Devo Technology launches data orchestration and SOC enhancements
Devo Technology is launching data orchestration, a data analytics cloud, and security operations center (SOC) workflow enhancements, offering security teams data control, cost optimizations, and efficient automation.
Security teams are grappling with the vast amounts of data they need to manage and analyze, as many traditional SIEMs do not cost-efficiently ingest data from any source. With the launch of Devo’s new data orchestration and data analytics cloud, organizations aren’t forced to omit data sources because it’s too expensive. Devo’s SOC workflow enhancements also enable analysts to easily act on that data with AI-driven automation for precise threat detection and incident response.
“No organization should have to forgo security because of high vendor costs that balloon with scale,” said Rakesh Nair, SVP of product and engineering at Devo.
“While there have been many changes in the SIEM market, we’ve remained unwaveringly focused on enabling our customers to maintain control while providing them with the flexibility they need to meet their unique SOC needs. Built on the principles of agnostic data support, we empower security teams to analyze and act—fast,” Nair continued.
Devo Data Orchestration gives companies total control of their data so they can manage and analyze it from any source—at scale and on their terms. It filters and routes data to destinations such as Amazon S3, Databricks, Snowflake, and others to ensure the most valuable data is available for real-time analytics and alerting, while optimizing where less valuable data is stored. This gives enterprises and managed security service providers (MSSPs) the flexibility to manage costs while scaling to meet growing data volumes.
“The exponential expansion of the attack surface is leading many security teams to make hard decisions about what data sources they do and don’t ingest. However, this can introduce blind spots, leaving them vulnerable to cyberattacks,” said Michelle Abraham, research director, security and trust, IDC.
“Having data orchestration capabilities embedded directly within a SIEM is very attractive, as many organizations seek this functionality to reduce data costs while continuing to scale,” Abraham added.
With the increase in data sources, organizations need flexible solutions that enable them to control and customize as needed. Devo Data Analytics Cloud orchestrates and ingests petabytes of structured and unstructured data from any source or data lake. It also enables security teams and MSSPs to develop custom security applications and integrations. Organizations can also use Devo’s pre-built alerts, applications, and dashboards to get started fast.
SOC teams need solutions that enable them to work more efficiently and make decisions faster. Building on the launch of Devo DeepTrace, which made Devo the only SIEM with attack-tracing AI, Devo continues to embed AI throughout the SOC workflow, giving security teams the right context to act quickly—and confidently.
Devo ThreatLink offers centralized, automated case management to help security teams track and collaborate on security incidents and alerts. It automates alert triage by correlating and enriching alerts into high-fidelity cases, reducing analyst workload from thousands of alerts to tens of cases per day. Comprehensive reporting offers valuable insights into SOC performance, enabling data-driven operations and demonstrating value to stakeholders. Devo ThreatLink helps analysts prioritize threats, investigate efficiently, and take decisive action.
Devo Behavior Analytics is a UEBA solution that uncovers anomalous activity across users, devices, and domains within multi-petabyte datasets. It now delivers enhanced threat detection with tunable risk-based alerting, instantaneous anomaly flagging through a new streaming architecture, and targeted monitoring of high-risk assets combined with noise reduction via flexible whitelisting capabilities. Analysts can easily prioritize high-risk threats with Behavior Analytics’ entity risk context within Devo ThreatLink.
“Since deploying Devo ThreatLink, our security team has seen a significant reduction in irrelevant alerts, enabling them to focus their time and energy on the threats that matter,” said Duane Hopkins, head of global cybersecurity at Carhartt.
“The team can collaborate more easily and efficiently, greatly improving our ability to investigate and respond to incidents. It’s critical for us to continue to scale our security operations, and solutions like Devo’s enable us to do that by accelerating alert triage so our analysts don’t waste time and instead focus on true threats,” Hopkins concluded.