Devo Technology, the data analytics company that unlocks the full value of machine data for the world’s most instrumented enterprises, announced a product integration with Demisto, a Palo Alto Networks company and leader in security orchestration, automation, and response (SOAR).
The integration delivers increased visibility and shortened investigation and incident response times.
By providing a better workflow, Devo and Demisto empower analysts and improve the effectiveness of the Security Operations Center (SOC).
Together, Devo and Demisto can speed investigations with rapid correlation and search using Devo’s powerful querying capabilities; leverage hundreds of Demisto third-party product integrations to coordinate responses across security functions; and establish a feedback loop by enriching data in Devo based on the findings of the investigation.
“The collaboration between Devo and Demisto provides the data and context analysts need to rapidly gain new insights and automate response, addressing one of the critical sources of analyst burnout,” said Julian Waits, GM Cyber at Devo.
“Devo’s real-time security analytics, coupled with Demisto, provides analysts with a comprehensive view of the incident lifecycle in a single platform.”
“Our integration with Devo will help customers consolidate incident data in a single platform, equipping their security teams with rich, correlated data and automatable tasks so they don’t waste time chasing data from disparate sources and performing manual repetitive tasks,” said Rishi Bhargava, Vice President of Product Strategy at Palo Alto Networks.
Demisto Enterprise integrates with hundreds of security products and enables customers to build playbooks for different security processes. These playbooks incorporate a combination of automated tasks and manual best practices to standardize and scale incident response.
Demisto’s playbooks help reduce MTTR (mean time to respond) for security incidents and free up time for security teams to conduct deeper investigations. In addition, the case management and machine learning capabilities help security teams maintain incident oversight and improve their security posture over time.