Customer Story

Building an In-house, Cloud-Based SOC

An enterprise cloud data management and backup software company jump-started its in-house cybersecurity initiative with Devo

Customer Solution Requirements
  • Enable deployment on the big three public cloud platforms
  • Ingest machine data in any format from a variety of sources such as firewalls, endpoints, and other products
  • Securely send event data to partners such as an MSSP via API
  • Demonstrate proven large-scale capabilities in similar situations

Industry: Computer Software

Location: North America

Wanted: A Solution to Build a World-Class SOC

This high-growth cloud data management and backup provider was jump-starting its cybersecurity efforts.

The company’s cybersecurity staff identified an immediate need for an enterprise log management solution capable of handling large amounts of log data and which would serve as the foundation for the SOC.

The log data was coming from multiple sources, from endpoints to firewalls, as well as cloud and security products.

The staff recognized the value of using a proven solution instead of building it themselves—saving considerable time and money for an organization operating in an extremely competitive market segment.

Rather than build it themselves, they turned to in-market solutions that could ingest multiple data sources, especially cloud-based data.

Customer Quick Facts

Challenge

This enterprise cloud data management and backup provider had an immediate need to establish in-house security capabilities, revolving around its own SOC. They identified a key first step as selecting a proven enterprise log management solution.

Solution

The Devo Data Analytics Platform met and surpassed the company’s needs by accommodating all three major public cloud providers along with a wide variety of data sources.

Requirements

  • Enable deployment on the big three public cloud platforms
  • Ingest machine data in any format from a variety of sources such as firewalls, endpoints, and other products
  • Securely send event data to partners such as an MSSP via API
  • Demonstrate proven large-scale capabilities in similar situations
  • Be capable of use by select people outside of the security team

Why Devo?

Several critical capabilities made Devo attractive to the company, including:

  • Designed ‘for the cloud,’ Devo enables deployment in Microsoft Azure, Amazon Web Services, and Google Cloud Platform, providing maximum flexibility
  • The ability to ingest machine data in raw format from any source such as cloud provider log files, firewalls, security, as well as governance and compliance solutions
  • The ability to send event data and analysis files via secure API to an MSSP partner so the MSSP can perform Level 1 support
  • The Devo interface with easy to use Activeboards can be used by advanced and novice security professionals
  • Many large enterprises successfully use Devo, demonstrating a proven track record that more than exceeds this company’s requirements

Next Steps

Because Devo is making it easy to kick off development of its in-house SOC, this company will be able to quickly provide additional value to its customers and partners. The Devo Data Analytics Platform addresses all of the organization’s technical requirements, such as supporting the three main public cloud platforms, while also flexibly supporting virtually every possible data source as it securely provides event data to the company’s MSSP partner.