Devo is proud to present the next version of our MITRE ATT&CK Adviser Application on Devo Exchange.New FeaturesNew Features Alert HeatMap MSSP Support Alert HeatMapDemo EnvironmentThe new Alert Heatmap allows you to see the concentration of fired alerts per technique and tactic for a specific period of time.Alert Density LegendBelow the Heat Map display you will find the alert details with search filters:Demo Environment MSSP SupportThe application now supports MSSP use case where only alerts corresponding to the current logged in domain are shown.Yay!Open MITRE ATT&CK Adviser directly in Devo Exchange! Full feature details in our Doc here.

Security Operations 3.17.4 is now available!  Integration with DeepTrace and additional features!3.17.4 New Features SecOps integration with DeepTrace Date format settings in SecOps Improvements  3.17.4This release includes an integrated workflow between SecOps and Deeptrace, Devo’s automated threat hunting solution, along with additional improvements. New FeaturesSecOps integration with DeepTraceIn the alert detail view the user will see the DeepTrace auto investigation, called a trace link. When there is a trace related to the alert shown, the user can click the hyperlink and see the details of the investigation in the DeepTrace solution in a new DeepTrace tab.Date format settings in SecOpsWe have added the ability to set the date format used within the SecOps application in the settings panel. This format change is currently only applicable within the SecOps application.The user can choose between the system default setting, taken from the Devo settings or any other of the custom formats that SecOps supportsImprovementsRemoved Siemplify Trial from settings Vulnerabilities fixed.Security Operations Release on Devo Docs

Devo Relay 2.4.0 is now available.  This update improves data ingestion statistics and patches vulnerabilities.New Features New Buffering Fields New Stats Vulnerability Fixes New FeaturesNew Buffering FieldsNew fields have been included in the Relay to enable customersto monitor if a Relay is buffering. Those fields are included in thetable syslog.scoja.stats:∗BufferBytes: Total number of bytes being buffered∗BufferLogs: Total number of logs being buffered.∗BufferLogsMain: Number of logs being buffered on RAMmemory.∗BuffersLogsSecondary: Number of logs being buffered andpersisted on disk.New StatsThe stats are generated with the prefix partial- and total- whichdifferentiate between a measure in a frame of time (statsperiod) and the cumulative count from the relay start-up (total).Vulnerability Fixeslibssl1.1 & libcrypto1.1 (CVE-2023-0286, CVE-2022-4450, CVE-2023-0215) Commons-fileupload (CVE-2023-24998)

Flow, Devo’s correlation engine has received a major update with the release of Devo Platform 8.0!  This new version includes new Templates and Instances.Table of ContentsNew Features Templates & Instances Example  Convert Flow to Template New Open window with Filters Flow Manager updated Bug FixesNew FeaturesTemplates & InstancesTemplates define the general layout, design and pattern of a flow.  Modified templates are instances of the parent template.ExampleIn the context of an alert system, a Template for an ‘each’ alert defines the flow structure then you can create an instance for the “each” type of alert.Modifying a Template updates the existing instances.  Modifying an instance only affects that instance.The benefits of this new features are many.  You can quickly edit many flows by updating the template.  You can also quickly address many similar use cases with instances of a template. Convert Flow to TemplateNew Edit menu option to convert existing Flows into Templates.  The existing flow can be converted to a Template + Instance flow, preserving your work while taking advantage of the new Template system.New Open window with FiltersYou can no open a Flow, Template or Instance with sort and filter commands for Name, Creator, Type and Status columns.Flow Manager updatedIncludes new tab for Templates and new column for identifying the type of the context, be it Flow or Instance. Bug FixesEvent Section Closing on Delete - Fixed! File/Recent long context names - Fixed! Unclickable unit description - Fixed! Link to Release notes in Documentation.

