Devo Technology acquires threat hunting provider to build next-gen autonomous SOC

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!

Today, cloud-native logging and security analytics provider Devo Technology announced that it had acquired autonomous threat hunting company Kognos. With this acquisition, Devo aims to move toward developing the concept of an “autonomous SOC,” to combine its cloud-native analytics and detections capability with the Kognos AI engine. 

Kognos’s threat hunting platform uses advanced attack-tracing AI that can automatically triage and investigate threat alerts to create attack stories, so that human analysts can manage security incidents without getting caught up on repetitive manual tasks that increase stress. 

For organizations, the solution offers the potential to automate security tasks so that human security teams can operate more efficiently with less chance of burnout and churn.  

Automating burnout away 

The acquisition comes as security analysts are becoming more and more afflicted by burnout, with research showing that more than 70% of SOC analysts are experiencing burnout with 60% saying their workloads have spiked over the past year. 

One of the core reasons for this unmanageable workload is that security analysts have to spend hours on inefficient manual tasks, with 64% of analysts reporting that manual work eats up more than half of their time. 

Kognos’ solution to this problem is to use AI to triage and investigate threat alerts so that human analysts don’t have to waste time investigating false positive incidents and gathering intelligence manually. 

“Cybersecurity requires you to combine real-time streaming with massive data analytics. Devo has built the most scalable and economic platform security analytics in the industry to address this need, something legacy solutions haven’t been able to solve,” said Devo Technology’s CEO, Marc van Zadelhoff. 

The typical CISO or SOC has 200 security tools from 40 different vendors, but the one that they look at every day is Devo, because Devo brings everything together — Devo takes petabytes of data, analyzes it and displays it in a way that shows the SOC what’s actually happening, in real time,” Zadelhoff said. 

The security automation market 

Security automation is now in a constant state of growth. The Security Orchestration Automation and Response Market alone is anticipated to reach a value of $2,027.2 million by 2025 as more organizations apply automated security tools. 

One security automation provider that’s competing with Kognos is Splunk, which provides a platform for users to search data from sources throughout their networks and automate manual security tasks. Last year, Splunk also announced an investment of $1 billion. 

Another competitor is LogRhythm, a Security Information and Event Management (SIEM) platform that enables security teams to automate manual tasks and leverages machine learning to improve the accuracy of threat detection. LogRhythm most recently raised $50 million in 2016. 

However, Zadelhoff argues that the provider’s cloud-native capabilities separate it from competitors. 

“Our competitors can’t match Devo’s cloud-native speed and scale,” Zadelhoff said. “Our customers get instant access to 400 days of hot data for richer threat investigations and hunts, we more seamlessly adapt to data changes and sources, and now with Kognos, automated threat investigations are taken to a new level by bringing full attack stories to the table.” 

Originally appeared on: TheSpuzz