Sold by: Sumo Logic Inc.Â
Deployed on AWS
Monitor your entire AWS environment in minutes. Sumo Logic integrates with your AWS SaaS services, providing unparalleled visibility into your cloud infrastructure and security data at scale.
Overview
Logs for Security provides a unified security and compliance audit view of your AWS infrastructure and insight into threat activity across that environment. It leverages native AWS tools and telemetry to accelerate the work of development, operations, security, and reliability management teams in maintaining security, monitoring their environment, and managing their risk and attack surface.
Modern ever-changing cloud environments need ongoing audits of configuration, vulnerability, versioning, activity, and other factors to ensure they are well maintained and not subject to vulnerability created by aging or drifting configuration, access rights, or software. Logs for Security helps teams get rapid, ongoing security visibility into the diverse aspects of their environment and provides customizable alerting, evaluation, and remediation of issues.
Sumo Logic rapid onboarding process makes setup easy, allowing AWS users to visualize and begin improving the security posture of their environments in minutes.
New Sumo Logic AWS Built In automation and integration. An AWS Certified deployment that reduces the time and effort to configure your multi-account environment, starting with AWS Control Tower and key Cloud Foundational Services to achieve a stronger security posture that drives efficiency and reduces risk in your business critical applications.
The price below is for a two year subscription to ingest up to 5 GB per day. If you require more than 5 GB per day, please contact your AWS sales representative.
Highlights
- Unified security visibility and analytics across your entire AWS environment using native and 3rd-party data sources.
- Integrated threat intel which accelerates threat detection and reduces the time to detect and investigate
- Global Intelligence Service that creates statistical baselines for Amazon GuardDuty and AWS CloudTrail to help accurately pinpoint investigations and resources
Details
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/24 months |
|---|---|---|
5GB/Day Ingest | 5GB/day ingest with 365 days retention | $13,350.00 |
Vendor refund policy
Please see seller website for refund details.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
Start by visiting Sumo Logic Support at https://support.sumologic.com/support/s/Â or email us directly at support@sumologic.comÂ
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Sumo Logic Inc.
By Mission
Top
100
In Log Analysis
Top
25
In Security Observability, Data Security and Governance
Top
25
In Data Governance, Infrastructure as Code
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Security Monitoring
Provides unified security and compliance audit view of AWS infrastructure with comprehensive threat activity insights
Threat Detection
Integrates native AWS tools and telemetry to accelerate security monitoring and risk management across cloud environment
Cloud Configuration Analysis
Performs ongoing audits of configuration, vulnerability, versioning, and activity to identify potential security drifts
Threat Intelligence Integration
Leverages Global Intelligence Service to create statistical baselines for Amazon GuardDuty and AWS CloudTrail for precise investigations
Multi-Account Security Management
Supports automated deployment and integration across multi-account AWS environments using AWS Control Tower and Cloud Foundational Services
Endpoint Security
Advanced detection capabilities with both agent-based and agentless scanning across traditional infrastructure, serverless environments, and containers
Threat Intelligence Correlation
Cross-domain intelligence and telemetry integration for unified investigations, detection, and response through a single console
Identity and Access Management
Intelligent credential security with multi-factor authentication enforcement, identity provider integration, and privileged account management
Vulnerability Management
Predictive CVE detection and prioritization mechanism for effective vulnerability patching and remediation
Compliance Monitoring
Comprehensive compliance reporting and scoring against multiple frameworks including PCI, SOC2, NIST, and HIPAA with resource compliance tracking
Cloud Infrastructure Monitoring
Continually monitor public cloud infrastructure across AWS, Azure, and GCP environments to provide comprehensive visibility of resources and potential threats
Vulnerability Detection
Identify infrastructure vulnerabilities impacting security and compliance best practice standards with risk profiling and contextual alerts
Multi-Cloud Asset Management
Achieve a complete picture of cloud assets across multi-cloud environments, monitoring configurations, deployments, and access anomalies
Security Configuration Analysis
Detect insecure configurations, over-privileged IAM roles, and compliance failures from development through live service stages
API Integration Capabilities
Provide programmatic access to security features via REST API for seamless integration with third-party SIEM and DevOps tools
Standard contract
No
No
No
Customer reviews
4.3
2 ratings
2 AWS reviews
|
214 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
WilsonAitan
Offers a single dashboard with customizable features and a cost-effective pricing structure
Reviewed on Feb 26, 2025
Review provided by PeerSpot
What is our primary use case?
