Devo Soups Up Cybersecurity Platform


By: Mary Jander

Devo Technology is bolstering its cloud-native security analytics platform with curated threat intelligence, in-memory threat detection, and partner integrations.

The improvements reflect the ongoing trend among cloud-native IT analytics firms to grow their security defenses. In Devo’s case, the latest release of its Devo Security Operations solution is also designed to stay ahead of the growing roster of IT security threats, such as the recent ransomware attack on the U.S. energy provider Colonial Pipeline.

In its announcement today, the company said that a new Devo Content Stream automatically delivers curated threat intelligence from a range of sources into a Content Manager function of the Devo Security Operations platform. SecOps teams can then add or modify alerts to fit the most up-to-date threat information.

“[S]ecurity teams can spend less time writing searches and more time on higher value activities like triaging, investigating and responding to threats,” said Ted Julian, Devo’s SVP of Product, in a statement.

Devo Shores Up Threat Defenses

Devo also has beefed up other aspects of its Devo Security Operations platform. A key addition is the ability to detect malware in memory — a function that should thwart a growing number of attacks that sneak into IT environments via memory and go undetected by security tracking software.

Other enhancements include the following:

  • An Entity Battlecard that adds the ability to track, analyze, and visualize server behavior and connectivity. This adds to the system’s existing entity and user behavior analytics features.
  • An intuitive, no-code, guided Alert Creation Wizard that helps set up and test complex alerts.
  • A workflow automation function that lets security teams assign alerts to specific groups or individuals.

Devo also has integrated its platform with products from Carbon Black, CrowdStrike (CRWD), Fidelis, ThreatConnect, and Recorded Future. These partnerships are added to existing ones from nearly all the leading cloud, data management, and firewall providers, including AWS, Azure, Google, Check Point Software Technologies (CHKP), Cisco (CSCO), Juniper (JNPR), Palo Alto Networks (PANW), Oracle (ORCL), and Zscaler (ZS), among others.

Devo Hits Its Cybersecurity Stride

Devo, originally named Logtrust, was founded in 2011 in Cambridge, Mass., and began as an operational data analytics platform. The company then built up its cloud-native security information and event management (SIEM) system. By 2018, Devo added a Security Business Unit and upped its cybersecurity focus. By 2020, the strategy was paying off: The company grew 80% in revenue year-over-year during the first half of 2020 and then in September 2020 scored $60 million in Series D funding led by Georgian with participation from Bessemer Venture Partners and Insight Partners. In addition, Devo's customer list expanded by double digits in 2020. It now includes the U.S. Air Force, Accenture, H&R Block, Manulife, and Rubrik, among others.

To date, Devo has scored over $85 million since its rebranding as Devo in 2018. (The name Devo, by the way, is meant to evoke “data evolution,” not the planter-hatted ‘80s band.)

Devo competes against a growing list of cloud-based cybersecurity vendors, including Sumo Logic (SUMO), which launched a successful IPO last year, and Splunk (SPLK), as well as generously funded startups such as Orca Security, which was awarded $210 million in fresh funding in March 2021.

Devo’s pitch, like that of its rivals, is that being cloud native adds speed, flexibility, scale, and the ability to broaden analytics with machine learning and AI. Added to that is Devo’s capability to support multi-cloud environments, which is key to the future of cybersecurity solutions.

Clearly, Devo’s keeping pace with the shift to widen IT operations analytics to incorporate tighter security wares. So far, for Devo and its competitors it’s been a winning combination .