Skip to content

Bank Moving to the Cloud Jettisons Splunk in Favor of Devo

About The Global Retail and Commercial Bank

After spending more than two years and several million dollars, a large global retail and commercial bank realized its security incident response efforts were still failing to ingest all of the structured and unstructured data from both on-premises and cloud sources.

This left the bank vulnerable to data breaches and compliance failures due to its inability to adequately analyze threats. Digital transformation is one of the bank’s key strategic business objectives. The CISO determined that more than 80 percent of its security technology was not designed to run in the cloud.

The bank knew it had to bring in a trusted partner that could provide a solution to support both structured and unstructured data from any source.

Wanted: A Solution To Bridge Their Cloud Migration

While many customers today are undergoing digital transformation, the reality is that a large number of key applications, especially security, were designed for on-premises use only and will never migrate to the cloud. The bank employs a wide variety of security solutions—from endpoint to network— to help protect against cyberattacks.

The institution had been attempting to implement a SIEM solution to provide centralized data collection and analysis. But despite investing large sums of money on multiple solutions, its efforts were fruitless.

Each SIEM solution had its drawbacks; some could only work with on-premises security solutions, while others were limited to working with cloud-based solutions. A SIEM solution the bank acquired more than two years ago promised to support both on-premises and cloud data sources, but failed to deliver.

The bank has more than 100 different data source types, comprising both structured and unstructured data, which is why it long sought a single solution to provide SIEM functionality.

Another of the bank’s key requirements was performance. On a daily basis, terabytes of data need to be quickly ingested for analysis. After spending millions of dollars with the aforementioned vendor, the bank was looking for a company that could be trusted to deliver the urgently needed results.

Why Devo

Several critical capabilities made Devo attractive to the bank, including:

  • Designed ‘for the cloud’ with a multitenant architecture, Devo enables deployment in Microsoft Azure
  • The ability to smoothly ingest large volumes of data (e.g., multiple terabytes) and query as needed
  • The ability to ingest machine data in raw format—especially unstructured data—from any source
  • Lower TCO via significantly reduced hardware costs for both computing and storage by keeping cloud data in the cloud and on-premises data on-premises, which cuts ingress/egress costs
  • The Devo team’s willingness to partner with the bank to solve its needs, in contrast with previous vendors’ “take it or leave it” approaches

Next Steps

By implementing a single solution that will enable the high-performance ingestion of both unstructured and structured data from on-premises and cloud sources, the bank expects to provide more effective threat detection and response by quickly analyzing cyberthreats. And doing this with a lower TCO will facilitate its digital transformation and migration to the cloud while also helping to meet its regulatory requirements.

More Data. More Clarity. More Confidence.