Customer Solution Requirements
- Enable deployment on the big three public cloud platforms
- Ingest machine data in any format from a variety of sources such as firewalls, endpoints, and other products
- Securely send event data to partners, such as an MSSP, via API
- Demonstrate proven large-scale capabilities in similar situations
Wanted: A Solution to Build a World-Class SOC
This high-growth cloud data management and backup provider was jump-starting its cybersecurity efforts.
The company’s cybersecurity staff identified an immediate need for an enterprise log management solution capable of handling large amounts of log data and which would serve as the foundation for the SOC.
The log data was coming from multiple sources, from endpoints to firewalls, as well as cloud and security products.
The staff recognized the value of using a proven solution instead of building it themselves—saving considerable time and money for an organization operating in an extremely competitive market segment.
Rather than build it themselves, they turned to in-market solutions that could ingest multiple data sources, especially cloud-based data.
Several critical capabilities made Devo attractive to the company, including:
- Designed ‘for the cloud,’ Devo enables deployment in Microsoft Azure, Amazon Web Services, and Google Cloud Platform, providing maximum flexibility
- The ability to ingest machine data in raw format from any source such as cloud provider log files, firewalls, security, as well as governance and compliance solutions
- The ability to send event data and analysis files via secure API to an MSSP partner so the MSSP can perform Level 1 support
- The Devo interface with easy to use Activeboards can be used by advanced and novice security professionals
- Many large enterprises successfully use Devo, demonstrating a proven track record that more than exceeds this company’s requirements
Because Devo is making it easy to kick off development of its in-house SOC, this company will be able to quickly provide additional value to its customers and partners. The Devo Platform addresses all of the organization’s technical requirements, such as supporting the three main public cloud platforms, while also flexibly supporting virtually every possible data source as it securely provides event data to the company’s MSSP partner.