Personas
Name a buyer and user persona for Security, as well as Obs
SEC: CISO, CSO, CCO, Head of InfoSec, CIO, VP IT, VP SecOps, VP SOC; SOC analyst, Sec Architect, CyberSec analyst, Infosec manager
OBS: Dir SRE, VP DevOps Dir IT, VP IT; SRE, cloud engineer, DevOps engineer, Platform engineer
Which of the following is a competitor?
Palo Alto Network, Sentinel, Tableau
What are the biggest challenges in the world of Obs?
Lack of visibility into microservices, slow detection time, slow problem resolution time, siloed tools that hinder cross team communication
If a company has no SOC, but wants to beef up their security posture, but has no security staff or plans to hire any, what Sumo Logic tool can they use?
Trick question! None. The best fit for this company is an MSSP.
What is the difference between DevOps and ITOps?
DevOps is for developer tools (version control, testing tools, automation, and observability), and ITOps is focused on IT as a whole (Cloud migrations, application modernization and uptime, reducing expenses)
What are 3 shortcomings in DataDogs security offering?
1. Its not a SIEM
2. Not PCI or FedRamp compliant
3. Questionable 'uptime' and platform stability)
What are 3 questions to ask OBS practicioners?
1. How is your application architected and where does it run?
2. How effective is your current tooling and process on monitoring and troubleshooting app issues?
3. What tech stack do you use to implement code and microservices?
What are the 3 layers of cloud security tools we provide?
Cloud Security analytics, Cloud SIEM, Cloud SOAR.
Our persona 'Oscar' is an IT ops leader. Please describe what his role is and his key responsibilities.
The IT Operations Leader is responsible for the analysis, design, planning, implementation, maintenance, and security of all facets of the Information Technology group, with a focus on managing current legacy infrastructure while leveraging new cloud and multi-cloud environments. This role plans, coordinates, and directs the deployment and maintenance of applications and tools that serve the needs of the business.
The IT Operations Leader reports to and works closely with the CIO and/or CTO in identifying and implementing cost-effective technology solutions for all aspects of the business. This position provides the strategy, leadership, and day-to-day management of the DevOps and SiteOps departments inclusive of applications, infrastructure, and security. This person has the ultimate responsibility of identifying and designing current and future technical solutions
We have pre-built out dashboards for 100's of common applications, in depth queries and analytics for Logs+, and our one pane of glass includes award winning security use cases as well.
3 questions to ask of Economic buyers for OBS
1. What key initiatives are you currently facing for digital transformation?
2. What is your app dev and cloud strategy and why?
3. How are you ensuring the security of your applications?
What does SIEM stand for? Why is it important?
Security information & event management. A SIEM is needed for many different compliance frameworks, and allows security teams a much enhanced insight and visibility to understand the impact and context of Cyber attacks.
Which of the following titles is least likely to find value in Sumo Logic for their org?
IT project manager, Cybersecurity Consultant, VP of Data management.
Cybersecurity consultant
Bonus: What questions would you ask them to uncover more details?
Other than being expensive, what are two common problems prospects have with Splunk?
1. Hard to onboard new data sources
2. Hard to get support for basic issues.
3. Tons of alert fatigue
What are the main benefits of Sumo Logic's Obs platform?
1. Flexible licensing
2. Compliant, attested, and end-2-end encryption
Analytics driven approach with outlier and anomaly detection
What are these compliance frameworks used for?
FedRamp Moderate, HIPAA, PCI
FedRamp: For top secret and government contracts that have national security concerns
HIPAA: Dealing with any sort of healthcare data, whether thats insurance, medical data, or HR
PCI: Payment card Industry. For protection for payment via credit card.
For a CISO, please list (up to) 3 pain points they deal with and how we can help them.
Distributed data creates silos and lack of visibility (one pane of glass solution brings DevSecOps under one umbrella)
Typically short staffed/Underfunded (By consolidating the number of tools they use and our cost model, we can help a team be more efficient and save money)
Poor data can inhibit accurate reporting and makes IT support difficult (With easy to use queries and ai, we can cut down on false positives and reduce MTTI/MTTR)
How many different splunk product offerings are there? How many different add-ons?
5 (enterprise [on prem logs], Cloud [cloud version], ITSI [it ops solution], Enterprise Security [SIEM], Obs cloud
1000+ 3rd party add-on apps through their app store (SplunkBase)
What are the 3 tiers of application observability?
bonus: what does each do?
1. Cloud Log management
2. Infrastructure monitoring
3. Application Observability
https://sumologic.highspot.com/items/631fa3b14a6a883cbfdb84cb#9
What are 3 challenges facing Security personas?
1. Cloud Security Gaps
2. New attack Surfaces
3. Distributed Operations
4. Too many tools