About The Internet Brand Company
Building an in-house SIEM was going to cost a global internet brand company more than US$700,000 each year to operate and maintain. That price tag prompted the organization’s security leaders to realize the initiative was simply not practical.
The company attempted the homegrown SIEM project for two reasons: to consolidate the wide variety of tools it already was using and to create a shared SOC that its nearly 200 business units could leverage for their own security efforts.
Wanted: A Security Operations Platform Capable Of Supporting Numerous Companies And The Cloud
The worldwide internet organization had a huge problem trying to perform security monitoring on its cloud applications and systems; the workloads and data volume were simply too high for fast and accurate threat hunting and remediation.
This company, like many large organizations comprised of individual companies, urgently wanted to establish a single SOC with standardized security tools the corporation and all of its business units could use.
An ambitious project was begun to build an in-house SIEM to serve the corporation and its business units. But after more than a year of development, the company’s security leaders were frustrated because the SIEM was unreliable, slow, and expensive. This caused the company to seek a commercial solution, with Devo among several providers evaluated.
Several critical capabilities made Devo the right choice for the organization, including:
- Being the first security operations solution to combine critical security capabilities with auto enrichment, threat intelligence, community collaboration, a central evidence locker, and a streamlined analyst workflow, making security analysts more effective
- The ability to smoothly handle performance spikes on cloud platforms during peak traffic events
- Multitenant capability that enables the corporation’s nearly 200 business units to maintain their own separate data while also being part of a common SOC
- The ability to easily scale and manage nearly 10TB of data ingest
The parent company has chosen one business unit to initially implement the Devo solution and will then quickly roll it out to the other businesses. Once this occurs, all of the nearly 200 companies will benefit from the shared SOC resources, data, and insight to help them address cyberthreats and protect their businesses as well as the private data of millions of customers.