Skip to main content

Threat Intelligence (Security)

We’re excited to introduce Sumo Logic Threat Intelligence, a powerful feature set that enables Cloud SIEM administrators to seamlessly import indicators of Compromise (IoC) files and feeds directly into Sumo Logic to aid in security analysis. IoCs are individual data points about threats that are gathered from external sources about various entities such as host names, file hashes, IP addresses, and other known targets for compromise.

Once indicators are ingested and appear on the Threat Intelligence tab, Cloud SIEM analysts can use the hasThreatMatch function in Cloud SIEM rules to analyze incoming records for matches to the threat intelligence indicators.

Sumo Logic Threat Intelligence will help you stay ahead of emerging threats and enhance your security posture.

note

Only Cloud SIEM administrators can add threat intelligence indicators to the datastore.

Learn more.

Threat Intelligence tab
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2025 by Sumo Logic, Inc.