Overview

Observo AI is excited to announce that we have partnered with Microsoft and it is now available on the Azure Marketplace. This will make it easier for Azure customers to quickly adopt the AI-Powered Security and Observability Pipeline to help control costs, manage data sprawl, boost productivity, and identify and resolve critical incidents faster.

Customers can now deploy Observo AI at speed while benefiting from Azure’s trusted and secure infrastructure, as well as its global commercial footprint. Availability on the Azure Marketplace will enable seamless purchasing and invoicing, with customers able to use their existing Microsoft Azure Consumption Commitment (MACC) to purchase Observo AI.

Observo AI is a powerful tool for helping DevOps and Security teams manage the rapidly growing deluge of telemetry data that they use for Security and Observability efforts in their organizations. Observo AI enables organizations to cut SIEM and observability costs by more than 50% by reducing infrastructure costs and limiting license growth in the future. Observo helps minimize risk while enhancing the visibility into enterprise IT environments. Observo AI can reduce data volume by 80% or more, helping make room for additional data sources without impacting daily ingest limits or expanding budgets. These new data sources give customers a more holistic view of security and observability. Observo AI also helps protect sensitive data, resolve incidents before they spiral, and stay in compliance. It routes data where it has the most value to limit vendor lock-in and adds context to data for more efficient queries. By surfacing and prioritizing potentially critical incidents in the stream, they can be resolved more than 40% faster and eliminate false positives and alert fatigue.

‍“Observo AI, available on the Azure Marketplace, offers a solution for Microsoft Azure and Sentinel customers struggling with the relentless growth of security data. Observo AI empowers Security teams to optimize costs, speed incident response, and ensure robust security and compliance with a seamless, fast, and easy purchase option through the Azure Marketplace.”

– Jatinder Mann, CEO of Cetark, a cyber security services company specializing in Microsoft Security portfolio

Eliminate Noisy  Data

Security teams rely on data to keep their organizations secure, but 80% of that data typically has little to zero analytical value. As a result, these teams are paying to analyze data that has nothing interesting to tell them. This noise comes in the form of duplicate fields, header values, null fields, and other data that doesn’t help security teams do their job. Most of these events describe normal occurrences like a firewall allowing a transaction - essentially nothing to see here. Paying to analyze this data before knowing if it has any value stresses IT budgets and daily ingest limits and the problem is getting worse as this data is doubling every 2-3 years for most enterprises. Flooding a SIEM index with all of that noisy data is expensive - it can increase license expenses and cause massive increases in infrastructure costs like storage, compute, and egress. All of this noise also dilutes actual signal from the 20% of data that really matters, which makes it hard for security teams to focus on actual threats.

Observo AI separates the 20% signal from the 80% noise. We can filter out all of the noisy field data like duplicates and nulls, as well as summarize normal data to reduce data volume by 80% or more. Observo’s Smart Summarization engine uses machine learning models to detect potential threat patterns and separate them from the vast majority of data that doesn’t tell the story of a potential security threat. It summarizes many normal events into a single event for massive data reduction. Rather than sample out this data, all of the important information is summarized for teams so they understand how many events, over what time frame, and aggregates other field values into a single event and passes through any events that are outside of what the ML models describe as normal or looks like a specific threat pattern. This helps teams save 50% or more on SIEM costs by reducing infrastructure costs today and curbing future license growth. 

Mask Sensitive Data

Observo AI proactively detects sensitive data allowing you to secure it through obfuscation or hashing. Unlike static tools that set rules for what is sensitive data, Observo’s ML models use pattern recognition to discover all sensitive data, even if it’s in an unexpected field or metric. Observo.ai automates compliance with privacy regulations like GDPR, CCPA, and PCI. Observo.ai helps you keep all sensitive data safe and protected. Earn customers' trust by securing all PII to stay in compliance.

Anomaly Detection

The Observo AI pipeline learns what is normal for any given data type. Observo’s AI models detect anomalies and assign “sentiment” based on pattern recognition. Sentiment dashboards add valuable insights and help reduce alert fatigue by helping Security and DevOps teams discern meaningful alerts from run-of-the-mill items that don’t require immediate attention. Observo.ai can integrate with common alert/ticketing systems like ServiceNow, PagerDuty, and Jira for real-time alerting. By focusing on the right signals and tuning out the noise, Observo.ai can speed the resolution of critical incidents 40% faster.

Searchable, Low-cost Data Lake

Observo AI recommends taking a copy of full-fidelity data and routing it to inexpensive cloud object storage like Azure Blob. Observo transforms log data into Parquet format, a highly compressible data format that allows search using natural language queries through tools like Athena. Storing data in Parquet format in cloud object storage can cost as little as 1-2% of storing it in block storage attached to your SIEM or log analytics tool index. This allows customers to keep more data for longer periods, which bolsters their ability to investigate incidents like breaches, which often occur months, if not years before being discovered. It also helps them comply with log retention standards and regulations which for some industries require storing logs for up to seven years. Observo can “rehydrate” this data at any time and route it from Azure Blob back to Sentinel or any other analytics tool should you need to investigate this data on demand. Retain more data, spend less money, and be more flexible.

Data Enrichment

Observo AI enriches data to add context. Observo AI can also enrich logs with third party data like Geo-IP and threat intel to make data more actionable. Adding the right data can significantly speed up queries in downstream tools and reduce the compute toll on indexing engines.

Filter, Reduce, and Aggregate Low Value Metrics

Observo AI offers solutions to optimize telemetry metric data by filtering out unused, little-queried, or high-cardinality metrics, reducing data storage costs and improving performance in systems like Datadog and Elasticsearch. It identifies unqueried metrics, and filters them out to control the explosive growth of custom metrics that strain customers’ budgets. By filtering unnecessary custom metric tags and tag values, customers prevent the build up of costly custom metrics and avoid performance issues caused by data bloat. Finally, Observo aggregates high-frequency metrics by summarizing data over time to maintain insights without the overhead of repetitive, low-value metrics.

Wrapping up

Customers are increasingly turning to Microsoft Azure for it’s scalability, enabling businesses to efficiently manage their resources as they grow. Azure's wide range of services, from AI and machine learning to data analytics and cloud storage, helps organizations streamline operations and innovate rapidly. Additionally, its strong security and compliance features offer peace of mind for enterprises handling sensitive data and ensuring regulatory compliance.

Observo AI + MS Azure ramps up the power of your security and observability efforts while controlling costs and boosting efficiency. Buying Observo AI on the Azure Marketplace offers an integrated buying experience that can unlock flexibility and allows you to use existing MACC credits to buy the most comprehensive AI-powered telemetry data pipeline available.

Visit Observo AI on the Azure Marketplace. Schedule your custom demo of Observo AI today.