Devo Technology today announced Devo Security Operations, the first security operations solution to combine critical security capabilities together with auto enrichment, threat intelligence community collaboration, a central evidence locker, and a streamlined analyst workflow. This powerful combination transforms the security operations center (SOC) and scales security analyst effectiveness. Analysts no longer must rely on multiple tools to manually assemble the data, context, and intelligence required to identify and investigate the threats that matter most to their business. Devo Security Operations puts this information at analysts' fingertips across the entire threat lifecycle.
With a rapidly expanding attack surface and increasingly sophisticated adversaries who can progress from initial access to lateral movement in minutes, legacy SIEMs are failing to meet the needs of analysts and SOCs. According to recent Ponemon Institute research, 53 percent of IT security practitioners believe their SOC is unable to gather evidence, investigate, and find the source of threats. Analysts must attempt to manually close the gap between detection and response, fueling the growing epidemic of analyst burnout and putting enterprises at risk. Delivered on the powerful Devo Data Analytics Platform, Devo Security Operations reduces analysts' workflow from hours to minutes, keeping SOCs ahead of even the most sophisticated adversaries.
"With traditional SIEM solutions, SOC teams struggle with too many false-positive alerts, and broken workflows, as well as speed, scale and performance issues that hinder analysts' effectiveness," said Julian Waits, general manager, cyber, Devo. "We're reinventing the category by leveraging powerful data analytics, automating incident workflow, and designing technology with a security practitioner's mindset. Devo Security Operations arms analysts with new weapons and tactics for context-rich investigations, slashing the time from detection to response and significantly reducing or eliminating damage from an attack."
An Analyst's Perspective
"There is a need for a solution that incorporates new technologies to extend the capabilities of often-overtaxed security teams. Too often, these technologies are fragmented and poorly integrated," said Scott Crawford, research vice president, information security, 451 Research. "Devo Security Operations fills this need by combining key functionalities?including entity analytics, automation and hunting?into a single integrated platform."
Devo Security Operations empowers SOC analysts to:
Devo Security Operations combines these capabilities in an integrated workflow, accelerating detection and response with auto enrichment. This enables analysts to operate more quickly and efficiently, drastically cutting response time. Devo transforms the SOC to effectively address key security use cases, including threat hunting, threat detection, triage and investigation, and digital forensics. Devo Security Operations is available now worldwide.
Devo at RSAC 2020
See Devo Security Operations in action at RSA Conference 2020, booth 2339 (South Expo), Moscone Center, San Francisco, Feb. 24 to 27.
About Devo
Devo unlocks the full value of machine data for the world's most instrumented enterprises, putting more data to work?now. Only the Devo data analytics platform addresses both the explosion in volume of machine data and the new, crushing demands of algorithms and automation. This enables IT operations and security teams to realize the full transformational promise of machine data to move businesses forward. Based in Cambridge, Mass., Devo is privately held and backed by Insight Partners. Learn more at www.devo.com.
These press releases may also interest you
|