At a Glance
- Centrally manage data, enriched with other intelligence sources
- Scalability to handle growing data volumes
- Ingest both cloud and on-premises data in raw format
About the Global Consumer Transportation Company
A large, multinational consumer transportation company with a 100% remote workforce discovered an employee had downloaded sensitive information they were not entitled to access. As a result, the company prioritized increasing its overall visibility and security posture.
To accomplish this, the firm needed to dramatically improve its ability to ingest and combine data from assorted cloud services and legacy apps relied on by remote workers, which Elastic was unable to do.
Wanted: A Solution to Combine, Enrich and Quickly Analyze Cloud and On-Premises Data
Even before the pandemic, this large, global consumer transportation company’s workforce was 100% remote and scattered around the world. As a result, the company relies on a wide variety of cloud services as well as on-premises applications.
The business had been experiencing numerous challenges with its existing vendor, Elastic. But the belated discovery that an unauthorized internal user had downloaded sensitive information drove the company to take decisive action to improve its overall visibility and security posture.
Obtaining greater visibility across the entire attack surface became the highest priority. The business’s diverse data needs range from cloud sources, such as Amazon GuardDuty, Jamf Pro, Telegraf, Duo, Okta, and G Suite, to legacy on-premises applications.
Such a wide variety of data sources proved too challenging for Elastic to ingest, enrich with third-party intelligence, and analyze quickly. This drove the transportation company to find a new provider.
Several critical factors made Devo attractive to the customer, including the ability to:
- Ingest machine data in raw format from any source, combine it with on-premises sources, and centrally manage it
- Automatically enrich data with third-party intelligence to facilitate analysts’ threat-hunting and investigation workflows
- Easily analyze machine data, using the built-in Activeboards, and bring it to life with rich visuals, intuitive dashboards, and interactive capabilities
- Easily scale and manage large volumes of data (e.g., multiple terabytes) and query as needed
- Attain a lower TCO via significantly reduced hardware costs for compute, storage, and ingress/egress costs because Devo is a true SaaS solution
Because Devo is able to centrally ingest, store, and manage data of all types, other groups in the transportation company, such as IT operations and business intelligence, are investigating using Devo.