At AWS re:Invent, I spoke with Sumo Logic’s VP of Security Strategy, Chas Clawson, who detailed how agentic AI is reshaping cybersecurity, observability, and enterprise operations. He emphasized that AI agents are no longer experimental add-ons but operational “super geniuses” capable of transforming security workflows, triage, and efficiency at scale.
Clawson detailed how Sumo Logic’s Dojo AI and emerging agentic framework are enabling customers to operationalize intelligent agents responsibly—with trust, visibility, and control—while preparing for a future where agent-to-agent interaction becomes the default architecture for digital systems.
Main Takeaways
Potential of AI agents: Agentic AI is not overhyped—Clawson argues that enterprises are underestimating how dramatically intelligent agents will transform IT and security operations.
Dojo AI: Sumo Logic’s early “copilot” approach evolved into Dojo AI, built on a more sophisticated agentic framework that incorporates customer feedback, trust, observability, and session attribution.
Menu of agents: New Sumo agents—such as the SOC Analyst Agent and Knowledge Agent—perform advanced investigation and triage tasks, reducing analyst workload and accelerating response.
Agent-to-agent world: Sumo Logic is preparing for an “agent-to-agent world” and offering an MCP server to route queries intelligently across agents, leveraging open standards pioneered by Anthropic and Google.
Key Quotes
“The age of agents is fundamentally changing everything.”
Clawson describes agentic AI as a transformative shift that is actually underhyped in the enterprise world. He explains that organizations now have access to “super geniuses in a bottle”—intelligent agents that can plug into operational systems to take action, improve efficiency, and unlock use cases never before possible. The challenge is no longer model intelligence but operationalizing agents safely and reliably at scale.
“We pumped the brakes a little bit and decided to rebuild our entire platform with an agentic framework.”
After launching an initial copilot, Sumo Logic listened closely to customer feedback—particularly around trust, observability, and attribution—and paused development to rethink its approach. This led to the creation of Dojo AI, an agentic architecture designed to support modular, scalable, and secure agent capabilities that map to real customer needs.
“Had you given me this tool when I was working at the NSA, I would have thought it was alien technology.”
Clawson highlights the power of Sumo Logic’s new SOC Analyst Agent, which can ingest an alert, investigate it independently, build context, run queries, form hypotheses, and recommend remediation steps—work that traditionally takes analysts hours. The ability to perform this level of triage in minutes is, in his words, “mind blowing.”
“Sumo Logic wants to participate in that new agent-to-agent world…our MCP server is the front door into all of the agents we’ve built.”
Looking ahead, Clawson envisions a future where personal agents, software agents, and infrastructure agents all communicate autonomously. Sumo Logic plans to enable this reality with its MCP server—a standardized gateway that routes questions to the appropriate agent. Built on emerging open standards like Anthropic’s MCP and Google’s A2A protocol, the server allows customers to use their data across an intelligent agent fabric with far less complexity.
