Sumo Logic expands Dojo AI platform with new agents to support security investigations

Sumo Logic has introduced updates to its Dojo Artificial Intelligence (AI) platform designed to assist security teams in managing alert volumes and speeding up investigation processes. The enhancements include new AI agents aimed at improving Security Operations (SecOps) efficiency.

Complexities within SecOps centers have increased due to rising alert counts, the use of diverse tools, and expectations for faster response times. The Dojo AI platform integrates agentic AI, log intelligence, and secure model interaction to address these operational challenges.

The new capabilities encompass the SOC Analyst Agent, which applies AI reasoning to facilitate triage and investigation by assessing alert severity and compiling related activity for clear situational context. The Knowledge Agent provides AI-generated responses to procedural queries using natural language. Additionally, the Model Context Protocol (MCP) server integrates client and third-party AI models into the Dojo AI ecosystem for unified operational intelligence.

Sumo Logic previously launched Dojo AI earlier this year as an agentic AI platform tailored for SecOps. The platform allows AI agents to analyze signals and provide context-aware responses that evolve through continuous feedback, aiming to enhance insight quality during production use.

Keith Kuchler, Chief Development Officer at Sumo Logic, said, “Security operations demand speed, rapid iteration, and contextual intelligence. Sumo Logic's Dojo AI continues to expand its expertise by adding additional agents and honing the skills of those agents to solve real analyst challenges. From your initial triage leveraging enriched data and context to provide actionable guidance, Dojo AI represents the next generation of AI-driven security operations.” Eric Ahlm, Security Research Director at Gartner, said, “Cybersecurity leaders must closely monitor the evolution of AI SOC agents, a group of technologies designed to augment common security operations tasks. AI SOC agents present an opportunity to transform security operations by using AI to assist human operators in performing common tasks.” Brandon Hewgill, Head of Information Security at Patrianna, said, “Sumo Logic enables businesses to reliably handle large data volumes, providing the insights they need in an efficient, cost-effective, and highly available platform accessible anywhere in the world, 24/7/365. With powerful query functions coupled with intuitive AI integration and Mobot (the Dojo AI at your side), nothing is impossible — plus the ability to automate the reduction of noise within the platform to allow for more streamlined insights where and when you need it.”

The SOC Analyst Agent and the MCP server are currently in beta and prototype stages, respectively, available to select customers, with General Availability (GA) planned for 2026. The Knowledge Agent is accessible within the current Sumo Logic platform. Demonstrations were scheduled at AWS re:Invent 2025, with sessions including enterprise-scale agent tool discussions and forums related to agentic AI.