Devo vs i-SIEM [EOL] comparison

Devo and Cybereason are both solutions in the Security Information and Event Management (SIEM) category. Additionally, 95% of Devo users are willing to recommend the solution, compared to 100% of Cybereason users who would recommend it.

Devo

Read 23 Devo reviews

2,727 Views
1,800 Comparison Views

95% willing to recommend

i-SIEM [EOL]

Read 1 i-SIEM [EOL] review

100% willing to recommend

Devo

i-SIEM [EOL]

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Nov 2, 2025

Devo and i-SIEM [EOL] compete in the SIEM market. Devo has an edge in deployment simplicity and customer satisfaction, while i-SIEM [EOL] stands out with its feature set despite higher costs.

Features: Devo provides robust analytics, real-time data processing, and enhances security management. i-SIEM [EOL] provides advanced threat detection, compliance reporting, and detailed compliance oversight.

Ease of Deployment and Customer Service: Devo offers straightforward deployment and excellent support for smooth integration. i-SIEM [EOL] requires additional resources for a more complex deployment but has diligent problem-solving customer service.

Pricing and ROI: Devo is cost-effective with a favorable ROI due to lower setup costs. i-SIEM [EOL] has higher initial costs but offers extensive features and long-term returns for detailed security operations.

To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: November 2025).

Buyer's Guide

Security Information and Event Management (SIEM)

November 2025

Download the complete report

Helped 879,371 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Devo

Average Rating

8.4

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Log Management (28th), Security Information and Event Management (SIEM) (23rd), IT Operations Analytics (9th), AIOps (20th)

i-SIEM [EOL]

Average Rating

9.0

Number of Reviews

Ranking in other categories

No ranking in other categories

Featured Reviews

Francisco JavierRomo

Strategic Account Executive at a computer software company with 51-200 employees

Has improved investigative workflows with interactive dashboards and simplified data correlation

The data analytics cloud component focuses on real-time analytics, which is very impressive. The SIEM collects and correlates logs data from different sources and can integrate with ServiceNow, hardware asset management, and software asset management. The security orchestration, automation, and response (SOAR) is another valuable feature. The security data platform serves as the foundation of Devo. Regarding advanced query capabilities, Devo offers several models including query logs, visual query builder, language integrated query, and SQL, with SQL being the most frequently used querying data capability. The single pane of glass that Devo offers is the SOC. The tools in Devo's active ports are for investigating, not just viewing data. They are more interactive than other market solutions. The drill-down reports capabilities allow analysts to click on any element in a widget. When they see a spike in a line chart for a failed login, which could be a true or false attempt, they can click that spike, and a table widget on the same active board instantly populates with raw logs of data for those specific failed logins. This is particularly important for enterprise companies with numerous endpoints and users. The dynamic filtering of inputs significantly reduces the time cybersecurity analysts spend trying to figure out failed logins and identifying false positives.

Read full review

Dannie Combs

Senior Vice President and Chief Information Security Officer at Donnelley Financial Solutions

The alert fatigue and false positive rates have just plummeted, which is really exciting.

empow has a few areas of improvement as with any other technology, such as continuing to drive innovation in the dashboard. While we've been extremely impressed with the dashboard's ease of use, flexibility, ability to drill down deeply, and focus very intently on an area of interest, there will always be opportunities to be more innovative and open it up to a wider audience than just the operations group, for example. With reporting, there is always a desire to have custom reporting for every client of empow. Relative to keeping up with the sheer pace of cloud-native technologies, it should provide more options for clients to deploy their technologies in unique ways. This is an area that I recommend that they maintain focus.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"One of the biggest features of the UI is that you see the actual code of what you're doing in the graphical user interface, in a little window on the side. Whatever you're doing, you see the code, what's happening. And you can really quickly switch between using the GUI and using the code. That's really useful."

"Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data."

"Scalability is one of Devo's strengths."

"Those 400 days of hot data mean that people can look for trends and at what happened in the past. And they can not only do so from a security point of view, but even for operational use cases. In the past, our operational norm was to keep live data for only 30 days. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. That's one reason that having 400 days of live data is pretty huge. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics."

"Being able to build and modify dashboards on the fly with Activeboards streamlines my analyst time because my analysts aren't doing it across spreadsheets or five different tools to try to build a timeline out themselves. They can just ingest it all, build a timeline out across all the logging, and all the different information sources in one dashboard. So, it's a huge time saver. It also has the accuracy of being able to look at all those data sources in one view. The log analysis, which would take 40 hours, we can probably get through it in about five to eight hours using Devo."

"The drill-down reports capabilities allow analysts to click on any element in a widget. When they see a spike in a line chart for a failed login, which could be a true or false attempt, they can click that spike, and a table widget on the same active board instantly populates with raw logs of data for those specific failed logins."

"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events."

"Even if it's a relatively technical tool or platform, it's very intuitive and graphical. It's very appealing in terms of the user interface. The UI has a graphically interface with the raw data in a table. The table can be as big as you want it, depending on your use case. You can easily get a report combining your data, along with calculations and graphical dashboards. You don't need a lot of training, because the UI is relatively very intuitive."

