Sumo Logic Successfully Completes PCI Data Security Standard Validation for Machine Data Analytics Services

Sumo Logic Is the First and Only Machine Data Analytics Provider With Level 1 PCI DSS 3.0 Certification


REDWOOD CITY, CA--(Marketwired - Feb 19, 2015) - Sumo Logic, the next generation machine data intelligence company, announced that it has validated compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) version 3.0 as a "Level 1" service provider for its machine data analytics services. Version 3.0 of the PCI DSS went into effect on January 1 and expanded the scope of companies subject to the standard. Now, vendors of companies subject to PCI compliance must also demonstrate their compliance to these stringent security requirements, as well.

"We are the most thoroughly audited SaaS provider in our space. None of our competitors, direct or indirect, have subjected themselves to the rigor of PCI/DSS Service Provider certification. In fact, most have not subjected themselves to really any third party audits or assessments, of which we now have several," said Joan Pepin, VP of Security and CISO at Sumo Logic. "Furthermore, we built Sumo Logic from the ground up to make continuous security and IT monitoring more transparent and efficient. The speed with which we've demonstrated PCI compliance demonstrates our success internally with own systems and externally with our customers."

The scope of the assessment includes the machine data analytics platform, including all of the cloud-based infrastructure and applications utilized to provide the service. Sumo Logic is currently the only machine data analytics provider that has met this global benchmark for security.

The PCI DSS is a comprehensive set of standards that require merchants and service providers that store, process or transmit customer payment card data to adhere to strict information security controls and processes. The standard includes 12 requirements that include the following security topics:

  • Security management
  • Policies and procedures
  • Physical security
  • Network architecture
  • User access management
  • Network and systems monitoring
  • Software development

The PCI DSS requires that any merchant that outsources the transmission, processing, or storage of payment card data to a third party provider verify that the provider adheres to the standard. As a leading provider of machine data intelligence services to merchants and service providers, Sumo Logic has proactively met this obligation to its customers for its platform. Additionally, many merchants and service providers utilize Sumo Logic in order to help meet their PCI compliance requirements, in particular with the log monitoring specifications within requirement 10 of the DSS.

"Sumo Logic's PCI Application is instrumental for enterprises that must demonstrate adherence with PCI requirement 10 for log management," said Bruno Kurtic, Founding VP of Product and Strategy at Sumo Logic. "Not only can Sumo Logic's services deliver the dashboards and documentation that streamline the PCI compliance process, but our dedication to securing the Sumo Logic service underscores how highly we prioritize securing our customers' data, as well."

The assessment was performed by BrightLine CPAs & Associates, Inc. (www.brightline.com), a globally accredited Qualified Security Assessor (QSA) firm that provides assurance and compliance services cloud computing providers around the world. The scope of the assessment included the applicable requirements of version 3.0 of the PCI Data Security Standard for validation of "Level 1" service providers. Following the completion of the assessment, a Report on Compliance (ROC) and an Attestation of Compliance (AOC) was issued to reflect Sumo Logic's full compliance with the PCI Data Security Standard.

Learn more about Sumo Logic
Sign up for Sumo Logic instantly and for free: https://www.sumologic.com/pricing
Watch the Sumo Logic product overview video: http://sumolo.gs/18SQCQ0

About Sumo Logic
Sumo Logic is the next-generation machine data intelligence company that leverages Big Data for real-time IT insights. The company's cloud-based service provides customers like GoGo Inflight, McGraw-Hill, Medallia, Netflix, Orange and SolarCity with real-time interactive analytics at unprecedented petabyte scale. The Sumo Logic service is powered by patent-pending Elastic Log Processing™ and LogReduce™ technologies, and transforms machine data into actionable insights for IT operations, application management, and security and compliance teams. Unlike expensive and complex premise-based solutions, the Sumo Logic service has a low TCO, can be deployed instantly, scales elastically and requires zero maintenance. The company is based in Silicon Valley and is backed by Greylock Partners, Sutter Hill Ventures, Accel Partners and Sequoia Capital. For more information, visit www.sumologic.com.

Connect with Sumo Logic
Read the Blog: http://www.sumologic.com/blog/
Follow Sumo Logic Twitter: https://twitter.com/sumologic 
Visit us on Facebook: http://www.facebook.com/Sumo.Logic

Contact Information:

Media Contact
Caitlin Haskins
Trainer Communications
sumologic@trainercomm.com
(415) 800-5369