Application: Devo 360 for AWS

Open

Purpose

The Devo 360 for AWS Application is a pre-built knowledge base of dashboards and alerts that delivers real-time visibility and expedites analysis of Devo users’ AWS infrastructures. It helps you use the Devo Platform to optimize resources and detect threats targeting your AWS infrastructure. It also automatically aggregates AWS alerts by threat definition which increases analysts’ efficiency and reduces fatigue as they address alerts.

Prerequisites

To use the Devo 360 AWS, you must have the following lookups installed in your domain, unless you have the Security Operations application, which includes them as part of the installation package:

• SecOps GWL Lookup

• SecOps Location Lookup

• SecOps Alert Description Lookup

• SecOpsAssetRole Lookup

You must also have the following data sources available on your domain:

• cloud.aws.cloudtrail ^{learn more}

• cloud.aws.cloudtrail.s3 ^{learn more}

• cloud.aws.vpc.flow ^{learn more}

• cloud.aws.cloudwatch.metrics ^{learn more}

• cloud.aws.cloudtrail.signin ^{learn more}

• cloud.aws.cloudwatch.events ^{learn more}

Open app

Once the app has been installed, you can use the Open button at the top right of the card in Exchange to access it and use it as intended. You can also access the app via the Navigation pane.

Open

Use app

Once inside the app, you can use it as required. Refer to Devo 360 for AWS for a detailed walkthrough.