My clients use Sumo Logic Security depending on their needs. Some of my clients are looking for network visibility and observability, while others focus on the security aspects, utilizing the Sumo Logic SIEMs.
What is most valuable?
Sumo Logic Security offers a single dashboard and customization, which are the most valuable features. Additionally, it has a cost-effective structure because it is based on data storage and the number of scans, rather than uploading data. This cost model impacts the customers positively by offering a more straightforward pricing structure.
What needs improvement?
In terms of improvement, feedback indicates there is a need for a local data center in my country. This is crucial to sell to the government and financial sectors as they require data retention within each country.
For how long have I used the solution?
I have approximately three months of experience working with Sumo Logic Security.
What do I think about the stability of the solution?
The stability is quite high because it is maintained by the vendor.
What do I think about the scalability of the solution?
The tool has high scalability because everything is based in the cloud.
How was the initial setup?
The security solution is complex because it involves a lot of management. However, compared with other similar solutions, it is quite straightforward.
What's my experience with pricing, setup cost, and licensing?
The pricing structure for Sumo Logic Security is based on two elements: data storage and the number of scans. This makes it more cost-effective because other solutions often include a third element in their pricing.
What other advice do I have?
During this evaluation, I considered multiple criteria for the Sumo Logic Security solution. Based on these criteria, I rate the solution as an eight out of ten due to its effective features and pricing.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Vinay Patel D N
Effective with good log analytics but needs better rule correlation
Reviewed on Nov 08, 2024
Review provided by PeerSpot
What is our primary use case?
We primarily use Sumo Logic as a SIEMÂ , Security information and event management tool. It serves as a Cloud SIEMÂ and is utilized for alert monitoring, insight monitoring, and as a continuous intelligence platform.
What is most valuable?
The Log Analytics platform is the most effective. If we cannot find the data in other tools, like email security or NDR, we can fetch those logs in the Log Analytics platform of Sumo Logic. That is the one best feature that I can suggest.
What needs improvement?
The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk. Sometimes logs will not fetch, and there are issues if the log volume exceeds a threshold. Not every tool is integrated with Sumo Logic. The response time for their support could be better, and it is not very user-friendly.
For how long have I used the solution?
I've been using hte solution for two years.
What do I think about the stability of the solution?
There are stability issues. Sometimes logs will not fetch, and if there are many records, the system may stop or the UI may become unresponsive.
How are customer service and support?
The support team is not very good. They don't provide support on call and have a response time of forty-eight hours, which is not instant support.
How would you rate customer service and support?
Neutral
What's my experience with pricing, setup cost, and licensing?
 I'm not sure about the pricing.
What other advice do I have?
I don't recommend this product.
I'd rate the solution six out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Moole Muralidhara Reddy
Used to store and monitor application logs and VPC flow logs
Reviewed on Mar 26, 2024
Review from a verified AWS customer
What is our primary use case?
We use Sumo Logic Security for logging purposes. We store and monitor application logs and VPC flow logs in the solution.
What is most valuable?
Sumo Logic Security is a good solution for searching the logs and identifying the issues. Sumo Logic Security searches the logs to identify issues easily. Suppose we got an issue related to the application 500 error. We store the application logs in Sumo Logic Security. We can easily search those logs to identify where exactly we are facing the application 500 error.
What needs improvement?
Sumo Logic Security is expensive, and its pricing could be improved.
What do I think about the stability of the solution?
I rate Sumo Logic Security a nine out of ten for stability.
What do I think about the scalability of the solution?
Around ten users are using the solution in our organization.
I rate the solution an eight to nine out of ten for scalability.
How are customer service and support?
We have two options for technical support. If we take the enterprise support, we get a reply within one or two hours. If you don't have enterprise support, you will get a reply in around one day or 12 hours, based on their availability.
How was the initial setup?
The implementation process of the solution was good and not very difficult. You can easily integrate Sumo Logic Security with AWS or Kubernetes. Even new users who are aware of AWS can follow the documentation and easily deploy the solution.
What about the implementation team?
The solution’s deployment doesn’t take more than 15 minutes for a knowledgeable person.
What's my experience with pricing, setup cost, and licensing?
