Case Study: The University of California, Davis achieves faster threat response and improved SOC efficiency with Sumo Logic Cloud SOAR

UC Davis accelerates threat response and improves SOC efficiency

UC Davis, a large research university with federated IT, open-access policies, and campus services ranging from healthcare to an airport, faced a complex security environment. Their systems produce massive event volumes (about 10,000 events per second) and thousands of alerts in hours; the SOC relied on student-developed Python scripts but still struggled with overwhelming daily triage and the need for a SOAR solution that could run on‑prem and integrate with existing tooling.

They selected Sumo Logic Cloud SOAR as the SOC’s central control plane because it worked with their on‑prem requirements and existing Python scripts without custom integrations. The deployment unified orchestration across disparate tools, cut triage overhead (now administered with only 10% of a senior FTE and 25% of a junior FTE), sped threat response, reduced alert fatigue, provided role‑based access for federated departments, and set the team up to expand automated responses and compliance playbooks.

The University of California, Davis

Jeff Rowe

Security Architect