Devo has some big news for our customers, partners and prospects. We are pleased to announce the latest release of Devo Security Operations, which enables you to achieve full visibility without compromise, leverage real-time detections and enriched investigations, and maximize analyst productivity. There are a ton of new capabilities in this release, including integration with the Devo Content Stream — our new content delivery service — which arms Security Operations with continuously updating security content. Read on for all of the exciting details!
The Devo Content Stream enables our customers to automatically receive high-value security content. Devo Security Operations seamlessly receives threat intelligence and pre-built alerts to empower your team to detect high-impact threats fast and take immediate action. The best part? Content in the Devo Content Stream is continuously updated to ensure you can adapt your defenses to whatever threat actors may throw your way. You can easily manage this new content through the Content Manager, which enables your team to configure and install alerts, lookups and other capabilities, and also assess the overall health of your Security Operations deployment.
Additionally, this release brings a new set of features and enhancements to empower security teams to make confident decisions with enriched investigations, to investigate and analyze advanced cyberthreats, and to be more effective and efficient in your day-to-day activities. The new features and enhancements include:
- Entity Analytics: Access detailed entity information with the Entity Battlecard to analyze and visualize entity behavior, such as connectedness to other entities, related alerts and investigations, and entity trends over time.
- Memory Forensic Analysis: Analyze memory files to identify advanced threats directly from the UI and capture relevant results as evidence for investigations.
- Alert Creation Wizard: Create complex alerts with an intuitive guided process that doesn’t require code and enables you to test the alert before deploying it.
- Enrichment Integrations: Speed up investigations by adding context through enrichments from our newest partnerships with Carbon Black, CrowdStrike, Fidelis, ThreatConnect and Recorded Future.
- Workflow Automation and Enhancements: Maximize your team’s productivity by assigning alerts to an individual or group, and leveraging Security Operations’ automated capabilities to triage alerts and conduct retrospective investigations of indicators of compromise.