Devo Technology, a data analytics platform provider, has launched the Devo Security Operations solution for security operations center (SOC) analysts. The solution helps SOC analysts perform context-rich threat investigations and eliminate false-positive security alerts, Devo GM of Cyber Julian Waits said in a prepared statement.
Devo Security Operations provides alerts, data, context and intelligence to SOC analysts across the threat lifecycle and allows them to centralize data from any source in a single location, the company said. The solution triggers security alerts based on a variety of detection methods, including:
- Known threat activity.
- Machine learning insights.
- Security analytics.
In addition, Devo Security Operations offers hundreds of pre-built alerts and supports custom alerts, the company stated. Devo Security Operations also enables SOC analysts to define alert policies, set up and manage how and to whom alerts are delivered and curate alert lists.
What Does Devo Security Operations Mean for SOC Analysts?
Devo Security Operations empowers SOC analysts with context into security entities, alerts and investigations without having to manually collect or query data, the company indicated. In doing so, Devo Security Operations helps SOC analysts accelerate threat identification, investigation and remediation.
Furthermore, Devo Security Operations allows SOC analysts to aggregate data and run queries across any volume of data or sources, the company stated. It also leverages the Devo Threat Data Service to enrich security alerts and Devo Security Operations Evidence Toolkit to drive digital forensics and incident response.
Devo Security Operations is now available, and Devo will showcase the solution at the RSA Conference in San Francisco, California later this month.