Case Study: Kobalt.io achieves a 10x reduction in alerts and doubles its customer base with Sumo Logic Cloud SIEM

Boosting customer experience and profits with Cloud SIEM

Kobalt.io is a Vancouver-based managed security service provider for small and mid-sized businesses that was struggling with “tool sprawl” and unsustainable costs from running two legacy SIEMs (Splunk and Sentinel). The 14-person SOC was overwhelmed by alert fatigue and maintenance overhead—so much so that leadership was considering hiring two more analysts as contracts neared renewal.

After a trial, Kobalt.io consolidated onto Sumo Logic Cloud SIEM for its ease of use, multi-tenant architecture, broad integrations, data residency support, and transparent pricing. The move cut monthly alerts from 6,000 to 600, sped customer onboarding to about 15 minutes (25 customers migrated in 20 days), doubled the customer base without adding analyst headcount, and delivered a four-month payback with profitability within six months.

Kobalt.io

Chris Spindler

SOC Manager