Mar 30, 2021
|
By Fran Gomez
Black Kingdom is targeting Exchange servers that remain unpatched against the ProxyLogon vulnerabilities disclosed by Microsoft earlier this month. It strikes the on-premises versions of Microsoft Exchange Server, abusing the remote code execution (RCE) vulnerability also known as ProxyLogon (CVE-2021-27065[2]).
Mar 11, 2021
|
By Fran Gomez
On March 2, 2021, Microsoft announced it had detected the use of multiple 0-day exploits in limited and targeted attacks of on-premises versions of Microsoft Exchange Server. The Microsoft Threat Intelligence Center (MSTIC) attributes this campaign—with high confidence—to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures.
Mar 4, 2021
|
By Kevin Flanagan
In previous posts, we’ve written about two topics covered in the Devo eBook The Shift Is On, which presents the use case for centralized log management (CLM) in the cloud. First, we looked at the 5 best practices for security logging in the cloud. Next, we delved into the question of when your organization should adopt centralized logging. In our final installment, let’s examine the five key evaluation criteria for choosing the right CLM solution for your business.
Feb 25, 2021
|
By Kevin Flanagan
Most security pros know the value of log data. Organizations collect metrics, logs, and events from some parts of the environment. But there is a big difference between monitoring and a true centralized log management. How can you measure the effectiveness of your current logging solution? Here are four signs that it’s time to centralize log management in your organization: This post is based on content from the new Devo eBook The Shift Is On.
Feb 18, 2021
|
By Devo
The MITRE ATT&CK framework is a global curated knowledge base of adversary tactics and techniques. This post delves into the history of the ATT&CK framework and provides insights into why every SOC team can benefit from using it to develop threat models and methodologies to protect their organization.
Feb 10, 2021
|
By Kevin Flanagan
Logs are critical for detecting and investigating security issues. They also provide essential visibility into business operating environments. Many organizations, when they are small and just starting out, can get away with using a local log server and storage to collect data. Almost all security teams start off with this kind of on-premises logging approach. Most teams use an open-source, homegrown solution for this type of short-term, small-scale log analytics.
Jan 27, 2021
|
By Ted Julian
In their debut LP, Q: Are We Not Men? A: We Are Devo!, the band introduces their defining theme that mankind’s evolution has reached the point—devolved to the point, actually—that we are converging on sameness… emotionless and robotic. This notion informed everything from the way Devo dressed (awesome!), to the music they wrote, to the way they performed. What does the band Devo’s theme of devolution have to do with me joining a software company of the same name?
Jan 7, 2021
|
By Kevin Flanagan
The new Devo eBook, Building the Modern SOC, presents four evolutionary steps for creating a highly automated and efficient security operations center (SOC) that empowers analysts. This is the last in a series of posts highlighting the most important elements of the four steps. Previous posts covered Step 1, establishing a foundation of centralized, scalable visibility, Step 2, extracting intelligent insights from your data, and Step 3, supercharging your analysts with the power of automation.
Dec 21, 2020
|
By Jason Mical
For any organization that felt prepared, with their operations well-planned as they headed into 2020, that feeling disappeared quickly. 2020 became the year of the unexpected, forcing organizations to adapt, repeatedly. Looking ahead to 2021, companies of all types and sizes are working to be as prepared, agile, and adaptable as possible. This is certainly true when it comes to building or restructuring an organization’s cybersecurity posture.
Dec 16, 2020
|
By Fran Gomez
On December 8, 2020, cybersecurity company FireEye announced in a blog post that it had been attacked by what CEO Kevin Mandia described as a “highly sophisticated threat actor” that “targeted and accessed certain Red Team assessment tools that we use to test our customers’ security. These tools mimic the behavior of many cyber threat actors and enable FireEye to provide essential diagnostic security services to our customers.”
