Sumo Logic Expands Dojo AI With SOC Analyst Agent That Recommends Actions, Not Just Alerts
好的,我现在需要帮用户总结这篇文章的内容,控制在100个字以内。首先,我得通读全文,抓住主要信息。 文章讲的是Sumo Logic在RSAC 2026上推出了Dojo AI平台的新功能,特别是针对安全运营中心(SOC)的分析师。他们开发了四个AI代理,包括SOC分析师代理、查询代理、知识代理和MCP服务器。这些代理能够自动分析日志,推荐应对措施,减少响应时间,并且通过自然语言处理来简化查询过程。 接下来,我需要把这些信息浓缩到100字以内。要突出Sumo Logic的创新点和这些AI代理带来的好处,比如提升效率、减少手动工作等。同时,提到他们在全球信息安全奖上的获奖情况也是一个亮点。 最后,确保语言简洁明了,不使用复杂的术语,让读者一目了然。 </think> Sumo Logic在RSAC 2026上推出Dojo AI平台新功能,包括四个AI代理:SOC分析师代理、查询代理、知识代理和MCP服务器。这些工具通过自动化分析和推荐行动提升安全运营效率,减少响应时间,并简化日志查询流程。该平台已获两项全球信息安全奖,并将在展会上进行演示。 2026-3-24 20:38:28 Author: securityboulevard.com(查看原文) 阅读量:5 收藏

Avatar photo

Sumo Logic is pushing its Dojo AI platform further into decision territory at RSAC 2026, announcing expanded AI agent capabilities that go beyond surfacing context to actually recommending what analysts should do next.

The company’s new SOC Analyst Agent, now in preview, addresses a gap that has frustrated security teams for years: traditional SIEMs are good at flagging suspicious activity, but they stop short of telling analysts how to respond. That leaves teams manually assembling response plans under pressure, slowing mean time to remediation.

“The industry is redefining what a SOC does,” said Chas Clawson, VP of Security Strategy at Sumo Logic. “It’s no longer enough to surface context and say, ‘here’s a suspicious login, go figure it out.’ Our Dojo AI SOC Analyst Agent can now recommend, for example, ‘This user has suspicious logins to three apps from these two locations. Click to temporarily suspend access as I help you investigate.’ We’re closing the loop on TDIR with agentic workflows that guide analysts to faster and more confident decisions.”

The announcement covers four agents being demonstrated at RSAC 2026. The SOC Analyst Agent (preview) helps analysts reduce mean time to remediation through automated and human-led investigations, delivering context-aware response actions and recommendations. The Query Agent (GA) converts natural language intent into precise searches, eliminating the need for complex query writing. The Knowledge Agent (GA) answers questions about how the platform works using official documentation, directly inside the workflow. The Sumo Logic MCP Server (preview) extends AI assistance across tools so that product boundaries don’t become process boundaries.

All four agents run on Sumo Logic’s Logs for Security and Cloud SIEM foundation, keeping recommendations grounded in high-fidelity data with explainable reasoning.

Scott Steenhoek, Sr. IT Cybersecurity Engineer at Sammons Financial, described the practical impact: “Sumo Logic’s Dojo AI is transforming our Security Operations team by enabling natural language log analysis and delivering contextual insights that accelerate investigations. The platform reduces noise, improves detection precision, and allows our analysts to focus on response rather than manual query building.”

Sumo Logic also announced two wins at Cyber Defence Magazine’s 14th annual Global Infosec Awards: Next Gen SIEM and Pioneering AI SOC.

The Dojo AI agents and MCP Server are available for live demonstrations at RSAC 2026 this week.


文章来源: https://securityboulevard.com/2026/03/sumo-logic-expands-dojo-ai-with-soc-analyst-agent-that-recommends-actions-not-just-alerts/
如有侵权请联系:admin#unsafe.sh