Protecting identities with the Sumo Logic platform
15. Januar 2024
Today’s cyber threat landscape necessitates that we, as defenders of the enterprise, place identities at the center of our detection, prevention and response efforts. Indeed, threat actor tactics and techniques observed in the wild demonstrate that credential theft presents a large risk to the confidentiality, integrity and availability of our systems - be they on premises or in the cloud.
This blog will demonstrate the powerful features of the Sumo Logic platform - namely Cloud SIEM and Cloud SOAR and how they can be used to protect identities and make life easier for those who are responsible for the investigation of various identity-themed alerts and incidents.
Setting the stage
Examining a recent CISA report regarding the LAPSU$ threat actor group, the critical role of identity-based attacks is evident, particularly when looking closely at the persistence methods used by this particular set of threat actors: