Sumo Logic Dojo AI on AWS Brings Agentic Automation to the SOC

Sumo Logic is rolling out Dojo AI on Amazon Web Services to take busywork out of the SOC and push teams toward faster, more proactive response. Built on Amazon Bedrock and the new Amazon Nova models, Dojo AI pairs agentic automation with Sumo Logic’s cloud-native platform so analysts spend less time on query wrangling and handoffs and more time closing risk.

A different approach to AI in security

Every vendor is pushing AI right now, but CISOs are left sorting out what’s real versus what’s bolted on. Chas Clawson, Field CTO at Sumo Logic, made that distinction clear.

That framework matters because it’s extensible. The first set of agents - Mobot for conversational interaction, Query Agent for translating natural language into Sumo Logic searches, and Summary Agent for incident summaries - are already in customers’ hands. More agents are planned, but the structure ensures each new capability fits into a unified workflow rather than another disconnected add-on. Early customers have already reported measurable results, with reduced mean time to respond and up to a 20 percent increase in accuracy.

Solving analyst bottlenecks

SOC teams know the grind: too many alerts, too much context switching, too much manual triage. These pain points add friction and stretch investigations well beyond what fast-moving threats allow. Dojo AI targets those very steps.

Clawson explained, “Our approach has always been that alerts or ‘Insights’ should be entity-based and provide the full kill-chain context. Still, analysts have to spend time reviewing all of the signals to make a determination on what happened. This causes frictions that slow SOCs down: alert fatigue, context switching, manual triage, and slow responses. With Dojo AI, we are taking this a step further, with agents that automatically pull surrounding signals together, accelerate scoping and triage, and produce consistent investigation summaries - so analysts spend less time assembling context and more time deciding and acting.”

The result is not a replacement for analysts but a set of workflows that allow them to move faster, spend more energy on high-value issues, and reduce repetitive manual steps that add little value.

Roadmap for agentic workflows

Dojo AI is rolling out in stages to ensure quality and scalability. Today’s release includes Mobot, Query Agent, and Summary Agent, but more agents are already in the pipeline.

This phased approach helps customers operationalize agentic workflows with confidence. It also sets clear expectations that the ecosystem of agents will continue to grow, allowing enterprises to adopt incrementally rather than face a wholesale transition.

Creating opportunities for partners

Dojo AI is also designed with MSSPs and partners in mind. Many providers are exploring how to add AI-driven operations into their service catalogs to stand out in a crowded market. Sumo Logic aims to give them a path to do just that.

Clawson pointed to the AI Model Context Protocol as a key enabler:

That opens the door for MSSPs to package new offerings on top of the Dojo AI foundation, layering their expertise and services without rebuilding infrastructure. The combination of scale - Sumo Logic already ingests more than 3.5 exabytes of data daily - and enterprise-grade AI workflows creates a differentiated way for partners to deliver measurable improvements to customers.

Agentic AI is moving from slideware to real SOC work. With Dojo AI, Sumo Logic is focusing on the areas where automation can make the biggest difference first: reducing manual triage, improving query-to-answer workflows, and producing consistent summaries that shorten investigations.

Clawson summed it up, “Built for SOC teams, not to replace them, our security analytics let partners and enterprises deliver measurable gains without a rip-and-replace, always with a human in the loop. Sitting at the center of the security stack, Sumo will continue to add AI capabilities that boost the value of adjacent solutions through advanced correlation and actionable insights.”

Dojo AI is available today through Sumo Logic and in AWS Marketplace, with further agents coming soon. For teams measuring success by faster investigations and reduced MTTR, this is a way to put AI into daily practice without changing the fundamentals of how their SOC operates.