Devo Introduces Collective Defense to Enable Enterprises to Respond to Emerging Threats

The security data platform’s new program builds upon the company’s long-term plans to empower security teams with community-driven threat intelligence

CAMBRIDGE, Mass. – Nov. 15, 2023 – Devo Technology, the security data analytics company, has launched Devo Collective Defense, a threat intelligence feed within the Devo Security Data Platform that provides community-based intelligence sharing of threat activity and trends. Devo is also unveiling updates to Devo Exchange and its MITRE ATT&CK® Adviser application.

In addition to the expanding threat landscape and the increased sophistication of attacks, analysts confront unique difficulties. They must not only contend with the overwhelming volume of threat data but also grapple with the uncertainty of knowing if what they observe is part of a broader threat trend. To help analysts overcome these challenges, Devo Collective Defense leverages Devo’s massive ingestion ability to analyze millions of data points across thousands of domains. This data diversity delivers a comprehensive view of the threat landscape and provides security teams with collective knowledge and insights, augmenting their ability to thwart attacks. 

More specifically, Devo Collective Defense: 

  • Securely analyzes alert data to rapidly identify actionable intelligence, trending and emerging threats ​and Indicators of Compromise (IOCs). 
  • Delivers a high-value intelligence feed to Devo users, providing information about emerging threats and IOCs, minimizing the potential impact of breaches. 
  • Enhances threat context by providing Devo users with contextual information about the Tactics, Techniques, and Procedures (TTPs) employed by threat actors.

“The complexity of the IT environment is causing organizations’ attack surfaces to expand beyond their capacity to manage them,” said Michelle Abraham, research director, security and trust, IDC. “Access to a community-based intelligence sharing program such as Devo Collective Defense enables organizations to make smart decisions for more rapid identification of emerging threats and easy-to-action insights.”

More Community-Based Enhancements and Updates 

Devo also continues to update and create new content for organizations to leverage and augment their security team’s knowledge. These additional enhancements include:

  • Devo Exchange updates: Redesigned Devo Exchange alert content lets users control which alerts are installed in each alert pack, enabling better workflow management. Devo continues to add new content to Devo Exchange, including Activeboards for Azure, Office365 Active Directory, and an overview of Zscaler proxy activity. Additionally, 300 new alert packs cover an array of common technologies such as Google Cloud, G-Suite, Microsoft Windows, Office365, and Linux. 
  • MITRE ATT&CK Adviser updates: The Devo MITRE ATT&CK Adviser maps alerts and log sources to MITRE ATT&CK tactics and techniques to derive a coverage score against the framework and identify gaps. Users can now specify whether certain alerts, techniques, or log sources are relevant, improving its recommendations. New multi-domain filters provide multitenant organizations the ability to view their coverage from a single screen. 

“These latest enhancements strengthen our customers’ security posture by enabling them to meet growing data security requirements at scale,” said Chaz Lever, senior director of security research, Devo. “By bringing security professionals together, sharing threat intelligence, and providing curated content, our security data platform empowers organizations to fortify their defenses confidently and reinforces our belief that the collective is greater than the sum of its parts.”

Visit this blog to learn how Devo can help your security team defend against emerging threats. 

About Devo

Devo unleashes the power of the SOC. The Devo Security Data Platform, powered by our HyperStream technology, is purpose-built to provide the speed and scale, real-time analytics, and actionable intelligence global enterprises need to defend expanding attack surfaces. An ally in keeping your organization secure, Devo combines the power of people and AI to augment security teams, leading to better insights and faster outcomes. Headquartered in Cambridge, Massachusetts, with operations in North America, Europe and Asia Pacific, Devo is backed by Insight Partners, Georgian, TCV, General Atlantic, Bessemer Venture Partners, Kibo Ventures and Eurazeo. Learn more at www.devo.com

Media Contact

Shannon Van Every

Force4 Technology Communications

[email protected]

¿Estás preparado para mejorar las competencias de tu equipo SOC?

Solicitar una Demo Hablemos