Skip to main content


Protecting identities with the Sumo Logic platform

15 styczeń 2024

Today’s cyber threat landscape necessitates that we, as defenders of the enterprise, place identities at the center of our detection, prevention and response efforts. Indeed, threat actor tactics and techniques observed in the wild demonstrate that credential theft presents a large risk to the confidentiality, integrity and availability of our systems - be they on premises or in the cloud. 

This blog will demonstrate the powerful features of the Sumo Logic platform - namely Cloud SIEM and Cloud SOAR and how they can be used to protect identities and make life easier for those who are responsible for the investigation of various identity-themed alerts and incidents. 

Setting the stage

Examining a recent CISA report regarding the LAPSU$ threat actor group, the critical role of identity-based attacks is evident, particularly when looking closely at the persistence methods used by this particular set of threat actors: 

Setting the stage

We see three very distinct persistence methods. 

Of particular interest here is the fact that the three techniques mentioned span both cloud and on premises systems...Read More!