Devo: Data Operations Platform Aids Enterprise Security

CIO VendorJulian Waits, General Manager, Cyber
Global organizations operating across many industry verticals have adopted security strategies that focus on preventing data breaches, theft of customer information, and intrusion detection. However, this limited approach leaves enterprises at risk, as cyber threats take only a few seconds to infect a system, yet can go undetected for months. The frequency of these attacks and their sophistication has created the need for a solution that not only detects, and defends against cyber threats, but also identifies attacks at the earliest stage possible – preferably in real time. “Although technologies such as artificial intelligence (AI) and machine learning are paving the way for enhanced security measures, the real challenge is to adopt them in such a manner that they not only expose security anomalies but also remove them from the affected system before any major data loss occurs,” says Julian Waits, General Manager, Cyber at Devo. A provider of a data operations platform used for security management, Devo enables organizations to secure their rapidly expanding attack surface and safeguard users, applications and platforms to ensure operational security.

Devo enables its users to treat all data as security data, collecting and analyzing all incoming data–from firewalls, EDRs and other security solutions–to detect threats against those systems in real time with comprehensive threat-hunting capabilities. Devo ensures that attackers who leverage artificial intelligence to spread malware to compromise systems are discovered and remediated prior to a material breach devastates an organization. The company also analyzes incoming data within the context of historical data, giving companies’ insight into threats and weaknesses in security systems and processes, while identifying and mitigating malicious bots and malware.

We believe all data is security data—if you’re not looking at all your data, you’re putting your organization at risk

The Devo platform and security offerings can also be integrated with solutions from other vendors that capture and process security-related data, helping its clients find vulnerabilities across all data operations to facilitate incidence response and orchestration.

At the core of the Devo’s platform is the ability to capture and analyze data in real time. The platform’s approach to ingesting, storing and analyzing streams of data avoids the need to index data at ingestion, instead micro-indexing the data after it has been written to disk. “In micro-indexing, our team compares and establishes a relationship between newly gathered data and the historical data of an organization, using machine learning. This technique enables firms to monitor, manage, and observe any pattern changes in their data,” explains Waits. However, before implementing its solution, the Devo’s team analyzes each customer’s business operations to map out critical aspects of their business that might be at risk.

For example, Devo enabled one of the largest banks in Europe to stop cyber-attacks on its systems. The firm needed to see the full picture of its security landscape, which required it to collect and analyze increasing volumes of data from a variety of sources, including in-house and customer-focused applications, business processes, and non-traditional devices. With Devo, the bank can ingest, store and perform real-time and historical analysis of its machine data, giving it a comprehensive view of its entire security posture.

Devo works with many enterprises across Europe and North America, offering powerful solutions for their operational and security-related data challenges. The company also enables organizations to maximize the economic and operational value of their machine data with real-time analytics on streaming and historical data to turn machine data into actions, helping enterprises achieve sustained performance and growth.