Devo Technology, the security data analytics company, is unveiling a series of data orchestration, data analytics, and security operations center (SOC) workflow enhancements designed to bring data control, cost efficiency, and automation to security teams. With data volumes increasing while team budgets remain the same, Devo’s latest offerings aim to ease the pressures of security while delivering robust data control.
The first of these announcements, Devo Data Orchestration, delivers complete control over enterprise data so that businesses can manage and analyze that data from any source, at scale and on their terms, according to the company. This solution “brings the power to control how the data is managed to the customer so they can effectively manage it with the kind of incremental budgets they have… [and the] exponential data growth they're facing,” explained Rakesh Nair, SVP of product and engineering at Devo.
Able to filter and route data to popular destinations such as Amazon S3, Databricks, Snowflake, and more, Devo Data Orchestration ensures that the most critical data is available for real-time analytics and alerting, while placing less valuable data in cheaper, colder repositories.
“From the smallest of organizations to…big manufacturing companies, they all have to deal with this budget issue,” said Nair. “The orchestration piece becomes almost a mandatory capability that people would expect from data analytics platforms and benefits them all.”
“The exponential expansion of the attack surface is leading many security teams to make hard decisions about what data sources they do and don’t ingest. However, this can introduce blind spots, leaving them vulnerable to cyberattacks,” said Michelle Abraham, research director, security and trust, IDC. “Having data orchestration capabilities embedded directly within a SIEM is very attractive, as many organizations seek this functionality to reduce data costs while continuing to scale.”
This announcement also introduces the Devo Data Analytics Cloud, a solution designed to orchestrate and ingest petabytes of structured and unstructured data from any source or data lake. Not only does this provide organizations with the necessary agility to control and customize analytics as needed, it allows security teams and MSSPs to create custom-built security applications and integrations on top of it.
Devo’s SOC automations build on top of Devo DeepTrace, the solution that enables security teams to autonomously investigate alerts and suspicious events and perform threat hunting at lightning speed. In accordance with Devo DeepTrace, Devo is debuting more AI embeddings for the SOC workflow so security teams can act quickly and confidently from the right context. These enhanced workflows include:
- Devo ThreatLink, a centralized, automated case management solution that enables security teams to track and collaborate on security incidents and alerts, automating alert triage, offering comprehensive reporting, and significantly reducing analyst workloads
- Devo Behavior Analytics, a UEBA solution engineered to surface anomalous activity across users, devices, and domains in multi-petabyte datasets, featuring enhanced threat detection with tunable risk-based alerting, instantaneous anomaly flagging, and targeted monitoring
“Since deploying Devo ThreatLink, our security team has seen a significant reduction in irrelevant alerts, enabling them to focus their time and energy on the threats that matter,” said Duane Hopkins, head of global cybersecurity at Carhartt. “The team can collaborate more easily and efficiently, greatly improving our ability to investigate and respond to incidents. It’s critical for us to continue to scale our security operations, and solutions like Devo’s enable us to do that by accelerating alert triage so our analysts don’t waste time and instead focus on true threats.”
To learn more about Devo, please visit https://www.devo.com/.