Devo is proud to present the latest version of the Devo Platform.  Version 8.0 is a major update with a focus on unifying the User Interface and cleaning up the User Experience for ease of usability and consistency. In addition to this major overhaul, there are additional improvements to Activeboards, Web and Multitenancy features. Geo Availability <Region Status GovCloud Released CA Released US Released EU Released APAC Released  Table of ContentsNew Features New Devo UI Design Additional features of the new UI New Color Palette that provides support for Color Blind use Overall reduction of visual stress Alert anti-flooding User Inactivity Management New Activeboard features Added Stacked Column Widget Added Stacked Area Widget Added Dependency Wheel Widget Scheduled Reports improvements Delete Scheduled Reports New View Policy New “Scheduled” Filter New Clone Activeboard options Devo Flow 1.18 Bug Fixes  New FeaturesNew Devo UI DesignWhen you launch 8.0, you’ll find everything where you remember it but you will notice huge improvements in speed, accessibility and design familiarity between all the sections.The goals of this redesign are to make the Devo Platform:Faster to learn and use Provide a Modern unified design experience Scale consistently across all use cases  Additional features of the new UINew Color Palette that provides support for Color Blind useConfigurable Color system overlay to address the needs of users with Color Blindness.Overall reduction of visual stressThe UI color palette has been analyzed to reduce eye strain.Alert anti-floodingAlert notifications will now collapse into stacks including any similar alert notifications that where triggered within a specific timeframe.User Inactivity ManagementA new configurable user inactivity management interface has been added to settings.And more!(also, I know which visual mode you will immediately ask about and it is coming!)  New Activeboard featuresAdded Stacked Column WidgetThe Stacked Column widget visualizes a stacked bar chart.   A stacked bar chart is an extension of a column chart where each cluster of “n” categorical values, instead of being represented by a set of “n” columns is represented by just one column divided into “n” sections, where each section represents one of those categorical values within the cluster. The sections are stacked on top of each other and the section height represents the proportion of the categorical value within the cluster. Added Stacked Area WidgetSame description of the Stacked columns, but now in Area!Added Dependency Wheel WidgetThe dependency wheel diagram, also known as chord diagram, is a type of flow chart where data (two categorical variables) is arranged radially as two sectors of a circle (source and target) connected by arcs that represents the magnitude (a numerical value or “weight”) that makes up the relationship between both sectors. Scheduled Reports improvementsDelete Scheduled ReportsPreviously only through API but with this update you can now delete Scheduled reports through Web through the new option “Delete scheduled report”.New View PolicyNew view policy in role permission “Activeboards report scheduler” will allow the user to See and Filter Activeboards that have a scheduled report associated.New “Scheduled” FilterAdded a new “Scheduled” filter that will allow the user to filter those Activeboards with an associated schedule (regardless if it’s enabled or not).  Only users with role permission “Activeboards report scheduler” (“View” or “Manage”) will have this new filter available.New Clone Activeboard optionsYou can now “clone and close” or “clone and open” a cloned activeboard. Devo Flow 1.18Add Templates and Instances, read more here. Bug FixesFixed - “Last 5 Alerts” widget gets empty when Alert definition of an unread alert is deleted. Fixed - Error when trying to edit the details of the “Default” Finder Fixed - “Maximize window” in Query not working Fixed - Dragging a column in Cross-search table join makes column label unable to be edited. Fixed - Unable to delete column row if column value contains commasLink to release notes in Documentation.

The latest Endpoint Agent release is now available!Geo AvailabilityRegion Status CA Pending US Released EU Released APAC Released  Table of ContentsGeo Availability New Features Compatibility with ARM architecture EPEL checks in Amazon Linux 2 Inventory checks include dependencies New outputs towards Devo Additional Changes Vulnerability fixing Improved Security Pipeline New Golang Version Update Procedure  New FeaturesCompatibility with ARM architectureThe deployment process of Endpoint Agent 1.5.0 generates extra packages for ARM architectures. Users can download an ARM-compatible package from the service available in port 8081.EPEL checks in Amazon Linux 2Extra Packages for Enterprise Linux checks are performed during installation, avoiding reinstallation in certain cases, which contributes to a reduced deployment time in Amazon Linux 2.Inventory checks include dependenciesEA deployment package includes a tool that helps check the state of the environment before starting the deployment process. The checkinvt tool now checks the status of required dependencies to ensure that the environment is ready for deployment.New outputs towards DevoExpose the configuration of the number of sockets that will be established toward Devo.By default, EA Manager opens five sockets toward Devo, and when events are sent, it selects one of the available sockets to send the data to. In the case that the thread cannot retrieve an available socket, an error is sent back to the Endpoint Agent and buffering occurs on the client side. To allow users to tune this scenario where the EA Manager has enough resources to allow for more outbound sockets, new configurations are exposed at EA Manager level.This parameter can be configured to solve congestion issues.  Additional ChangesVulnerability fixing The following vulnerabilities have been fixed in the EA Manager: CVE-2022-24999 CVE-2022-37601 CVE-2022-41723 Improved Security PipelineDelivered changes to the pipeline to be able to detect and fix vulnerabilities faster.New Golang VersionUpgraded golang version to 1.20.2 for EA Manager. Update ProcedureFollow the documented upgrade procedure listed here.