Storing logs in Sumo Logic Security is charged GB-wise, which is a little higher than other products.
What other advice do I have?
We are mainly concentrating on networking. We use VPC products and application logs to monitor the genuineness of users who have logged in. We also store and monitor GuardDuty logs to see if someone is trying to access the same server multiple times. We are storing and monitoring WAF logs and GuardDuty logs. If someone faces any issues, we'll receive an email and take action based on it.
If someone tries to access one of the applications from a different country, we can search in Google and identify the location of that particular IP address. Sumo Logic Security identifies whether a particular IP address is low, medium, or high risk without the help of Google.
We can store logs in CloudWatch, but it is very difficult to search them in CloudWatch. We should know the query in order to do that. Searching for logs with Sumo Logic Security is very easy compared to CloudWatch. We have been using the solution for more than two years and haven't faced any issues with the solution's availability. I would recommend the solution to other users.
I would recommend Sumo Logic Security instead of AWS, CloudWatch, or CloudTrail. With Sumo Logic Security, you can capture and see all the logs in a single place. If some issues occur, you can log into the solution and verify all the logs. At an organizational level, we have multiple AWS accounts for different environments. Instead of logging in to all the AWS accounts, you can log in to Sumo Logic Security and verify everything.
Overall, I rate the solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Sourabh Pardhi
The solution is automated and has a good number of extensions, but it is costly, and it must improve its UI
Reviewed on Aug 04, 2023
Review provided by PeerSpot
What is our primary use case?
The product is a log aggregator of all the logs from all our environments, including AWS. Our infrastructure is deployed on AWS. We ship all logs to Sumo Logic. Based on the logs, we create alerts. These alerts are sent to an email ID, which creates tickets.
What is most valuable?
The solution is automated. It has a good number of extensions like CrowdStrike and AWS extensions. It is very useful. We can integrate threat intelligence solutions into the product.
What needs improvement?
The query of Sumo Logic is complex. It should be improved. The solution should improve its UI. FireEye, Splunk, and LogRhythm provide proper UIs. The solution should improve its scalability and stability.
Connecting the collector with Sumo is difficult if a collector or device is down. We have faced multiple challenges like this, and we are still facing these challenges. We recently raised a ticket to Sumo Logic to investigate the issue.
For how long have I used the solution?
I have been using the solution for one and a half years. I am using the latest version of the solution.
What do I think about the stability of the solution?
I rate the tool’s stability a seven out of ten.
What do I think about the scalability of the solution?
I rate the tool’s scalability a seven out of ten. In my current organization, there are around 18 people who have access to the product, including the security team. Apart from these, 30 people from different teams have access to the tool but do not have full admin access.
How are customer service and support?
The support team is very cooperative. As soon as the team receives our tickets, a support person is assigned to us. They reach out to us and try to solve the problem.
How would you rate customer service and support?
Positive
How was the initial setup?
The installation of the devices was good. The product is deployed on the cloud.
What's my experience with pricing, setup cost, and licensing?
The product is costly. At the same cost, we can get other tools with better features and capabilities.
What other advice do I have?
First-time users must decide how they want to use the tool. The product is very good as a log aggregator. If we want to use the solution as a SIEM console, it will not be that useful because it does not have the features a SIEM tool would have. It does not have analyzing or threat intel features. The product does provide the option of using extensions, but it does not have its own threat intel feature. Overall, I rate the solution a seven out of ten.
Which deployment model are you using for this solution?
Private Cloud
reviewer2116392
Helps to monitor logs and event timestamps
Reviewed on May 16, 2023
Review provided by PeerSpot
What is our primary use case?
I use it for the log monitoring of our legacy site. We typically monitor the event timestamps.
What is most valuable?
The tool has key features like operability. It will alert the admins whenever a device is onboarded.
What needs improvement?
From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc.Â
For how long have I used the solution?
I have been working with the product for three years.Â
What do I think about the stability of the solution?
I would rate the tool's stability a nine point five out of ten.Â
What do I think about the scalability of the solution?
I would rate the product's scalability a nine out of ten.Â
How are customer service and support?
The support replies to us back within 24 hours of opening a ticket.Â
How would you rate customer service and support?
Positive
How was the initial setup?
The tool's setup is simple and straightforward. A three-member team manages the solution.Â
What other advice do I have?
I would rate the solution a nine out of ten.Â