Devo Announces AI-powered Solution to Augment Analysts with Alert Investigation and Threat Hunting
Devo DeepTrace fundamentally changes the way organizations discover and thwart their adversaries while protecting the business
CAMBRIDGE, Mass., Jan. 17, 2023 (GLOBE NEWSWIRE) -- Devo Technology, the cloud-native logging and security analytics company, today announced Devo DeepTrace, an autonomous alert investigation and threat hunting solution that uses attack-tracing artificial intelligence (AI) to advance how security teams identify attacks, investigate threats and secure their organizations. DeepTrace augments the work security analysts do by building complete traces of suspicious activity detected across an organization’s infrastructure, which alleviates much of their mundane, repetitive tasks.
“Today’s SOCs are under strain and SOC analysts in particular are overwhelmed with the ever-increasing volume of alerts and threats,” said Rakesh Nair, vice president of engineering at Devo. “Humans can’t scale at the same pace of data and threats, so we need to augment analysts and threat hunters with automation technologies and AI. DeepTrace takes an alert and translates it into a full summary of events by asking a series of questions. In return, the analyst can review pre-investigated and fully contextualized attack traces to mitigate them instead of drowning in data and chasing false positives.”
DeepTrace helps analysts by performing investigations as they would but at machine speed and scale. Starting with an event or an alert, its AI engine asks potentially hundreds of thousands of questions to autonomously construct traces fully and chronologically detailing an attacker’s actions. DeepTrace then overlays its results against the MITRE ATT&CK framework, which provides analysts with advanced context and additional points of reference so they can analyze attacks, identify patterns, and assess existing defenses within the organization.
DeepTrace was designed to meet multiple use cases for today’s security teams:
- Autonomous investigations: DeepTrace autonomously investigates suspicious events and alerts using attack-tracing AI. It identifies each step in the attack chain, providing a full, evidence-based timeline of the attack. Each trace offers critical information that an analyst needs to nullify the threat.
- Autonomous threat hunting: DeepTrace helps threat hunters quickly construct and configure new hunts that map to MITRE ATT&CK framework tactics and techniques. Once refined and validated with the use of autonomous investigations, these can be converted to new cadence-based threat detections.
- Optimized incident response: DeepTrace harnesses the organization’s data to perform retroactive hunts that find attacks and malicious activity. Once an actual attack is identified, DeepTrace produces interactive traces and reports documenting an attacker’s footsteps.
DeepTrace ensures that security teams are able to comprehensively investigate threats by rapidly tracing attacks, which fundamentally changes the way organizations discover and thwart their adversaries while protecting the business.
DeepTrace will be generally available in the first quarter of 2023. To learn more, visit https://www.devo.com/applications/deeptrace/.
About Devo
Devo is the only cloud-native logging and security analytics platform that releases the full potential of your data to empower bold, confident action. With unrivaled scale to collect all of your data without compromise, speed to give you immediate access and answers, and clarity to focus on the signals that matter most, Devo is your ally in protecting your organization today and tomorrow. Headquartered in Cambridge, Massachusetts, with operations in North America, Europe and Asia Pacific, Devo is backed by Insight Partners, Georgian, TCV, General Atlantic, Bessemer Venture Partners, Kibo Ventures and Eurazeo. Learn more at www.devo.com.
Devo Media Contact:
Daysi Robles Lopez
Devo@pancomm.com
To view this piece of content from ml.globenewswire.com, please give your consent at the top of this page.
About GlobeNewswire by notified
GlobeNewswire by notifiedGlobeNewswire by notified is one of the world's largest newswire distribution networks, specializing in the delivery of corporate press releases financial disclosures and multimedia content to the media, investment community, individual investors and the general public.
Subscribe to releases from GlobeNewswire by notified
Subscribe to all the latest releases from GlobeNewswire by notified by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from GlobeNewswire by notified
Opsigelse af aftale med Kapitalforeningen BLS Invest29.3.2023 09:30:00 CEST | pressemeddelelse
Som følge af ny forretningsmodel har Nykredit Portefølje Administration A/S besluttet at opsige aftalen mellem selskabet og Kapitalforeningen BLS Invest. Aftalen vil ophøre senest ved udgangen af 2024. Nykredit Portefølje Administration A/S vil fortsat varetage forvaltningen af foreningen i opsigelsesperioden i henhold til aftalen. Yderligere spørgsmål kan rettes til pressechef Rikke Gredsted Seidenfaden, tlf. 27 58 95 88. Med venlig hilsen Nykredit Portefølje Administration A/S Erling Skorstad Tage Fabrin-Brasted Adm. Direktør Direktør
Opsigelse af aftale med Investeringsforeningen Investin29.3.2023 09:30:00 CEST | pressemeddelelse
Som følge af ny forretningsmodel har Nykredit Portefølje Administration A/S, besluttet at opsige aftalen mellem selskabet og Investeringsforeningen Investin. Aftalen vil ophøre senest ved udgangen af 2023. Nykredit Portefølje Administration A/S vil varetage administrationen af foreningen i opsigelsesperioden. Yderligere spørgsmål kan rettes til pressechef Rikke Gredsted Seidenfaden, tlf. 27 58 95 88. Med venlig hilsen Nykredit Portefølje Administration A/S Erling Skorstad Tage Fabrin-Brasted Adm. Direktør Direktør
Midaxo Expands Cloud-Native M&A Platform to Support All Forms of Corporate Dealmaking29.3.2023 09:07:00 CEST | Press release
Corporate development teams can now find, evaluate, and deliver deal value faster on the first purpose-built Corporate Development Cloud BOSTON, March 29, 2023 (GLOBE NEWSWIRE) -- Midaxo, provider of the leading software platform for corporate dealmaking, today announced the launch of the new Midaxo Corporate Development Cloud. After a decade as the leading software solution for companies managing their M&A activity, Midaxo now supports the entire global corporate development team across all deal types to enable them to find, evaluate, and deliver deal value faster and more efficiently than ever before. Built on a foundation of AI, machine learning (ML), and process automation, the Midaxo Corporate Development Cloud simplifies and accelerates corporate dealmaking processes and provides centralized oversight across all deal pipelines. The new Midaxo platform leverages learnings from over 500 Midaxo customers that have completed more than 5,000 transactions worth in excess of $1 trillion
Notification of managers and closely related parties’ transactions with A.P. Møller - Mærsk A/S shares in connection with share buy-back program29.3.2023 08:50:55 CEST | Press release
In connection with the announced share buy-back program in A.P. Møller - Mærsk A/S, A.P. Møller Holding A/S continuously sells shares pro rata and the market is to be informed accordingly – see the attached file. Attachment APMM Share buy-back APMH sale 28032023
Indberetning af ledende medarbejderes og disses nærtståendes transaktioner med A.P. Møller - Mærsk A/S aktier i forbindelse med aktietilbagekøbsprogram29.3.2023 08:50:55 CEST | pressemeddelelse
I forbindelse med det annoncerede aktietilbagekøbsprogram i A.P. Møller - Mærsk A/S sælger A.P. Møller Holding A/S løbende aktier pro rata og markedet informeres følgeligt herom - se vedhæftede fil. Vedhæftet fil APMM Aktietilbagekøbsprogram APMH salg_28032023