Sumo Logic this week at the RSA Conference previewed a copilot that leverages generative artificial intelligence (AI) to make it simpler for IT and cybersecurity professionals of varying levels of experience to derive benefits from its observability platform via a user interface (UI) the company is in the process of revamping.
In addition, Sumo Logic revealed the ability to streamline alerts using machine learning algorithms based on the AutoML framework is now generally available.
Sumo Logic is also adding a Cloud Infrastructure Overview dashboard to make it simpler to identify misconfigurations and vulnerabilities faster that can be remediated using playbooks infused with AI.
Finally, the company has added a MITRE ATT&CK Threat Coverage Explorer to its security information event management (SIEM) platform to make it simpler to apply rules based on the widely employed cybersecurity framework along with integrated threat detection feeds.
Chas Clawson, Field CTO for security at Sumo Logic, said the company is working toward providing an observability platform that normalizes DevOps and cybersecurity data in a way that makes it simpler to embrace best DevSecOps practices. Various types of AI models will then surface actionable insights via summarizations and recommended remediations that can be automatically applied in a way that significantly reduces the current level of toil that DevSecOps teams regularly encounter, he noted.
Over time, DevSecOps teams will have at their disposal multiple AI assistants that are optimized to asynchronously manage multiple tasks. As the underlying AI models that enable those capabilities improve, so too will the ability to use reasoning engines to enable AI assistants to automate more complex tasks.
It’s not clear to what degree AI will make application environments more secure, but the one thing that is certain is cybercriminals will be investing in AI to launch more sophisticated cyberattacks at scale because emerging technologies are always going to weaponized, noted Clawson. In fact, in the short term there is likely to be “an ugly brawl” between cybercriminals and defenders as both sides race to apply AI for ill and good, respectively, he added.
In short term, cybercriminals might enjoy an added AI advantage, but there is an opportunity now to leverage data lakes and the observability platforms infused with AI to make it possible to securely build and deploy applications across IT environments that only become more complex with each passing day, said Clawson. In fact, IT teams have reason to be cautiously optimistic about the future of cybersecurity in the age of AI, he noted.
Observability platforms will, of course, play a major role in helping to achieve that goal. As the data collected is increasingly normalized it should become much simpler to correlate events to proactively troubleshoot applications in ways that also make it possible to respond faster to newly discovered vulnerabilities and breaches. The challenge, of course, is finding the funding needed to enable DevSecOps teams to move beyond monitoring tools that today only track a set of pre-defined metrics that don’t provide nearly enough insight into the root cause of any given issue.
Filed Under: AI, Blogs, DevOps Onramp, DevSecOps, DevSecOps, DevSecOps, Features, News, Social – Facebook, Social – LinkedIn, Social – X
Secure Coding Practices
Step 1 of 7
14%
Does your organization currently implement secure guardrails in the software development process?(Required)
Yes, extensively across all projects
Yes, but only in specific projects or teams
In the process of implementation
No, but planning to in the near future
No, and no plans to implement
What are the biggest challenges you face in implementing secure guardrails within your development processes? (Select all that apply)(Required)
Lack of awareness or understanding
Technical difficulties in integration
Resistance from development teams
Lack of suitable tools
Cost constraints
Other
Other, tell us more:
How effective do you find secure guardrails in preventing security vulnerabilities in your projects? Rate on a scale from 1 (Not effective) to 5 (Highly effective)(Required)
1
2
3
4
5
To what extent are your secure guardrails automated?(Required)
Fully automated
Mostly automated with some manual processes
Equally automated and manual
Mostly manual with some automation
Entirely manual
What features do you prioritize in a secure guardrail solution? (Rank in order of importance)Ease of integration into existing workflowsComprehensive coverage of security vulnerabilitiesCustomizability for specific project needsMinimal impact on development speedActionable insights and recommendationsSupport for a wide range of programming languages and frameworks
What are your organization’s plans regarding the adoption or enhancement of secure guardrails within the next 12 months?(Required)
Expand the use of secure guardrails to more projects
Enhance the capabilities of existing secure guardrails
Maintain current level of secure guardrail use without changes
Reduce reliance on secure guardrails
No plans related to secure guardrails
What best describes your primary role?(Required)
Security Engineer
DevOps Engineer
Platform Engineer
Security champion on the development team
Software Developer
CISO (or equivalent)
Sr. Management (CEO, CTO, CIO, CPO, VP)
Manager, Director
Other
Δ