Devo Exchange has released the  SecOpsFWAuthorized Lookup! It adds whitelisting functionality to your Devo Detections from the Security Operations application by allowing them to reference a list of permitted hosts, their associated users, and zone information to help carve out certain hosts and users that need to be whitelisted from everyday alerts. This Lookup will lower your false positive rate when properly configured and help make your alerts more actionable. Learn more from our Documentation page Download directly from Devo Exchange

Devo Exchange has released the new  SecOpsAuthAuthorizedAccess Lookup.  It adds more whitelisting functionality to your Devo Detections from the Security Operations application by allowing them to reference a  list  of permitted hosts, their associated users, and zone information within your authentication services. This can be used to help carve out certain hosts and users that need to be whitelisted from everyday alerts - helping to lower your false positive rate when properly configured and can help make your alerts more actionable. Learn more from our Documentation page Download directly from Devo Exchange

Devo Exchange has released the  SecOpsWinPermittedLocalAccounts Lookup!  It adds more whitelisting functionality to your Devo Detections from the Security Operations application by allowing them to reference a list of permitted accounts that your employees, users, or admins use on a regular basis. This Lookup will lower your false positive rate when properly configured and help make your alerts more actionable. Learn more from our Documentation page Download directly from Devo Exchange

Devo Exchange has released a new Lookup for you!   The SecOpsWinPermittedDomains Lookup adds whitelisting functionality to your detections by referencing a list of permitted domains.  Using this Lookup will lower your false positive rate when properly configure and can help make your alerts more actionable. Learn more in our Docs! Download now from Devo Exchange  Note: This look up require Security Operations.

Devo Exchange has released a new lookup: SecOpsDomestricCountries Lookup!  You can reference this lookup of expected countries within your domestic space.  Use it to lower your false positive detection rate and it is excellent for use in the impossible traveler scenario! Learn more in our Docs! Download Directly from Devo Exchange  Check out this Customer Usecase about the Impossible Traveler Scenario. Note: This Lookup does require Security Operations.

Devo is proud to introduce DeepTrace with version 7.19 along with many requested improvements and fixes!Geo Release AvailabilityRegion Status CA Released US Released EU Released APAC Released  Table of ContentsDevo DeepTrace Integrations SSO integration with Devo Platform Search integration Alert Integration To learn more about DeepTrace Product Release post DeepTrace Documentation Page DeepTrace Interactive launch page Video: New Alert capability No Sending Policy Api Improvements New API PROBIO API improvements NASS Improvements Service Registry Bug Fixes Devo DeepTrace IntegrationsThis release adds integrations to the DeepTrace product just released!  There are 3 main integrations added.SSO integration with Devo PlatformYou can launch DeepTrace directly from Devo Platform using Single Sign On Authentication.Search integrationYou can right click on an event and select “investigate in Deeptrace.  You can also find it under the tools menu.Also available from the tools menu: Alert IntegrationYou can automatically investigate triggered alerts by defining this property in  the new alert creation window. A new option in the Alerts definition window called Auto-Investigate in DeepTrace is now available.To learn more about DeepTraceProduct Release postDeepTrace Documentation PageDeepTrace Interactive launch pageVideo:  New Alert capabilityNo Sending PolicyYou can now create and define alerts to have no send policy. Api ImprovementsNew APIAdded for aggregation tasks managementPROBIO API improvementsThe PROBIO API now allows the downloading of MSSP certificates. NASS ImprovementsService RegistryAdded the Service Registry feature in NASS, this feature provides a complete picture of all components deployed in an environment. Bug FixesBugs have been squashed in the Finder, Search, Lookups, Alerts, tables, NASS and OData! Full Release notes are available in our Documentation   

