Customer Story Building an In-house, Cloud-Based SOC An enterprise cloud data management and backup software company jump-started its in-house cybersecurity initiative with Devo Customer Solution Requirements Enable deployment on the big three public cloud platforms Ingest machine data in any format from a variety of sources such as firewalls, endpoints, and other products Securely send event data to partners such as an MSSP via API Demonstrate proven large-scale capabilities in similar situations Industry: Computer Software Location: North America Wanted: A Solution to Build a World-Class SOC This high-growth cloud data management and backup provider was jump-starting its cybersecurity efforts. The company’s cybersecurity staff identified an immediate need for an enterprise log management solution capable of handling large amounts of log data and which would serve as the foundation for the SOC. The log data was coming from multiple sources, from endpoints to firewalls, as well as cloud and security products. The staff recognized the value of using a proven solution instead of building it themselves—saving considerable time and money for an organization operating in an extremely competitive market segment. Rather than build it themselves, they turned to in-market solutions that could ingest multiple data sources, especially cloud-based data. Customer Quick Facts Challenge This enterprise cloud data management and backup provider had an immediate need to establish in-house security capabilities, revolving around its own SOC. They identified a key first step as selecting a proven enterprise log management solution. Solution The Devo Data Analytics Platform met and surpassed the company’s needs by accommodating all three major public cloud providers along with a wide variety of data sources. Requirements Enable deployment on the big three public cloud platforms Ingest machine data in any format from a variety of sources such as firewalls, endpoints, and other products Securely send event data to partners such as an MSSP via API Demonstrate proven large-scale capabilities in similar situations Be capable of use by select people outside of the security team Why Devo? Several critical capabilities made Devo attractive to the company, including: Designed ‘for the cloud,’ Devo enables deployment in Microsoft Azure, Amazon Web Services, and Google Cloud Platform, providing maximum flexibility The ability to ingest machine data in raw format from any source such as cloud provider log files, firewalls, security, as well as governance and compliance solutions The ability to send event data and analysis files via secure API to an MSSP partner so the MSSP can perform Level 1 support The Devo interface with easy to use Activeboards can be used by advanced and novice security professionals Many large enterprises successfully use Devo, demonstrating a proven track record that more than exceeds this company’s requirements Next Steps Because Devo is making it easy to kick off development of its in-house SOC, this company will be able to quickly provide additional value to its customers and partners. The Devo Data Analytics Platform addresses all of the organization’s technical requirements, such as supporting the three main public cloud platforms, while also flexibly supporting virtually every possible data source as it securely provides event data to the company’s MSSP partner.