Application: Devo 360 for AWS
- Former user (Deleted)
- Laszlo Frazer
- Former user (Deleted)
Purpose
The Devo 360 for AWS Application is a pre-built knowledge base of dashboards and alerts that delivers real-time visibility and expedites analysis of Devo users’ AWS infrastructures. It helps you use the Devo Platform to optimize resources and detect threats targeting your AWS infrastructure. It also automatically aggregates AWS alerts by threat definition which increases analysts’ efficiency and reduces fatigue as they address alerts.
Prerequisites
To use the Devo 360 AWS, you must have the following lookups installed in your domain, unless you have the Security Operations application, which includes them as part of the installation package:
You must also have the following data sources available on your domain:
cloud.aws.cloudtrailcloud.aws.cloudtrail.s3cloud.aws.vpc.flowcloud.aws.cloudwatch.metricscloud.aws.cloudtrail.signincloud.aws.cloudwatch.events
Send these logs using an AWS SQS collector.
Open app
Once the app has been installed, you can use the Open button at the top right of the card in Exchange to access it and use it as intended. You can also access the app via the Navigation pane.
Use app
Once inside the app, you can use it as required. Refer to Devo 360 for AWS for a detailed walkthrough.