Customer Story

Global Bank Chooses Devo for Centralized Hybrid Data Logging

At a Glance
  • Designed ‘for the cloud’ with a multitenant architecture in Microsoft Azure
  • Lower TCO via significantly reduced hardware costs for both computing and storage by keeping cloud data in the cloud and on-premises data on-premises, which cuts ingress/egress cost

Industry: Financial Services

Location: North America

About The Global Retail and Commercial Bank

After spending more than two years and several million dollars, a large global retail and commercial bank realized its security incident response efforts were still failing to ingest all of the structured and unstructured data from both on-premises and cloud sources.

This left the bank vulnerable to data breaches and compliance failures due to its inability to adequately analyze threats. Digital transformation is one of the bank’s key strategic business objectives. The CISO determined that more than 80 percent of its security technology was not designed to run in the cloud. The bank knew it had to bring in a trusted partner that could provide a solution to support both structured and unstructured data from any source.

Customer Quick Facts


This global bank needed to shut down a failed, multi-year SIEM project and centralize its log management across on-premises and cloud security sources, ingesting copious amounts of unstructured and structured data— while also supporting its ongoing digital transformation initiative


The Devo Data Analytics Platform easily ingests all of the bank’s data from any source in any format, providing real-time insights that help improve performance, security, and protection from cyberthreats.


  • Daily ingestion of more than 3TB of data from more than 100 data source types
  • Unified collection of structured and unstructured data for improved efficiency and security
  • Simultaneous support for on-premises and cloud data sources
  • Cost-effective data infrastructure well-suited for peak demand while delivering a lower TCO

Wanted: A Solution To Bridge Their Cloud Migration

While many customers today are undergoing digital transformation, the reality is that a large number of key applications, especially security, were designed for on-premises use only and will never migrate to the cloud. The bank employs a wide variety of security solutions—from endpoint to network— to help protect against cyberattacks. The institution had been attempting to implement a SIEM solution to provide centralized data collection and analysis. But despite investing large sums of money on multiple solutions, its efforts were fruitless. Each SIEM solution had its drawbacks; some could only work with on-premises security solutions, while others were limited to working with cloud-based solutions. A SIEM solution the bank acquired more than two years ago promised to support both on-premises and cloud data sources, but failed to deliver.

The bank has more than 100 different data source types, comprising both structured and unstructured data, which is why it long sought a single solution to provide SIEM functionality. Another of the bank’s key requirements was performance. On a daily basis, terabytes of data need to be quickly ingested for analysis. After spending millions of dollars with the aforementioned vendor, the bank was looking for a company that could be trusted to deliver the urgently needed results.

Why Devo

Several critical capabilities made Devo attractive to the bank, including:

  • Designed ‘for the cloud’ with a multitenant architecture, Devo enables deployment in Microsoft Azure
  • The ability to smoothly ingest large volumes of data (e.g., multiple terabytes) and query as needed
  • The ability to ingest machine data in raw format—especially unstructured data—from any source
  • Lower TCO via significantly reduced hardware costs for both computing and storage by keeping cloud data in the cloud and on-premises data on-premises, which cuts ingress/egress costs
  • The Devo team’s willingness to partner with the bank to solve its needs, in contrast with previous vendors’ “take it or leave it” approaches

How much can you save?

The Devo architecture yields increased performance and significant cost savings. Ready to see how much you can save?

Next Steps

By implementing a single solution that will enable the high-performance ingestion of both unstructured and structured data from on-premises and cloud sources, the bank expects to provide more effective threat detection and response by quickly analyzing cyberthreats. And doing this with a lower TCO will facilitate its digital transformation and migration to the cloud while also helping to meet its regulatory requirements.