Devo Connect November AMA
Ask questions, get answers, share insights
Devo Exchange is your one stop shop for Out of the Box content ready to accelerate your security posture! This months update contains tons of Security Alerts, Activeboards and critical packs to address complete technologies! Table of ContentsCollective Defense Content Collective Defense Overview Activeboard Collective Defense Alert Pack Detection Suites Netflow Log Threat Detection Suite Endpoint Detection & Response (EDR) Log Threat Detection Suite Intrusion Detection Systems (IDS) Log Threat Detection Suite Authentication Log Threat Detection Suite DNS Log Threat Detection Suite Windows Log Threat Detection Suite Email Log Threat Detection Suite Technology Alert Packs Alert Pack: GCP Alert Pack: Office 365 Alert Pack: Google Workspace Alert Pack: Linux Collective Defense ContentCollective Defense Overview ActiveboardThis activeboard provide a complete visual breakdown of all fired alerts by key columns providing an essential visual summary of the Collective Defense
Latest in new Collectors and Updated Collectors! Make sure to schedule time with Devo Support to get those upgrades started! Table of ContentsNew collectors: IBM Cloud VPC Flow Logs v1.0. Trellix Helix v1.0.0 IBM Cloud Activity Tracker v1.0.0 Fastly Next-Gen WAF v1.0.0b2 Microsoft Defender for IoT Collector v1.0.0 IBM Cloud Softlayer v1.0.0 LastPass v1.0.0 Collector updates Cylance Collector v1.2.0 Github Collector v2.2.0 Wiz Collector v1.4.0 AWS collector v1.7.0 Salesforce v1.7.0 New collectors:IBM Cloud VPC Flow Logs v1.0.DocumentationTrellix Helix v1.0.0DocumentationIBM Cloud Activity Tracker v1.0.0DocumentationFastly Next-Gen WAF v1.0.0b2Documentation is coming soon.Microsoft Defender for IoT Collector v1.0.0DocumentationIBM Cloud Softlayer v1.0.0DocumentationLastPass v1.0.0Documentation Collector updates Cylance Collector v1.2.0DocumentationGithub Collector v2.2.0DocumentationWiz Collector v1.4.0DocumentationAWS collector v1.7.0DocumentationSalesforce v1.7.0Document
The essential Alert coverage management tool, the MITRE ATT&CK Adviser, has been upgraded with new tools, customization options, and filters for all your needs.Geo ReleaseRegion Status CA Released US Released EU Released APAC Released Table of ContentNew Features Customize your Coverage Calculation Full Alert Context included Application Version Display New Alert Coverage Export [CSV] Improved filtering across all matrix types Easier installation of Alerts in Bulk Multi filter Selectors New FeaturesCustomize your Coverage CalculationYou can now customize what techniques, logsources and alerts are taken into account for your coverage calculation! Full Alert Context includedAll alerts now have full Alert descriptions and resources in the Alerts Coverage Table.Application Version DisplayEasily accessible, in app, version control including Framework version and release date. New Alert Coverage Export [CSV]Export your MITRE ATT&CK Alert coverage as a CSV fil
Cyber attacks continue to increase in complexity and frequency. Talent shortage, excessive amounts of data, and the need for verified threat intelligence prevent security teams from rapidly identifying and responding to emerging threats.Collective Defense shares high-value insights and threat intelligence with Devo customers. Devo Collective Defense is an intelligence program that leverages knowledge of threat activity and shares trends across the Devo user ecosystem. A feature of the Devo Platform, Collective Defense mines alert data and identifies insights, trends, and Indicators of Compromise (IOCs). These insights are then made available to Devo customers via real-time alert aggregations, investigations, and contained threats. Collective Defense: Analyzes customer data securely to find valuable insight, trending threats, and IOCs. Provides insights by aggregating alerts, investigations, and contained threats. Delivers a high-value, real-time feed containing insights to customers.
