Customer Story National Financial Services Firm Chooses Devo Over LogRhythm to Make SOC More Effective At a Glance Enable greater visibility into the firm’s on-premises and cloud data Make the firm’s SOC analysts more productive and efficient Ability to scale with the company’s future data volume projections Industry: Financial Services Location: North America About The National Financial Services Firm Seeking to make its SOC more effective, a top national financial servicesorganization identified increased visibility into all of its environments as an urgent need. The firm is in the midst of a digital transformation and currently has a mix of on-premises and cloud computing data feeds.The incumbent, LogRhthym, was failing to ingest cloud data from AWS CloudTrail and other services. This, combined with prior product issues, compelled the financial services firm to seek a replacement. Customer Quick Facts Challenge In the midst of a digital transformation, this top financial services firm discovered several shortcomings of LogRhythm related to ingesting cloud data. This major issue, coupled with past dissatisfaction with LogRhythm, and on-premises data that prevented the firm’s SOC from performing to expectations led to the decision to replace LogRhythm with Devo. Solution The Devo Platform ingests all data types, regardless of location. Activeboards make it easy for analysts to visualize and analyze data, and Devo easily scales to terabytes of data ingestion per day. Requirements Enable greater visibility into the firm’s on-premises and cloud data Ability to ingest cloud data such as AWS CloudTrail and other services Ability to scale with the company’s future data volume projections Make the firm’s SOC analysts more productive and efficient Wanted: A Solution To Handle Cloud And On-premises Data, Including AS/400 A large national financial services firm with branches in most U.S. states is well into a digital transformation. Prior to this project, the security team was aware their ineffective SOC required modernization.The company had been a longtime LogRhythm customer, but during its transition to the cloud the firm discovered that LogRhythm could not ingest cloud data from services such as AWS CloudTrail, Office 365, and Azure. This major shortcoming, compounded by other historic LogRhythm product issues including the inability to deliver desired functionality—data field limitations, difficulty creating custom rules and alerts, challenges integrating custom threat intelligence, and complex threat-hunting workflows—all served to highlight the firm’s past issueswith LogRhythm. The firm also had ongoing and future on-premises data needs, such as firewalls, proxy logs, Windows servers, applications, and even AS/400 data. All of these issues compromised SOC performance, making the decision to shed LogRhythm easy. Why Devo Several critical capabilities made Devo attractive to the customer, including: The ability to ingest machine data in raw format—especially unstructured data—from on-premises and cloud sources such as cloud provider log files, firewalls, and security, as well as older legacy systemsThe ability to smoothly ingest multiple terabytes of data and query as neededThe ability to easily analyze data using Devo Activeboards, which bring machine data to life with rich visuals, intuitive dashboards, and interactive capabilitiesMany large enterprises successfully use Devo, demonstrating a proven track record that exceeds this company’s requirements How much can you save? The Devo architecture yields increased performance and significant cost savings. Ready to see how much you can save? Chat Now Next Steps The firm expects to be up and running quickly and plans to evaluate Devo Security Operations.