Devo Primary Use Case

Security Analyst at a comms service provider with 10,001+ employees
Our primary use of Devo is as a SIEM, and then as a big-data platform. We do store a lot of data centrally, using the solution, and then we analyze it. The main purpose of the analysis is for security, to detect attacks, abnormalities, and to get an overall view of the health of the network. We deploy it on-premise. Devo mainly deploys in the cloud, but that's just not possible with our security policy. View full review »
Manager of Security Services at OpenText
I run an incident response, digital forensics team for OpenText. We do investigations into cyber breaches, insider threats, network exploitation, etc. We leverage Devo as a central repository to bring in customer logging in a multi-tenant environment to conduct analysis and investigations. We have a continuous monitoring customer for whom we stream all of their logging in on sort of a traditional Devo setup. We build out the active boards, dashboards, and everything else. The customer has the ability to review it, but we review it as well, acting as a security managed service offering for them. We use Devo in traditional ways and in some home grown ways. For example, if there is a current answer response, I need to see what's going on in their environment. Currently, I'll stream logs from the syslog into Devo and review those. For different tools that we use to do analytics and forensics, we'll parse those out and send that up to Devo as well. We can correlate things across multiple forensic tools against log traffic, network traffic, and cloud traffic. We can do it all with Devo. It's all public cloud, multi-factor authentication, and multi-tenant. We have multiple tenants built in as different customers, labs, etc. Devo has us set up in their cloud, and we leverage their instance. We are using their latest version. View full review »
Jordan Mauriello
SVP of Managed Security at Critical Start
We use Devo as a SIEM solution for our customers to detect and respond to things happening in their environment. We are a service provider who uses Devo to provide services to our customers. We are integrating from a source solution externally. We don't exclusively work inside of Devo. We kind of work in our source solution, pivoting in and back out. View full review »
Learn what your peers think about Devo. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
441,672 professionals have used our research since 2012.
CEO at a tech vendor with 1,001-5,000 employees
We use it for visibility and alerting in a cybersecurity security use case. It is a very specific deployment in the sense that it's not general. We integrated it with our own technology. We are a SaaS vendor. The way we integrated Devo was to put it into our platform as an alerting layer. Because you will be doing executables at your computer all the time, such as opening an email, a browser, or Word, all these things are tracked via telemetry. We take all that raw data for events, essentially enriching it with the classification service that we have as a unique part of our own service. So, if you're opening Word or sending an email, we enrich that with our classification, e.g., malware, then we send it to Devo. We build dashboards and alerts based on that. Before, you would have a tool just for cybersecurity. Now you have an impressive tool that takes no effort at all. Suddenly, because of the Devo layer, you have an intelligence tool with no extra deployment effort on the side of the customer to see visibility. Devo is a powerful interface and platform which will ingest our data coming from an endpoint protection solution, putting it in a format and dashboard, then connecting tools where you extract them into an intelligence platform, oversight, or security. That's essentially what we do. View full review »
Learn what your peers think about Devo. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
441,672 professionals have used our research since 2012.