Security teams rejoice! Devo Behavior Analytics 1.5.0 will be available this week, incorporating new features and enhancements created from your feedback! Release InformationRelease Window: Wednesday November 15Customer Impact: None Geo AvailabilityRegion Status GovCloud Released CA Pending US Released EU Released APAC Released Table of ContentsNew Features Notable Entity List New Alert Type Entity Risk Groups New FeaturesNotable Entity ListWhen a SOC Analyst comes to the Devo Behavior Analytics application and identifies an entity that looks suspicious but whose behavior is not worth an investigation, the Analyst would like to mark that entity to come back to later on and not have to remember the entity or write it down somewhere else. Now, with the notable entity list within Devo Behavior Analytics, a user can add and remove entities from the notable list to track entities that need specific attention to ensure no further malicious behavior. Learn more about
Devo Platform release 8.5.0 contains improvements to Lookups, Flow, and continued engine improvements in preparation more feature releases.Deployment InformationRelease scheduled for 11 AM CETDuration: 2 hoursCustomer Impact: None Release by GeoRegion Status GovCloud Released CA Released US Released EU Released APAC Released Table of ContentsNew Features Persistent Error Feedback for LookUps Improved performance and responsiveness of Home Page Flow Smart Editor Flow New Unit: GameOver Vulnerabilities fixed: New FeaturesPersistent Error Feedback for LookUpsLookups displaying a Creating/Deleting/Updating status where the associatedthe operation has failed, will display an error status icon (bluebell), when you click on it, a dialog window with the corresponding error will be displayed.In the case or several errors occurring during the operation, only the last one will be displayed. Improved performance and responsiveness of Home PageNew robust backend cache system
Like a famed Spartan, Devo Soar update 117 is a capable contender! Lets take a look! Region Status CA Released US Released EU Released APAC Released Table of ContentsNew Features Automation Enhancements Bug Fixes New FeaturesAutomationIntroduction of a new integration: FireEye Helix FireEye Helix is a security operations platform that simplifies delivering advanced security to any organization. It surfaces unseen threats and empowers expert decisions with frontline intelligence to take back control of your defenses and capture the untapped potential of your security investments. EnhancementsJSON value is shown in the minimized format in the Stream batch details page. Added support of command click in a new tab in the listing pages. The user is able to open the playbook in the easy mode with a version in the query param. Microsoft Graph integration has added 21 new actions. Intezer integration has added 6 new actions: Analyze a URL, Get URL analysis result, Get quot
The Integrations team has released a selection of new collectors and updates to existing ones documented below! Speak with your CSM if you need a New Collector or an Update to an existing collector! Table of ContentsNew Collectors Dynatrace v1.0.0b1 AWS Collector v1.6.0 Radware CWAF v1.0.0b1 Trellix ePO v1.0.0B2 Cisco Umbrella v1.0.0b1 Tenable IO v1.3.0 Updated Collectors ServiceNow v1.3.0 Proofpoint Isolation Collector v1.1.1 Rapid 7 IntSights Collector v2.2.0 Microsoft Azure Collector v1.7.1 Microsoft Defender Cloud Apps Collector v1.1.2 Microsoft Graph v1.7.1 New CollectorsDynatrace v1.0.0b1Doc Page to be updated as soon as it is liveAWS Collector v1.6.0Doc Page to be updated as soon as it is liveRadware CWAF v1.0.0b1Doc Page to be updated as soon as it is liveTrellix ePO v1.0.0B2Doc Page to be updated as soon as it is liveCisco Umbrella v1.0.0b1Doc Page to be updated as soon as it is liveTenable IO v1.3.0Doc Page to be updated as soon as it is live Updated CollectorsServ
Devo is happy to present the latest updates to the Devo Platform. Release 8.4.0 brings some great improvements, bug fixes and many under the hood improvements! GeoReleaseRegion Status GovCloud Released CA Released US Released EU Released APAC Released Table of ContentsImprovements Improved field grouping for User and Domain Preferences Custom Table improvements MSSP Demo data access improvement Bug Fixes ImprovementsImproved field grouping for User and Domain PreferencesAll preferences are now clearly nested in the UI for clarity and ease of use. Custom Table improvementsraw/rawMessage fields are now optionally accessible. When creating a new custom table and in order to better control the access of confidential information, you now have the option to toggle on/off the inclusion of raw/rawMessage fields. MSSP Demo data access improvementIn order to avoid access issues using demo.ecommerce.data table, Demo tables have been disabled in root domains. They are st
Devo SOAR update brings you new integrations, enhancements and bug fixes to increase your SOAR functionality. In this update OpsGenie and Intezer integrations are introduced as well as enhancements to RecordedFuture integration and more!Table of Contents:New Features OpsGenie integration Intezer integration Enhancements Bug Fixes New FeaturesOpsGenie integrationThe OpsGenie ensures you will never miss a critical alert. With deep integrations into monitoring, ticketing, and chat tools, Opsgenie groups alerts, filters out the noise, and notifies you using multiple channels, providing the necessary information for your team to begin resolution immediately.Intezer integrationIntezer is a platform built to analyze and investigate every alert like an experienced security analyst and reverse engineer. EnhancementsAdded support to unlock anyone's account from UI. In Recorded Future integration, add pagination support in Search Credentials Data action. DNS added a new action whois (hostna
Already have an account? Login
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.