{"id":11392,"date":"2025-01-09T12:06:08","date_gmt":"2025-01-09T20:06:08","guid":{"rendered":"http:\/\/www.sumologic.com\/?post_type=resource&p=11392"},"modified":"2026-03-19T07:09:49","modified_gmt":"2026-03-19T15:09:49","slug":"srg","status":"publish","type":"resource","link":"https:\/\/www.sumologic.com\/case-studies\/security-resource-group","title":{"rendered":"SRG"},"content":{"rendered":"\n
<\/div>\n\n\n\n

Results at a glance<\/h3>\n\n\n\n
<\/path><\/svg>Accelerated customer onboarding from 60 days to two hours to realize a 95% time savings<\/span><\/div><\/div>\n\n\n\n
<\/path><\/svg>Reduced time-to-detect by 75% to meet 15-minute response SLA<\/span><\/div><\/div>\n\n\n\n
<\/path><\/svg>Streamlined investigation decisions from one hour to three minutes, capturing 98% time savings<\/span><\/div><\/div>\n\n\n\n
<\/path><\/svg>Offered differentiated service with security and log analytics<\/span><\/div><\/div>\n\n\n\n
<\/path><\/svg>Enabled scalable data analysis that ingests 2 TB per day<\/span><\/div><\/div>\n\n\n\n
<\/path><\/svg>Reduced tooling costs by $2.5M by consolidating on Sumo Logic<\/span><\/div><\/div>\n\n\n\n
<\/div>\n\n\n\n

Challenge<\/h3>\n\n\n\n

Security Resource Group Inc (SRG) needed a SIEM solution that provided faster customer onboarding and better scalability for its 24\/7 security monitoring services.<\/h5>\n\n\n\n

As a top-tier managed security services provider (MSSP), SRG\u2019s international customer base was consistently expanding; however, the company\u2019s legacy managed security information and event management (SIEM) solution wasn\u2019t keeping pace with the growth. The solution ran on-premises and demanded mass amounts of compute and storage resources, making it exponentially costly and time-consuming to maintain. In addition, the SIEM was exceedingly complex for onboarding new customers. The lengthy process often required up to 60 days to complete.<\/p>\n\n\n\n

Ultimately, SRG wanted to move to a modern SIEM solution that would support the MSSP\u2019s growth, agility and goal of delivering fast time-to-value.<\/p>\n\n\n\n

<\/div>\n\n\n\n

Solution<\/h3>\n\n\n\n

SRG created a list of 21 requirements for their desired replacement, expecting they might need to adopt multiple solutions to equip the security team with the full set of capabilities.<\/p>\n\n\n\n

James Morris, Vice President, Cyber Services and Technology at SRG, describes, \u201cAfter an exhaustive review of many industry SIEMs, we did a full integration testing of three solutions, and at the end of the day, we decided to partner with Sumo Logic. I’ll tell you right now, it\u2019s the best decision we ever made. Sumo Logic ticked all the boxes for our requirements in a single solution. It provided flexibility in the platform for our security team to do non-traditional things for security monitoring.\u201d<\/p>\n\n\n\n

<\/div>\n\n\n
<\/div>
\n \"James<\/figure><\/figure>

James Morris<\/p>

VP Cyber Services and Technology<\/p><\/div><\/div>

\u201cA portion of the data that comes in is valuable for security analytics, and a typical MSSP will drop the rest. At SRG, we bring in all the data with Sumo Logic and let our customers leverage the log analytics for their business intelligence at no charge.\n\u201d<\/div><\/div>
\"James<\/a><\/div><\/div><\/div><\/div><\/div>\n\n\n
<\/div>\n\n\n\n

Results<\/h3>\n\n\n\n

Delivering fast time-to-value with onboarding in two hours<\/strong><\/p>\n\n\n\n

Sumo Logic\u2019s MSSP platform features a multi-tenant, cloud-native architecture that simplifies customer management with a single, unified console and ingests 2TB a day across SRG\u2019s customer base. In addition, with the platform\u2019s built-in scalability, SRG can spin up a new customer environment without having to spend any cycles in the onboarding process worrying about performance issues.<\/p>\n\n\n\n

With the solution\u2019s ease of use and native API integrations, SRG experienced a big win with accelerated customer onboarding.<\/p>\n\n\n\n

\u201cWith Sumo Logic, it only takes us two hours from the point that we sign a new contract to the point our customer has their SIEM up and running and can see value from it. We needed 60 days before, depending on the size and scope of the opportunity, so that\u2019s a massive 95% reduction in onboarding time,\u201d Morris shared.<\/p>\n\n\n\n

Providing customers with a differentiated MSSP service<\/strong><\/p>\n\n\n\n

Sumo Logic provides SRG with a single, integrated log management platform that supports many use cases \u2014 from the MSSP\u2019s native cloud SIEM needs to log analytics, infrastructure monitoring and more. This breadth in log telemetry empowers SRG\u2019s security team to not only collect the data they need for managing a customer\u2019s security operations center (SOC) but also to offer log analytics for a customer\u2019s operational intelligence.<\/p>\n\n\n\n

