Devo unveils platform functionality to empower analysts to detect advanced cyberthreats
Devo announced new platform functionality paired with significant updates that arm security teams with the ability to detect and act against advanced cyberthreats. Devo Flow extends the correlation, alerting and analytics capabilities of the Devo Platform, while updates to Devo Endpoint Agent and Relay further speed data onboarding in a scalable and secure fashion.
“Attacks are not just point-in-time, or even system-at-a-time events; they involve a chain of activities on multiple fronts,” said Ted Julian, senior vice president of product at Devo. “The challenge isn’t simply managing alert fatigue, but rather turning that volume of signal into actionable insight. The improvements we’re announcing today help achieve this outcome by pairing Devo Flow — a visual editor for advanced analytics — with improved telemetry from endpoints and other data sources.”
Devo Flow is an easy-to-use, intuitive visual editor that streamlines deployment of advanced correlations and analytics on streaming data in real time. It enables security teams to build sophisticated alerts and enrich, transform, and combine data in the Devo Platform.
Extending the reach and the benefits of the Devo Platform, the company also announced updates to Devo Endpoint Agent and Devo Relay — simplifying data ingestion from endpoints and a variety of sources.
Devo Endpoint Agent is a lightweight, highly distributed endpoint visibility solution that simplifies data collection. Leveraging osquery to collect and normalize data independent of the underlying operating system, Endpoint Agent delivers real-time visibility into endpoint activity and performance as well as deep insight into applications running on the endpoint.
Devo Relay is a performant, centralized and secure way to send data to the Devo Platform, offering extensive control to security teams to securely tag, filter, buffer and compress data sent for analysis. Relay is now more easily deployed and managed and allows for the ability to mask, drop, or filter confidential or sensitive data and minimizes bandwidth requirements.