Mar 30, 2021
|
By Devo
Table of Contents:
00:00 - Introduction
00:19 - Default Activeboard
00:31 - Set as default
01:06 - Unset as default
01:15 - Favorite Activeboards
01:34 - Filter favorites
02:08 - Remove favorites
Mar 29, 2021
|
By Devo
Table of Contents:
00:33 - Adding the widget
01:05 - Modifying the widget data
01:22 - Modifying the visual settings
01:57 - Conditional Formatting
Mar 22, 2021
|
By Devo
Table of Contents:
00:00 - Introduction
00:54 - View vs Edit mode
01:27 - Multiple selection
01:58 - Menu always open
02:37 - Searchable values
Mar 22, 2021
|
By Devo
Table of Contents:
00:00 - Introduction
00:52 - Filter operation
01:31 - Independent searches
Visit us online to keep up to date with the latest content: https://linktr.ee/TheDevoPlatform
Mar 2, 2021
|
By Devo
Table of Contents:
00:22 - Activeboards Overview
01:12 - View vs edit mode
01:34 - Creating an Activeboard
01:47 - Adding content
02:36 - Modifying the data
03:19 - Sharing your Activeboard
Oct 27, 2020
|
By Devo
Devo Service Operations overcomes the monitoring gaps introduced by hybrid environments, the scale challenges due to explosive data growth, and ensuing monitoring tool sprawl, all with a single cloud-native solution.
Oct 14, 2020
|
By Devo
Table of Contents:
00:00 - Introduction
01:02 - Setting absolute time ranges
01:49 - Setting relative and snap to time ranges
02:21 - Time expressions example 1
02:56 - Time expressions example 2
03:26 - Omitted periods in time ranges
Jan 31, 2019
|
By Devo
Data growth is running at close to seven exabytes per day; estimates are that in three to five years’ time, growth will be closer to 15 to 25 exabytes per day. Yet many organizations fail to realize the business value of their data, lack the tools and processes to collect and analyze data more effectively, and do not understand how to calculate its return on investment (ROI) potential.
Jan 1, 2019
|
By Devo
The Devo architecture is designed to collect, analyze, and provide insight from more data faster, and to scale as data grows using a fraction of the resources required by other solutions. The Devo Data Operations Platform avoids the bottleneck of indexing data at ingestion without the penalty of slower query response.
Dec 1, 2018
|
By Devo
The Devo Data Operations Platform provides a machine data management and analytics platform that enables companies to extend operational insights beyond IT and into the digital business.
Nov 1, 2018
|
By Devo
This paper examines a problem many enterprises share: operationalizing increasing amounts of historical as well as real-time data, with a sustainable business model.
Oct 1, 2018
|
By Devo
Enterprises are dealing with a rapidly changing and growing IT environment that includes traditional systems and desktops as well as cloud resources and an ever-changing constellation of edge computing devices. Enterprises facing the difficult choice among “build your own,” “buy solutions from their suppliers,” or integrating open source projects would be well served by learning more about Devo.
- March 2021 (8)
- February 2021 (4)
- January 2021 (3)
- December 2020 (4)
- November 2020 (7)
- October 2020 (4)
- September 2020 (3)
- August 2020 (3)
- July 2020 (1)
- June 2020 (2)
- May 2020 (1)
- April 2020 (3)
- March 2020 (6)
- February 2020 (5)
- January 2020 (1)
- December 2019 (1)
- November 2019 (4)
- October 2019 (3)
- September 2019 (1)
- August 2019 (4)
- July 2019 (1)
- June 2019 (7)
- May 2019 (6)
- April 2019 (4)
- March 2019 (6)
- January 2019 (2)
- December 2018 (6)
- November 2018 (4)
- October 2018 (5)
- September 2018 (9)
- August 2018 (2)
- July 2018 (2)
- June 2018 (4)
Devo delivers real-time operational and business insights from analytics on streaming and historical data to operations, IT, security and business teams at the world’s largest organizations. The Devo Data Operations Platform collects, enhances and analyzes machine, business and operational data, at scale, from across the enterprise.
Devo is the leading Data Operations Platform for the digital enterprise. Devo delivers real-time business value from analytics on streaming and historical data to help Fortune 1000 enterprises drive sustained performance and growth.
Devo is a new approach to real-time operational analytics:
- Free yourself from data management: The Devo approach to indexing and storage enables you to collect and analyze 100% of your machine data at 80% lower cost.
- Massively parallelize everything: Devo parallelizes every step of the data pipeline, so you can analyze 1M EPS while ingesting 150K EPS, all on a single core - with no compromises.
- Data & insights at everyone's fingertips: Devo makes machine data and insights accessible to all through an API or our visual UI.
- Machine learning you can act on: Leverage Devo domain-specific applications, or integrate your own models to act in real time across security, IT operations, service delivery, and more.
Are your data operations ready for petabyte-level growth? Capture and act on 100% of your machine data at 20% of the cost.