Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

5/17/2021
10:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Devo Technology Announces Devo Content Stream

CAMBRIDGE, Mass.—May 13, 2021—Devo Technology, the cloud-native logging and security analytics company, today announced Devo Content Stream, a new content delivery service that seamlessly delivers high-value content to customers on the Devo Platform. Security teams now have instant, continuous access to pre-built alerts and threat intelligence that can be operationalized in seconds. 

“Even the largest and best funded security teams struggle to stay current with the latest threats,” said Ted Julian, Senior Vice President of Product at Devo. “Legacy on premises solutions aren’t much help and there’s no easy way to get the latest content in a timely fashion. Our SaaS architecture, now paired with the Devo Content Stream, automatically delivers the latest alerts and detections. As a result, security teams can spend less time writing searches and more time on higher value activities like triaging, investigating and responding to threats.”

Devo Security Operations is the first Devo application to leverage this new capability, continuously receiving threat intelligence and curated alert content provided by Devo and its partners. As new threats emerge, Devo customers will automatically receive new detections and threat intelligence and be able to put this content into action immediately. No longer will security teams need to build their own alerts or manually curate threat intelligence to keep pace with new and developing threats.

“With evolving needs and increased data volume, our team needed a solution with on-demand, effective and efficient scalability and visibility,” said Joe Wilson, IT Threat Intelligence Manager, Ulta Beauty. “With Devo Security Operations we’ve found a scalable, cloud-native SaaS solution that shapes and analyzes our data in ways that were not possible previously. Beyond the more robust features at our disposal, we have greater confidence in our data insights. We’re impressed by the platform innovations and look forward to continued enhancements for our company.”

Devo further announced several updates to its cloud-native next-gen SIEM, Devo Security Operations. Cyberattacks are becoming more sophisticated, leveraging malware that resides only in memory to evade existing defenses. Analysts can now perform memory forensics analysis directly in Devo Security Operations, extending existing forensic analysis capabilities which include network packet capture (PCAP) and malware analysis. All findings from memory analysis can be captured and stored within Devo Security Operations investigations.

Devo also introduced a new set of integrations that maximize existing security tools by using the data and context available within them to enrich investigations, optimize workflow and enable analysts to take more confident action. These new integrations include providers of endpoint detection and response, network traffic analysis, and threat intelligence.

In addition, machine learning models will now detect hard to find signals, including anomalous users and server behavior, DNS tunneling, malicious domains, and anomalous TLS communication.

"Recent trends in cloud adoption and attacker sophistication require more security data be monitored, collected, and analyzed by security teams," said Jon Oltsik, Senior Principal Analyst and Fellow at ESG. "Organizations need solutions that close the visibility gap and provide content that is timely and operational, empowering security teams to defend against advanced cyber-threats with real-time detections and enriched investigations while maximizing analyst productivity."

To learn more about Devo and see these latest product developments in action, visit Devo at RSA Conference 2021 between May 17-20. The Devo Content Stream and the latest version of Devo Security Operations will be generally available in June 2021.

About Devo

Devo is the only cloud-native logging and security analytics platform that releases the full potential of your data to empower bold, confident action. With unrivaled scale to collect all of your data without compromise, speed to give you immediate access and answers, and clarity to focus on the signals that matter most, Devo is your ally in protecting your organization today and tomorrow. Headquartered in Cambridge, Mass., Devo is backed by Insight Partners, Georgian, and Bessemer Venture Partners. Learn more at www.devo.com.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
Edge-DRsplash-10-edge-articles
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-34682
PUBLISHED: 2021-06-12
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
CVE-2021-31811
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-32552
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.
CVE-2021-32553
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.