Devo DeepTrace is Now Generally Available to Devo Customers.  Introducing Devo Deeptrace! DeepTrace is an autonomous alert investigation and threat hunting solution that advances how security teams identify attacks, investigate threats, and secure their organization. With rapidly expanding attack surfaces and increasing amounts of data, today’s SOCs face a never-ending stream of alerts while leveraging manual investigative processes. This results in higher frustration levels and slower response times. Devo created DeepTrace to arm and empower you with the tools and insights needed to rapidly investigate alerts and proactively respond to threats. With DeepTrace, you will spend less time performing repetitive, manual tasks and instead focus on investigating the highest priority threats to your business.    How does Devo DeepTrace work?   Devo DeepTrace helps analysts identify the root cause of every attack. By performing autonomous alert investigation and threat hunting using attack-tracing AI, DeepTrace advances how you identify attacks and investigate threats. DeepTrace augments the work analysts do by building complete traces of suspicious activity detected across an organization’s infrastructure, which alleviates much of their mundane, repetitive tasks. DeepTrace AI enables you to trace the root of suspicious events and investigate alerts. DeepTrace builds traces that identify and isolate the root cause of every attack.USE CASE: Autonomous Investigations  The challenge: the volume of data ingested by the SOC results in a deluge of alerts. Each alert requires manual repetitive steps to understand, which can negatively impacts response time and overwhelms the team.  The Devo DeepTrace solution: DeepTrace autonomously investigates suspicious events and alerts using attack-tracing AI. It identifies each step in the attack chain, providing a full, evidence-based timeline of the attack that you can leverage to nullify the threat.DeepTrace flags alerts that warrant further investigation. USE CASE: Autonomous Threat Hunting  The Challenge: Proactively hunting for threats is a challenge due to limited team capacity. Analysts on the team with the most advanced skills must perform iterative manual threat hunting.  The Devo DeepTrace solution: DeepTrace helps threat hunters quickly construct and configure new hunts that map to MITRE ATT&CK framework tactics and techniques. Once refined and validated with the use of autonomous investigations, these can be converted to new cadence-based threat detections.DeepTrace enables the creation of new threat detection signals and alerts.  USE CASE: Optimized Incident ResponseThe Challenge: Given that an intrusion’s average dwell time can be months, analysts need to mine through petabytes of telemetry data over a period of weeks to fully understand what the adversary has done and where they have been throughout the organization. The Devo DeepTrace solution: Devo DeepTrace harnesses the organization’s endpoint log data to perform retroactive hunts that find attacks and malicious activity. Once an actual attack is identified, DeepTrace produces interactive traces and reports documenting the attacker’s footsteps.DeepTrace produces a graphical, interactive story that documents the attacker’s footprint across the entire organization. Interested in learning more about DeepTrace? Contact your CSM today to start your journey and request a demo of DeepTrace. Additionally, you can learn more here:  Devo Deeptrace Interactive Experience  Devo Documentation  Community Content: Anatomy of a Trace  → An all encompassing guide to “traces,” the key foundational element of Devo DeepTrace AI Assisted Hunting → Everything you need to know about hunting in DeepTrace   How to Reduce Manual Investigative Processes with DeepTrace How to Trace Every Attack from Start to Finish with DeepTrace 

New End Point Agent is now available! What’s in this release:New version of OSquery Agent based in Osquery 5.7.0 Support for Alma Linux 8 and Alma Linus 9 Support for Amazon Linux 2 OS Supported as of v1.4.0: Red Hat 7 Red Hat 8 Alma Linux 8 Alma Linux 9 Ubuntu 20 Ubuntu 22 Amazon Linux 2 Depreciated OS: Debian 9 Debian 10 Centos 7 Ubuntu 18 EA Manager may still work correctly in deprecated OS’s but only supported ones are used to certify new releases.  It is recommended usage of supported OS to ensure a smooth deployment process. Bug FixesDEA deployment fails in Ubuntu 20 due to old python3-openssl package dependency. Agent packages unavailable by nginx if some parent paths are not created with access for other by default. Permissions fixed during deployment for secret folders

Devo Exchange team is proud to present version 1.4 of the Content Marketplace!   This release comes with major features as well as many improvements.Table of Contents Content Submission Tool Alerts installed in OFF mode TAGs Reorder Resilience in Exchange Bug Fixes   Content Submission ToolYes you can share the content you create with your peers!  You can find the Content Submission tool at the top of the right man page for Devo Connect.Watch the Video! Types of Content you can share:Activeboards Applications Alerts Lookups Synthetic DataOnce you share your content the team will review it and recreate it if need be into a shareable form and publish it for you!   Alerts installed in OFF modeA popular user request, Alerts are now installed in OFF mode.  Users wanted to change parameters, policies and delivery methods before activating alerts.  Now you can! TAGs ReorderMain category tags have been reordered for increased discovery.  All the subcategories and tags have been reviewed, with new categories added to increased discovery. Resilience in ExchangeManagement of API errors is greatly improved.  Exchange can manage errors from external API’s.  Error notifications will be available on the top right! Bug Fixes Fixed Filter Selection Fixed Search acting on Blank : Sometimes when you searched for part of a word and then deleted it, the search attempted to filter by blank. Improved Image handling Improved design handling on lower resolutions 

