In part 2 of my SOAPA video with old friend Dimitri Vlachos from Devo, we discuss:
- Devo use cases. Dimitri describes some of the most popular security use cases for Devo, including threat detection, security analytics/investigations, and threat hunting. I’ve got to hand it to Dimitri as he came up with one of the best SOAPA video soundbites ever, “You can’t use old tools to cover new security analytics needs.”
- As a heterogeneous architecture, technology integration is an important SOAPA attribute, so I asked where Devo is in this area. Dimitri’s first response was somewhat surprising – Devo is focused on data integration. What does this mean? Collecting, processing, and analyzing all types of data – machine data, threat intelligence, endpoint data, network data, etc. in one place. Devo’s cloud-based design and data ingestion methods make this possible. Devo also integrates with standard security technologies like network security controls and SOAR.
- Devo’s security focus. Devo started as an all-purpose big data analytics platform in the cloud but has since added lots of functionality and resources dedicated to cybersecurity. For example, Devo has designed a specific security UI and employs a professional services staff to help customers customize the platform for their needs.
- The future of SOAPA. I ask everyone this question and Dimitri postulated that SOAPA could move beyond security alone. As part of his response, he also came up with another good line, “we view all data as security data.” This means that Devo can correlate traditional security telemetry with application data, looking for things like insider attacks and fraud. Since cybersecurity is all about mitigating business risk, this is probably a good angle for Devo.
Many thanks to Dimitri Vlachos and Devo for participating in the ESG SOAPA video series. Look for more videos soon!