Devo Introduces Content Delivery Service

May 2021 by Marc Jacob

Devo Technology, the cloud-native logging and security analytics company, today announced Devo Content Stream, a new content delivery service that seamlessly delivers high-value content to customers on the Devo Platform. Security teams now have instant, continuous access to pre-built alerts and threat intelligence that can be operationalized in seconds.

Devo Security Operations is the first Devo application to leverage this new capability, continuously receiving threat intelligence and curated alert content provided by Devo and its partners. As new threats emerge, Devo customers will automatically receive new detections and threat intelligence and be able to put this content into action immediately. No longer will security teams need to build their own alerts or manually curate threat intelligence to keep pace with new and developing threats.

Devo further announced several updates to its cloud-native next-gen SIEM, Devo Security Operations. Cyberattacks are becoming more sophisticated, leveraging malware that resides only in memory to evade existing defenses. Analysts can now perform memory forensic analysis directly in Devo Security Operations, extending existing forensic analysis capabilities which include network packet capture (PCAP) and malware analysis. All findings from memory analysis can be captured and stored within Devo Security Operations investigations.

Devo also introduced a new set of integrations that maximize existing security tools by using the data and context available within them to enrich investigations, optimize workflow and enable analysts to take more confident action. These new integrations include providers of endpoint detection and response, network traffic analysis, and threat intelligence.

In addition, machine learning models will now detect hard to find signals, including anomalous users and server behavior, DNS tunneling, malicious domains, and anomalous TLS communication.