Sumo Logic today revealed it has revamped its approach to artificial intelligence (AI) with the launch of two agents and a prototype of an instance of a Model Context Protocol (MCP) server upon which it will build a more open framework.
Announced at the AWS re:Invent 2025 conference, the company added a Knowledge Agent that surfaces natural language insights into how its offerings function, and a beta of agent for security operations centers, dubbed SOC Analyst Agent, to the Sumo Logic Dojo AI portfolio.
These latest agents are designed to be elements of a larger AI framework that Sumo Logic is developing to unify the management of cybersecurity and IT operations around its MCP servers, says Chas Clawson, vice president of security strategy for Sumo Logic. “We’re rebuilding from the ground up,” he says. “It’s a complete shift in strategy.”
While there is little doubt that AI agents will automate a lot of the manual tasks that IT and security operations teams currently perform, the long term impact on how those teams operate remains to be seen. On the one hand, there is a school of thought that calls for the complete unification of security and IT operations to eliminate silos that today create a significant amount of workflow friction. On the other side of that debate, many argue there will always be a need for a separate security function that reviews configurations of platforms and services. Otherwise, an IT staff is, in effect, vouching for their own effectiveness without any formal independent review.
The one thing that is certain is there is certainly a lot of room for improving collaboration between these teams. Many of the issues discovered by cybersecurity teams could be resolved faster by IT teams augmented by AI agents.
The challenge, of course, then becomes determining the best way to orchestrate what will soon be a small army of IT and security agents that are being assigned individual tasks to complete, an issue that will be easier to resolve if they all share access to an MCP server that Sumo Logic plans to make generally available in 2026, notes Clawson.
Eventually, IT teams will be able to also integrate their own AI agents into the management framework being developed by Sumo Logic, he adds.
Sumo Logic, however, doesn’t envision AI agents ever replacing the need to keep IT and cybersecurity professionals in the loop, but there is a clear opportunity to provide deeper levels of observability across disparate workflows, he adds.
Historically, Sumo Logic has always been closely allied with Amazon Web Services (AWS) to gain access to, for example, the log data needed to train AI agents. The next challenge is to clearly leverage all the telemetry data that Sumo Logic aggregates to not just train AI agents, but also in collaboration with AWS, help orchestrate and manage them. Sumo Logic, of course, is not the only provider of a management platform with similar ambitions so it remains to be seen just what the future of IT holds.
