In this use case, a hypothetical attacker used an exploit against our machine in the local network, which triggered an alert from an external security service. Our external service does not provide additional details about the threat. We will use this Flow to combine the external service data and the data extracted by Devo to check if there's any data flow from the victim to the attacker.

Behind every data table lies an intricate web of connections between values. Use the Devo Graph diagram to represent columns of your data table as interactive nodes and links to gain invaluable insight into the bigger picture.

When graphically representing data to globally analyze the composition of a given data set, the Voronoi treemap is one of the most valuable tools. Discover everything that Devo offers you to create and use the Voronoi.

Devo’s unique architecture and open data model lets you collect, analyze and draw conclusions from data. You can use lookup tables to enrich this data by establishing complex relationships between any data in Devo.

The Devo Platform helps protect your data by registering the alerts triggered in your domain. Use Devo Flow to keep track of these alerts and receive the findings straight to your inbox in a customized report.

With so much data available, it´s never been more important to protect it against loss or misuse. Use Devo Flow to build complex workflows to detect inactivity and alert us before our data is completely lost.

The Autoparser is able to parse with minimum user interaction proprietary data that lacks the tag structure required for fully automatic parsing.

Devo Content Stream arms security analysts with actionable content including curated alerts and threat intelligence to defend the organization more effectively against rapidly evolving threats. Content Stream not only delivers immediate out-of-the-box value to Security Operations, but it also updates alerts and threat intelligence on an ongoing basis to improve the speed and effectiveness of your security team.

Devo’s unique architecture and RBAC offer an impressive granularity level that allows you to administrate almost every single resource individually. This is the case for lookups, which can now be shared with specific roles while specifying a scope of interaction.

To run a search, you must access the data table where the events you need to work with are stored. You can do this via the Data Search area of Devo.