Case Study: Sumo Logic

Autonomous Multi-Agent SOC Investigation → Production
166% ROI • AWS Top 100 AI ISV
60→3 Min MTTR

Cybersecurity | SIEM | Agentic AI | SOC Automation

A production multi-agent system that automated SOC analyst triage, reducing investigation time from 60 to 3 minutes per alert. Validated by Forrester with 166% ROI over 3 years.

The Pivot

What Competitors Were Shipping

A guided “Farmville-style” AI assistant — step-by-step workflows requiring analyst input at every stage.

I killed this in the first week.

What Customers Actually Needed

SOC analysts don't want guidance. They want answers.

Investigation complete before they arrive.
Context assembled.
Decision-ready output.

Build → Validate → Ship

I owned the product 0→1 and personally built the initial system on real SOC telemetry.

  • Built 4-agent POC in 6 weeks.

  • Shipped to production 2 months later.

During early testing, a SOC manager stopped the session mid-demo:

“When can we have this? My team would kill for this tomorrow.”

That’s true product-market fit.

Not slides. Not demos.

An agentic AI system running on real data, proving demand from real users.

Validated Impact

166%

ROI over 3 years

90%

False positive reduction

4 hrs

Saved per incident

Top 100

AWS AI ISV

Technical Differentiation

Built a signal filtering system (patented) enabling multi-agent correlation across massive-scale SOC telemetry and surfacing actionable insights in under a minute.

This required both:

  • Deep customer insight

  • Production-grade AI system design

Not one or the other — both.

What Leaders Say

"Greg can transform a simple idea into a state-of-the-art experience. Greg's laser focus on users and letting them decide good from bad differentiates him... His in-depth understanding of technology stacks positions him into the most needed leadership space between designers and developers."

Tejaswi Redkar
CEO & Founder (former Cisco, AppDynamics, Sumo)

"What used to take about 60 minutes per alert can compress to minutes when Insight-level summaries, targeted queries, and natural-language orchestration remove manual stitching."

Chas Clawson, VP Security Strategy, Sumo Logic

"Greg doesn't just talk about innovation—he gets his hands dirty to make it happen. He shepherded the first production-ready POC with multiple agents and laid the foundation for Sumo's AI direction. If you get the chance to work with Greg, take it."

Brandon Borodach
Field CTO, Abstract Security (former Sumo)

"Greg consistently pushes boundaries—not just in design, but in validating AI product-market fit directly with customers to ensure every feature solved a real-world problem. I'd work with him again in a heartbeat."

— Catherine Davis
VP Product Management, Addigy (former Sumo)

48 LinkedIn Recommendations ↗

The Bottom Line

What I Replaced:

Traditional AI POC

  • 6+ months • $1M+ spend

  • Built on the wrong use case

  • Customer validation after development

  • Risk pushed into production

  • Missed market window

What I Delivered:

Production AI System

  • Validated in 4 weeks on real SOC data

  • Built and shipped to production

  • 166% ROI (Forrester)

  • Used by customers on real incidents

  • Featured at AWS re:Invent • Top 100 AI ISV