Security rules can deterministically identify known patterns of misbehavior but may not generalize to novel threats. Fully autonomous Machine Learning or AI systems are often more flexible, but can be noisy due to lack of human context and judgment. Sumo Logic “Behavior Insights” bridges this gap by putting advanced algorithms in the hands of the user, empowering analysts to iteratively uncover patterns hidden in large quantities of log data. In this talk we will describe these capabilities and demonstrate example use cases around deeper investigation of threat indicators in cloud-based applications.