Sumo Logic is launching a new AI agent for tackling security operations. Dojo AI, powered by AWS, can automate routine tasks, streamline investigations, and free up security teams to work on other tasks.
“At a time when every vendor is bringing new AI tools to market, the C-Suite is asking which agents can deliver measurable value,” said Keith Kuchler, chief development officer for Sumo Logic. “With Dojo AI, we’re bringing agentic AI directly into the enterprise security stack at cloud scale. By automating hours of manual work and reducing MTTR, Dojo AI helps customers not just keep pace with threats but get ahead of them. In fact, we’ve seen an increase in accuracy of more than 20 percent during our global rollout to customers.”
The Dojo AI platform is launching with three initial agents: Summary Agent, Query Agent, and Mobot. The general workflow of Dojo AI moves from Insight to Summary to Query to Conversation.
Summary Agent explains security insights, such as what an incident was, why it happened, and important context about it. Query Agent turns natural language conversations into Sumo Logic queries. Finally, Mobot (in beta) is a conversational agent that allows security teams to interact with the various Dojo AI agents.
Security teams can utilize Dojo AI to assist with a number of different scenarios, such as ransomware attacks, insider threats, and cloud misconfigurations. For example, in a ransomware situation, “Insights surface anomalous lateral movement. Summary Agent explains its alignment with ransomware behaviors. The query agent pivots quickly to confirm whether a similar movement occurs in other subnets,” Sumo Logic explained in a blog post.
Dojo AI is now available in the AWS Marketplace. The Query Agent and Mobot are available for all Sumo Logic customers and Summary Agent is available to Cloud SIEM customers.