SRG\u2019s unique approach to leveraging the breadth of Sumo Logic\u2019s data insights creates a differentiated MSSP offering in the market and provides a win-win for SRG and its customers.<\/p>\n\n\n\n

\u201cA portion of the data that comes in is valuable for security analytics, and a typical MSSP will drop the rest. At SRG, we bring in all the data with Sumo Logic and let our customers leverage the log analytics for their business intelligence at no charge,\u201d explains Morris.<\/p>\n\n\n\n

Explaining further how this is a win-win for SRG and its customers, Morris shared, \u201cSumo Logic gives us a one-stop-ingestion-shop that helps us identify things like brute force attacks and other risks stemming from misconfigurations. We can then advise customers on where they need to fix their configurations, which improves the quality of the security analytics. As a result, our team can focus on real detections to meet our 15-minute service level agreement for the time between detection and response.\u201d<\/p>\n\n\n\n

Freeing up time to focus on threat hunting and customer value<\/strong><\/p>\n\n\n\n

SRG\u2019s previous SIEM solution was plagued with false positives, which created a lot of stress for the security team and limited the number of tickets they could complete daily. Sumo Logic alleviated these challenges. The platform\u2019s advanced analytics parses, maps and creates normalized records from data and correlates detected threats, which reduced SRG\u2019s alert noise by 75% and decreased the team\u2019s event management decision time from one hour to three minutes. As a result, SRG\u2019s security analysts are less stressed, can focus on the threats that matter most and have greater time efficiency.<\/p>\n\n\n\n

\u201cRunning a SOC for our customers means we have to do the right thing every time, the first time and in very little time. Sumo Logic allows us to do that. We now have more time to spend on threat hunting, on providing value and on advisory services for the customers,\u201d said Morris. In terms of the many positive customer impacts, Morris shared, \u201cour threat hunting time-to-detect reduced by over 200% and our accuracy increased three-fold.\u201d<\/p>\n\n\n\n

Fostering customer collaboration with unified visibility<\/strong><\/p>\n\n\n\n

With Sumo Logic, the SRG analysts have the go-to dashboards they need to gain an overarching view across the customer base and easy drill-downs to obtain deeper insights into a specific client\u2019s security posture. The platform\u2019s role-based access control (RBAC) also enables SRG to let customers view their data, so they can see exactly the same data and insights that SRG does.<\/p>\n\n\n\n

\u201cProviding customers access to Sumo Logic fosters collaboration where we can work hand-in-hand from the same data. Our customers have an in-depth knowledge of their environment, so it makes the process significantly faster and cleaner when we need to go through a log entry together to understand it,\u201d said Morris.<\/p>\n","protected":false},"excerpt":{"rendered":"

