Ep114: From Chaos to Clarity - AI-Powered Security and Observability Investigation with Sumo Logic Mo Copilot on AWS

Kui Jia, Sumo Logic's Vice President of Engineering and Head of AI, shares how their AWS-powered AI agents transform chaotic security investigations into streamlined workflows.

Topics Include:

• Kui Jia leads AI Engineering at Sumo Logic
• SREs and SOC analysts work under chaotic, high-pressure conditions
• Teams constantly switch between different vendor tools and platforms
• Investigation requires quick hypothesis formation and complex query writing
• Sumo Logic processes petabytes of data daily across enterprises
• Company serves 2,000+ enterprise customers for 15 years
• Platform focuses on observability and cybersecurity use cases
• Investigation journey: discover, diagnose, decide, act, learn phases
• Data flows from ingestion through analytics to human insights
• Traditional workflow relies heavily on tribal domain knowledge
• Senior engineers create queries that juniors struggle to understand
• War room situations demand immediate answers, not learning curves
• Context switching between tools wastes time and creates friction
• Multiple AI generations deployed: ML anomaly detection to GenAI
• Agentic AI enables reasoning, planning, tools, and evaluation capabilities
• Mo Copilot launched at AWS re:Invent as AI agent suite
• Natural language converts high-level questions into Sumo queries
• System provides intelligent autocomplete and multi-turn conversations
• Insight agents summarize logs and security signals automatically
• Knowledge integration combines foundation models with proprietary metadata
• AI generates playbooks and remediation scripts for automated actions
• Three-tier architecture: Infrastructure, AI Tooling, and Application layers
• Built on AWS Bedrock with Nova models for performance
• Focus on reusable infrastructure and AI tooling components
• Data differentiation more important than AI model selection
• Golden datasets and contextualized metadata are development challenges
• Guardrails and evaluation frameworks critical for enterprise deployment
• AI observability enables debugging and performance monitoring
• Enterprise agents achievable within one year development timeline
• Future vision: multiple AI agents collaborating with human investigators

Participants:

• Kui Jia – Vice President of AI Engineering, Head of AI, Sumo Logic

Further Links:

• Website: https://www.sumologic.com/
• Sumo Logic in the AWS Marketplace

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/