A visitor tries out a tablet next to a cloud computing and technology symbol at the 2013 CeBIT technology trade fair on March 5, 2013, in Hanover, Germany. Devo Technology announced $250 million in Series E funding on Tuesday. (Photo by Sean Gallup/Getty Images)

Cloud-native security analytics company Devo Technology on Tuesday announced $250 million in Series E funding at a valuation of $1.5 billion — a round that analysts say puts Devo at the forefront of the transition to making cybersecurity primarily driven by analytics.

Marc van Zadelhoff, CEO at Devo, said the company will use the funding to bolster its partner program for those wanting to use the Devo platform to serve as a foundational technology. Devo will also continue to expand in global markets, said van Zadelhoff, who added that a focal point for reaching enterprise customers in regions such as North America and Asia Pacific will be through partners.

“That said, targeting Global 2000 companies directly has also been key to our go-to-market strategy and will remain so with this new funding, especially as we plan to introduce new innovation around content delivery and community in the future, said van Zadelhoff.

Devo’s news came two days after Microsoft warned companies about the impending threat to resellers and large service providers of Nobelium, the state-sponsored Russian threat actor that was behind the SolarWinds attack.

Gunter Ollmann, Devo’s chief security officer, said the threat represented by Nobelium and other groups like it underscores the need to not only continuously acquire log data across all enterprise surfaces, but to analyze all that data and distill rogue behaviors in real-time. Ollmann said while behavioral analytics functions as a critical ingredient in spotting supply chain threats that evolve into insider threat gateways, it’s not enough by itself.

“SOC analysts are battling alert fatigue and more alerts are not the answer,” Ollmann said. “Augmenting the human analyst with both smart AI and on-demand expertise via a global community of vetted subject-matter experts are key to timely and successful remedy of Nobelium-like threats. As a cloud-native solution provider, the ability for Devo to apply smart analytics and spot anomalies across multiple customers and environments means that coordinated state-sponsored and global crime syndicate operations are more readily spotted than if each targeted enterprise had to detect and fend for themselves.”

Jon Oltsik, senior principal analyst and fellow at the Enterprise Strategy Group, added that it’s become clear that threat management needs a high-performance, cloud-scale back-end, a reality that was reinforced when CrowdStrike acquired Humio and SentinelOne purchased Scalyr. Oltsik explained that Devo has similar high-end analytics capabilities, but has been focused on security for longer than either of those other companies.

“Devo has a presence is North America and parts of Europe, but wants more global reach and the funding will help here,” Oltsik said. “The future of cybersecurity will be completely analytics-driven, meaning that organizations will depend upon a back-end brain to instrument controls, alert on high risks, and recommend remediation strategies. This will marginalize the role of existing controls like endpoint security, firewalls, and intrusion detection. Devo is well-positioned to play a role in this transition.”

Much of Devo's success has been due to its focus on MSSPs and security resellers, companies that have gained importance since the beginning of the pandemic,” said Kevin Dunne, president at Pathlock. Dunne said the increase in the number of cyberattacks, combined with the hiring constraints on security personnel, have encouraged many companies to outsource some of the SOC and security infrastructure to partners. 

“Devo's easy-to-deploy cloud solution powers many of these partner-delivered solutions, leading to their pronounced growth throughout the course of the pandemic,” Dunne said. “This new funding positions Devo as a leader in the cloud-native logging, SIEM, and security analytics space.”