When this MSSP needed a scalable SIEM, they got fast time to value and reduced their tooling costs by millions of dollars. Learn more about how they improved their security posture while saving time and money.<\/p>\n","protected":false},"author":4,"featured_media":58838,"template":"","meta":{"_acf_changed":true,"show_custom_date":false,"custom_date":"","featured":false,"featured_image":0,"learn_more_label":"","image_alt_text":"","learn_more_type":"","show_popup":false,"learn_more_link_file":0,"event_date":false,"event_start_date":"","event_end_date":"","place_holder_image_url":"","post_reading_time":"4","notification_enabled":false,"notification_text":"","notification_logo":"","notification_expiration_time":0,"is_enable_transparent_header":false,"selected_taxonomy_terms":{"resource-type":[29],"resource-solution":[45,46],"translation_priority":[221]},"selected_primary_terms":{"resource-type":[],"resource-solution":[]},"learn_more_link":[],"featured_page_list":[],"notification_enabled_post_list":[],"_gspb_post_css":"#gspb_iconsList-id-gsbp-4a24fcd.gspb_iconsList .gspb_iconsList__item__text{margin-left:15px}#gspb_iconsList-id-gsbp-4a24fcd.gspb_iconsList .gspb_iconsList__item{display:flex;flex-direction:row;align-items:center;position:relative}#gspb_iconsList-id-gsbp-0bb5ad2.gspb_iconsList .gspb_iconsList__item svg path,#gspb_iconsList-id-gsbp-1d29c35.gspb_iconsList .gspb_iconsList__item svg path,#gspb_iconsList-id-gsbp-2b1a2e4.gspb_iconsList .gspb_iconsList__item svg path,#gspb_iconsList-id-gsbp-4a24fcd.gspb_iconsList .gspb_iconsList__item svg path,#gspb_iconsList-id-gsbp-a617356.gspb_iconsList .gspb_iconsList__item svg path,#gspb_iconsList-id-gsbp-e68183f.gspb_iconsList .gspb_iconsList__item svg path{fill:#2184f9!important}#gspb_iconsList-id-gsbp-0bb5ad2.gspb_iconsList [data-id='0'] svg,#gspb_iconsList-id-gsbp-1d29c35.gspb_iconsList [data-id='0'] svg,#gspb_iconsList-id-gsbp-2b1a2e4.gspb_iconsList [data-id='0'] svg,#gspb_iconsList-id-gsbp-4a24fcd.gspb_iconsList [data-id='0'] svg,#gspb_iconsList-id-gsbp-a617356.gspb_iconsList [data-id='0'] svg,#gspb_iconsList-id-gsbp-e68183f.gspb_iconsList [data-id='0'] svg,body #gspb_iconsList-id-gsbp-0bb5ad2.gspb_iconsList .gspb_iconsList__item img,body #gspb_iconsList-id-gsbp-0bb5ad2.gspb_iconsList .gspb_iconsList__item svg,body #gspb_iconsList-id-gsbp-1d29c35.gspb_iconsList .gspb_iconsList__item img,body #gspb_iconsList-id-gsbp-1d29c35.gspb_iconsList .gspb_iconsList__item svg,body #gspb_iconsList-id-gsbp-2b1a2e4.gspb_iconsList .gspb_iconsList__item img,body #gspb_iconsList-id-gsbp-2b1a2e4.gspb_iconsList .gspb_iconsList__item svg,body #gspb_iconsList-id-gsbp-4a24fcd.gspb_iconsList .gspb_iconsList__item img,body #gspb_iconsList-id-gsbp-4a24fcd.gspb_iconsList .gspb_iconsList__item svg,body #gspb_iconsList-id-gsbp-a617356.gspb_iconsList .gspb_iconsList__item img,body #gspb_iconsList-id-gsbp-a617356.gspb_iconsList .gspb_iconsList__item svg,body #gspb_iconsList-id-gsbp-e68183f.gspb_iconsList .gspb_iconsList__item img,body #gspb_iconsList-id-gsbp-e68183f.gspb_iconsList .gspb_iconsList__item svg{margin:0!important}#gspb_iconsList-id-gsbp-0bb5ad2.gspb_iconsList .gspb_iconsList__item__text{margin-left:15px}#gspb_iconsList-id-gsbp-0bb5ad2.gspb_iconsList .gspb_iconsList__item{display:flex;flex-direction:row;align-items:center;position:relative}#gspb_iconsList-id-gsbp-a617356.gspb_iconsList .gspb_iconsList__item__text{margin-left:15px}#gspb_iconsList-id-gsbp-a617356.gspb_iconsList .gspb_iconsList__item{display:flex;flex-direction:row;align-items:center;position:relative}#gspb_iconsList-id-gsbp-1d29c35.gspb_iconsList .gspb_iconsList__item__text{margin-left:15px}#gspb_iconsList-id-gsbp-1d29c35.gspb_iconsList .gspb_iconsList__item{display:flex;flex-direction:row;align-items:center;position:relative}#gspb_iconsList-id-gsbp-2b1a2e4.gspb_iconsList .gspb_iconsList__item__text{margin-left:15px}#gspb_iconsList-id-gsbp-2b1a2e4.gspb_iconsList .gspb_iconsList__item{display:flex;flex-direction:row;align-items:center;position:relative}#gspb_iconsList-id-gsbp-e68183f.gspb_iconsList .gspb_iconsList__item__text{margin-left:15px}#gspb_iconsList-id-gsbp-e68183f.gspb_iconsList .gspb_iconsList__item{display:flex;flex-direction:row;align-items:center;position:relative}","_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"3185,3180,3170","_relevanssi_noindex_reason":"","inline_featured_image":false},"resource-type":[29],"resource-solution":[45,46],"class_list":["post-11392","resource","type-resource","status-publish","has-post-thumbnail","hentry","resource-type-case-studies","resource-solution-case-study","resource-solution-cloud-siem"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.sumologic.com\/wp-json\/wp\/v2\/resource\/11392","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sumologic.com\/wp-json\/wp\/v2\/resource"}],"about":[{"href":"https:\/\/www.sumologic.com\/wp-json\/wp\/v2\/types\/resource"}],"author":[{"embeddable":true,"href":"https:\/\/www.sumologic.com\/wp-json\/wp\/v2\/users\/4"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.sumologic.com\/wp-json\/wp\/v2\/media\/58838"}],"wp:attachment":[{"href":"https:\/\/www.sumologic.com\/wp-json\/wp\/v2\/media?parent=11392"}],"wp:term":[{"taxonomy":"resource-type","embeddable":true,"href":"https:\/\/www.sumologic.com\/wp-json\/wp\/v2\/resource-type?post=11392"},{"taxonomy":"resource-solution","embeddable":true,"href":"https:\/\/www.sumologic.com\/wp-json\/wp\/v2\/resource-solution?post=11392"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}