The Devo Exchange team has released the Google Cloud Platform (GCP) Cloud Audit Active Board!  This Activeboard summarizes information about the most relevant fields contained in GCP Cloud Audit log entries related to GCP Services audited API calls for a selected period of time.If you are using Google Cloud Platform in your environment, download this Activeboard! Find this Activeboard on Devo Exchange! Learn more about his update on Devo Docs!

The Devo Exchange team has release a new Lookup that will provide you with an up to date list of embargoed countries to enrich your data with and help you filter out the noise from attacks originating from  the countries on this list. Embargoed Country DataThe lookup pulls information from different government sources, predominantly from the Export Administration Regulations (EAR) department and is limited to the United States of America.  You can modify the information to adapt to your particular company’s needs based on the information provided for each region. What is EAR?The Export Administration Regulations (EAR) are a set of regulations found at 15 C.F.R. § 730 et seq. They are administered by the Bureau of Industry and Security, which is part of the US Commerce Department. The EAR regulates export and export restrictions: whether a person may export something from the U.S.; re-export something from a foreign country; or transfer something from one person to another in a foreign country. The EAR apply to physical objects as well as intellectual property such as technology and software. Can I use this Lookup if I do not use Security Operations?Yes!  This lookup started in Security Operations but has been made available to all our clients independent of Security Operations. Download from Devo Exchange. Learn more in our Documentation.

The Devo Exchange team has released a new version of the MITRE ATT&CK Adviser today.  This release brings you new functionality in the form of the Enterprise filter. Enterprise FilterThis new filter allows you to check your alert coverage per enterprise similar to how you can do this on the MITRE website.If you haven’t downloaded the MITRE ATT&CK Adviser, what are you waiting for?! Download from Devo Exchange If you have already installed the MITRE ATT&CK Adviser, you already have the latest version!  Try it out and let us know what you think!

Devo Exchange has released a new Use Case, Windows Activity simulating a complete DoS Attack.  Use Cases use synthetic sample data to generate events in real-time.   You can download the Complete Use Case or the individual components of the Use Case if you find that useful. What’s in this Use case? Content Name Type Injector Injection for Windows Activity AB Synthetic data Receptor Windows Activity Monitoring Activeboard  Download now on Devo Exchange Learn more on Devo Docs  

Devo Exchange has released a new Use Case, this time for IDS Suricata data.  Use Cases use synthetic sample data to generate events in real-time.   You can download the Complete Use Case or the individual components of the Use Case if you find that useful. What’s in this Use Case? Content Name Type Injector Injection for Suricata IDS AB Synthetic data Receptor Suricata IDS Attacks Overview Activeboard  Download now on Devo Exchange Learn more on Devo Docs

The Devo Threat Research Team has just released their January OOTB Alerts for you! This release, available now from the Security Operations Content Manager and brings the total of OOTB Alerts to a whopping 480!  With this release the team added proxy and Windows detections providing more coverage for the following MITRE tactics and Techniques:MITRE Tactic MITRE Technique Execution System Services Command and Control Application Layer Protocol Command and Control Ingress Tool Transfer Defense Evasion Valid Accounts Collection Data from Local System Defense Evasion Masquerading Exfiltration Exfiltration Over Web Services Exfiltration Exfiltration Over Alternative Protocol  These alerts were created with our new research process which should decrease false positives and allow for more actionable alerts.Read the full release notes here! Sample of 5 Alerts include din this release:SecOpsOutboundTrafficToDeviceFlaggedAsThreat A record flagged a destination host from a threat intelligence match list.SecOpsLolbinDatasvcutil Detects a potentially malicious execution of DataSvcUtil binary.SecOpsWinSensitiveFiles Detects a new process which involves a Windows local system sensitive file.SecOpsWinTFTPExecution Detects a potentially malicious execution of TFTP.SecOpsWinWebclientClassUse Detects a potentially malicious WebClient method execution.

