Case Study: Twitter achieves PCI compliance and reduces audit scope with Sumo Logic

Why Twitter Chose Sumo Logic to Address PCI Compliance

Twitter, a large social network running hundreds of thousands of servers in a private datacenter and serving over 300 million monthly users, faced an upcoming PCI audit that required stringent, centralized logging (PCI DSS requirement 10) across its environment. Building and operating the necessary logging infrastructure in-house would have been time-consuming, costly and risky — potentially expanding audit scope and requiring extensive production changes and approvals.

Twitter chose Sumo Logic’s cloud platform and deployed collector agents to forward audit logs to a PCI- and SOC-compliant service, keeping sensitive logging data segmented from its private cloud. This approach delivered rapid time-to-value, enabled automated, machine-learning-driven alerting and anomaly detection, reduced scope and complexity, and allowed Twitter to meet PCI requirements and complete the audit on schedule.

Twitter

Jim Skinner

Technical Program Manager