue? It is having the same level of visibility into cloud-based operations as with on-premise operations. Traditional security has, for the most part, mature processes that work with network packets, logs, and other artifacts. Cloud-based security, on the other hand, is mostly a patchwork of immature processes dealing with information coming from a wider variety of sources, managed by a team lacking crucial, cloud-based knowledge and skill sets.

The cloud-based SOC

Moving from a traditional SOC to a cloud-based SOC is a massive effort. As Dave points out, "You can't necessarily take what you've done on-premises and drag it kicking and screaming out into an optimized, cloud-based scenario."

Many of the traditional vendors that we've relied upon for on-premises security don't yet offer comparable cloud-based toolsets. When it comes to cloud security, there is a lack of cloud detection and response workflows and a lack of overall visibility. Complicating matters further, many SOC teams don't yet have the skills and knowledge of cloud-based environments. Security teams need some basic understanding of what people are building and how it's being deployed and used before they can start attempting to defend and protect those types of assets.

The traditional SOC was all within the walls of a data center: servers, closed networks, a SIEM platform, a response team, and technologies that were wholly under the security team's control. But as everything has moved to the cloud, that picture has been turned upside down. Now, everything is software-based with virtual machines and highly ephemeral assets, as well as cloud-enabled technologies and products that don't necessarily all sit within one environment.

The move to a cloud-based SOC, according to Dave, starts with cooperation and with tearing down siloed work teams. The starting point, Dave says is clear: "Security teams need to work with DevOps, risk management, procurement teams, and so on." The SOC team needs to work with those teams to assess risks of what's being built, where it's going, and what the strategy looks like. No longer can the SOC be the last to know when something goes live in the cloud.

Listen to the rest of the discussion…

Listen in as Dave and Girish look at building out a cloud-based SOC, including:

  • Working with event data to understand what's going on in the cloud

  • Skills every cloud-based SOC team needs

  • The importance of SOC game days

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.


Sumo Logic Inc. published this content on 21 September 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 21 September 2021 22:41:06 UTC.

ę Publicnow 2021
All news about SUMO LOGIC, INC.
10/12SUMO LOGIC : Illuminate 2021 - Embracing open standards for big picture observability
10/08SUMO LOGIC : How Cloud SOAR mitigates the cybersecurity skill gap problem in modern SOCs
10/05SUMO LOGIC : Analyzing Human Layer Risks with Tessian
09/30SUMO LOGIC : Supply Chain Security, Compliance, and Privacy For Cloud-Native Ecosystems
09/29SUMO LOGIC : Extends Monitoring for AWS Lambda Functions Powered by AWS Graviton2 Processo..
09/29SUMO LOGIC : Troubleshooting Outages at 3 AM with Alert Response
09/29SUMO LOGIC : XDR, What is it? Does everyone agree? What is Real Impact vs. Hype?
09/29SUMO LOGIC : Addresses Digital Transformation Complexity Driven By Exponential Growth of D..
09/29Sumo Logic Addresses Digital Transformation Complexity Driven by Exponential Growth of ..
09/28SUMO LOGIC : Extending Observability to App Infrastructure
More news
Analyst Recommendations on SUMO LOGIC, INC.
More recommendations
Financials (USD)
Sales 2022 238 M - -
Net income 2022 -115 M - -
Net cash 2022 192 M - -
P/E ratio 2022 -18,0x
Yield 2022 -
Capitalization 1 886 M 1 886 M -
EV / Sales 2022 7,12x
EV / Sales 2023 6,15x
Nbr of Employees 759
Free-Float 97,2%
Duration : Period :
Sumo Logic, Inc. Technical Analysis Chart | SUMO | US86646P1030 | MarketScreener
Technical analysis trends SUMO LOGIC, INC.
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus OUTPERFORM
Number of Analysts 10
Last Close Price 17,09 $
Average target price 24,13 $
Spread / Average Target 41,2%
EPS Revisions
Managers and Directors
Ramin Sayar President, Chief Executive Officer, CFO & Director
Christian Beedgen Director & Chief Technical Officer
Ben Kwon Vice President-Sales Strategy & Operations
Joseph Ansanelli Independent Director
Charles J. Robel Lead Independent Director
Sector and Competitors
1st jan.Capi. (M$)
SUMO LOGIC, INC.-40.20%1 886
SEA LIMITED78.10%195 739