Hello Everyone!  The Team is happy to present the Devo Platform Release 7.18 version which includes a ton of Activeboard and User Interaction improvements and features!Geo Availability Region Status CA Released US Released EU Released APAC Released   Table of contentsActiveBoard Updates Scheduled Reports (PDF) Query Optimization User Experience Improvements Table Widget Heatmap / Markersmap Widget Notable bug fixesView the full documentation of this release here.  ActiveBoard UpdatesScheduled Reports (PDF)Check out the launch video describing this feature!  Each Activeboard can have it’s own unique schedule.  Future releases will let you schedule multiple Activeboards at once. Scheduled Reports functionality is available from View and Edit modes as well as from the WEB and Activeboards API. New UI and notifications supporting Scheduled Reports. New Role Permissions for Activeboards Report ScheduleQuery OptimizationYou can now optimize your Activeboard queries with aggregation tasks directly from the Activeboard UI.-New UI indicating when an Activeboard query can be accelerated with an aggregation task.User Experience ImprovementsTable WidgetAdded new field “Align Items” that will allow for left, right or center alignment of data! Added Column data type and column name. Added Null Values improved readability.Heatmap / Markersmap WidgetImproved Readability of the Type field Notable bug fixesFixed Timelapse Widget - timezone being ignored in some cases.Fixed Activeboard “Snap to” operations ignoring timezone in some cases.Fixed Missing heading with Pie/Donut widgetFixed in Data → Free text query the dragable button someitmes remained enabled.

Devo Relay 2.3.0 has been deployed in all environments!This release has a selection of core and background improvements to Devo Relay resulting in a marked increase speed.Table of ContentsNew Feature Multiple output connections New FeatureMultiple output connectionsWe have made Improvements to the NG Relay sending engine. Devo Relay allows data to be sent via multiple sockets.Devo Relay can maximize usage of server resources, improving the number of EPS supported by a single Relay.  

The Devo Threat Research Team has just released their December OOTB Alerts for you! This release, available now from the Security Operations Content Manager, provides 39 new Windows  detections, 1 additional Office 365 alert and 9 updated Alerts.  The team also made great progress in updating older detections, updating 76 Alerts to match our current schema and documentation.These alerts have the same power as before but now integrate better with our other Devo products. If you use the MITRE Attack Advisor App, or like to edit your alerts in Loxcope, these detections can now seamlessly integrate with those products. They have also been updated to work better with our SecOps enrichments like the SecOpsAlertDescription lookup, and can now accurately show the MITRE tactics and techniques associated with the alerts.Read the full release notes here. Sample 5 Alerts included in this releaseSecOpsWinRegistryModificationHideSCAPower - Adversaries may interact with the Windows Registry to hide configuration information within Registry keys, remove information as part of cleaning up, or as part of other techniques to aid in persistence and execution.SecOpsWinRegistryModificationHideClockGroupPolicyFeature - Adversaries may interact with the Windows Registry to hide configuration information within Registry keys, remove information as part of cleaning up, or as part of other techniques to aid in persistence and execution.SecOpsWinActivateNoCloseGroupPolicyFeature - Adversaries may interact with the Windows Registry to hide configuration information within Registry keys, remove information as part of cleaning up, or as part of other techniques to aid in persistence and execution.SecOpsWinRegistryModificationNoFindGroupPolicyFeature - Adversaries may interact with the Windows Registry to hide configuration information within Registry keys, remove information as part of cleaning up, or as part of other techniques to aid in persistence and execution.SecOpsWinRegistryModificationDisableLockWSFeature - Adversaries may interact with the Windows Registry to hide configuration information within Registry keys, remove information as part of cleaning up, or as part of other techniques to aid in persistence and execution.

Devo is proud to present Devo SOAR.What’s going on?Devo SOAR has been released, along with a first for Devo a product Trial is now available as well!How do I get my hands on it?Visit the Devo SOAR Trial page.I got the trial now what?Visit Devo Connect’s SOAR How-to’s to get started!  Post your question on the Community Section and let us know how we can help!  Experts and peers are here to answer all your questions.OMG I Love it!  I need this who can I contact?That’s great! Visit the Trial page, for the interest question select “I have an immediate need” then make sure you check box to be contacted by the Sales team and they will get you started. As always let me know how we can help!  If you need a particular tutorial or any questions you may have!