Skip to content

SANS Product Review: Bringing Data Together with Devo

In this report, SANS instructor Matt Bromiley reviews the next-gen cloud SIEM, Devo Security Operations. Built on top of the highly integrated and data-centric Devo Platform, Bromiley explores Security Operations’ features that empower analysts and help them respond to threats quickly and effectively.

Download Now

Features from the Product Review

  • Bring multiple underlying tools into one, unified platform to enable enterprise-wide insight from one dashboard
  • Go beyond simply combining data and firing alerts by providing ways to seamlessly investigate and hunt within the environment
  • Automatically add valuable context to alerts, investigations and hunts through data collection and enrichments to help speed investigations
  • Quickly integrate analysis and response workflows with 400 days of hot data and instant access to context

“Many tools do a great job of providing analysts too much data, hindering their ability to consume it effectively. We found that Security Operations provides the right amount of data, enabling analysts to gain context and insight quickly.”


—Matt Bromiley, SANS Instructor

About Matt Bromiley

Matt Bromiley is a principal incident response consultant at a top digital forensics and incident response (DFIR) firm. In the DFIR firm Matt assists clients with incident response, digital forensics, and litigation support. He also serves as a GIAC Advisory Board member, a subject-matter expert for the SANS Security Awareness, and a technical writer for the SANS Analyst Program. Matt brings his passion for digital forensics to the classroom as a SANS Instructor for FOR508: Advanced Incident Response, Threat Hunting and Digital Forensics, and FOR572: Advanced Network Forensics, where he focuses on providing students with implementable tools and concepts.

More Data. More Clarity. More Confidence.