Deepwatch Unlocks New Capabilities and Increased Flexibility with its Open Security Data Architecture

Customers benefit from their choice of data sources and security tools for advanced correlation, hyperautomation, and response delivering optimal outcomes for cyber resilience

TAMPA, FL – March 5, 2024 — Deepwatch, the leading managed security platform for the cyber resilient enterprise, introduces its open security data architecture, providing customers with their choice of cloud and local data sources, including support for a broad range of Security Information and Event Management (SIEM) solutions as well as data lake, XDR, and MDR solutions. Deepwatch’s new open architecture allows customers to fully leverage existing security investments, delivering pre-built, seamlessly integrated stacks for endpoint, identity, network, and cloud protection. With support for multiple SIEMs, data lakes, and correlation engines, customers can expect reductions in incident response time, false positives and downtime, ensuring comprehensive coverage and precision response across all customer assets.

“Deepwatch is providing an open, agnostic approach to cyber resilience, leveraging existing customer investments,” said Charlie Thomas, Deepwatch CEO. “Today we are excited to deliver optimal flexibility and improved data visibility, correlation, and response.”

The cloud-based applications and services adopted by modern enterprises are monitored by a myriad of point security solutions and platforms. This range of data sources is problematic for traditional MDR platforms and technologies that rely on a single logging pipeline, leading to rising complexity and cost. Achieving cyber resilience requires companies to adopt a decentralized data logging architecture, one where detection and response is delivered wherever data resides. 

Gartner® described the importance of this architecture in the 2023 report The Future of Security Architecture: Cybersecurity Mesh Architecture (CSMA) report as the security layer of its concept: “The key capability of the layer is in its ability to take signals from many different point products and apply a relationship-based risk scoring matrix to feed multiple types of decision points. This layer is an evolution of what SIEM, SOAR, UEBA and XDR vendors are doing today. Currently no vendor has all of the capabilities in this layer available as a product offering.  This mesh of dynamic scoring provides the ability for this layer to trigger defensive actions before attacks materialize.

By embracing an open security data architecture, Deepwatch delivers on the promise of defensive capabilities and coordination of actions through greater visibility while reducing overall spend. This allows customers to leverage the SIEMs and data lakes of their choice, better aligning to their business needs and licensing agreements and ultimately providing better detection and response to this wider range of threats.

Deepwatch’s new architecture is powered by multimodal Generative AI capabilities, federated search of native data locations, and proprietary hyperautomation and process mining. Deepwatch will deliver its Open Security Data Architecture (OSDA) through the next generation of the Deepwatch platform with support for Splunk today, Microsoft Sentinel in April 2024, with CrowdStrike shortly. Microsoft Sentinel support will be the first of many data sources followed by other sources (Endpoints, EDR, SIEMs, XDR, data lakes, and cloud) that Deepwatch will support to unlock new capabilities and increased data flexibility.

Learn more about the Deepwatch Open Security Data Architecture and its commitment to protecting enterprises from the latest adversaries.

About Deepwatch
Deepwatch® is the leading managed security platform for the cyber resilient enterprise. The Deepwatch Managed Security Platform and security experts provide enterprises with 24/7/365 cyber resilience, rapid detections, high fidelity alerts, reduced false positives, and automated actions. We operate as an extension of cybersecurity teams by delivering unrivaled security expertise, unparalleled visibility across your attack surface, precision response to threats, and the best return on your security investments. The Deepwatch Managed Security Platform is trusted by the world’s leading brands to improve their security posture, cyber resilience, and peace of mind. Learn more at

Subscribe to the Deepwatch Insights Blog