More Devo pros

"As a result of the automation, we are able to manage SIEM with a small security team. I'm in a unique position where we have been growing the security organization quite rapidly over the last three and a half years. But, as a direct result of the empow transition and legacy collection of tools towards the empow platform, we've been able to keep that head count flat. We've been able to redirect a lot of the security team's time away from the wash, rinse, repeat activities of responding to alarms where we have a high degree of confidence that they will be false positives, adjusting the rules accordingly. This can be a bit frustrating for the analyst when they have to spend hours a day dealing with these types of probable false positives. So, it has helped not only us keep our headcount flat relative to the resources necessary to provide the assurances that our executives expect of us for monitoring, but allows our analyst team to spend the majority of their time doing what they love. They are spending their time meaningfully with a higher degree of confidence and enjoying getting into the incident response type activity."

Cons

"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design."

"The tools in Devo's active ports need enhancement in their investigative capabilities."

"The price is one problem with Devo."

"The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets."

"My opinion on the solution's technical support is not as great as it could be because of the issues I have faced regarding the service management element."

"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."

"Devo has a lot of cloud connectors, but they need to do a little bit of work there. They've got good integrations with the public cloud, but there are a lot of cloud SaaS systems that they still need to work with on integrations, such as Salesforce and other SaaS providers where we need to get access logs."

"An admin who is trying to audit user activity usually cannot go beyond a day in the UI. I would like to have access to pages and pages of that data, going back as far as the storage we have, so I could look at every command or search or deletion or anything that a user has run. As an admin, that would really help. Going back just a day in the UI is not going to help, and that means I have to find a different way to do that."

More Devo cons

"Relative to keeping up with the sheer pace of cloud-native technologies, it should provide more options for clients to deploy their technologies in unique ways. This is an area that I recommend that they maintain focus."

Pricing and Cost Advice

"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."

"I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."

"Our licensing fees are billed annually and per terabyte."

"It's very competitive. That was also a primary draw for us. Some of the licensing models with solutions like Splunk and Sentinel were attractive upfront, but there were so many micro-charges and services we would've had to add on to make them what we wanted. We had to include things like SOAR and extended capabilities, whereas all those capabilities are completely included with the Devo platform. I haven't seen any additional fee."

"Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."

"It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less."

"Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."

"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."

More Devo pricing and cost advice

"With a higher degree of fidelity in the alarms, we were able to avoid adding additional resources to our teams. We take into account the cost of security resources in the market and the significantly higher fidelity from the alarms that are being generated. This drove down our costs with our MSSP. It drove down my cost for human capital internally. It drove down our need to have multiple resources supporting the underlying infrastructure and health and maintenance of empow as a platform from several resources down to one. Therefore, human capital costs were significantly reduced. Our operating expenses were significantly reduced. Our capital costs were significantly reduced while tripling our capacity and our run rate reduced. It was almost a "too good to be true" situation. Fortunately, for us, it worked out very nicely."

"I don't have to put up with any longer with these hypercomplex licensing agreements. Every time I want to add some additional reporting as a compliance centric or regulatory specific, e.g., GDPR, PCI, or Sarbanes-Oxley, many providers would have an additional license for this, which felt a bit ridiculous to me. With the simplified licensing architecture, there were no hidden "gotchas" down the road with empow. Something I have experienced with other providers that I've worked with in the past."

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

879,371 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

15%

Computer Software Company

10%

University

Manufacturing Company

Performing Arts

11%

Legal Firm

Manufacturing Company

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	4
Large Enterprise	11

No data available

Questions from the Community

What is your experience regarding pricing and costs for Devo?

Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.

See all answers

What needs improvement with Devo?

The single pane of glass that Devo offers could be improved. The tools in Devo's active ports need enhancement in their investigative capabilities. The drill-down reports capabilities, while useful...

See all answers

What is your primary use case for Devo?

During my time at MetaBase Q and as a partner integrator of ServiceNow, I had the chance to understand and be part of projects integrating SOCs, NOCs, and Security Operation Centers with Devo. Most...

See all answers

Ask a question

Earn 20 points

Comparisons

LogRhythm SIEM vs Devo

Compared 12% of the time

Splunk Enterprise Security vs Devo

Compared 9% of the time

IBM Security QRadar vs Devo

Compared 9% of the time

Microsoft Sentinel vs Devo

Compared 8% of the time

Elastic Security vs Devo

Compared 4% of the time

More Devo Competitors

DNIF HYPERCLOUD vs i-SIEM [EOL]

Compared 36% of the time

Netsurion vs i-SIEM [EOL]

Compared 27% of the time

Trellix ESM vs i-SIEM [EOL]

Compared 21% of the time

Splunk Enterprise Security vs i-SIEM [EOL]

Compared 16% of the time

More i-SIEM [EOL] Competitors

Product Reports

Buyer's Guide

Devo

December 2025

Download Devo product report

Buyer's Guide

Security Information and Event Management (SIEM)

November 2025

Download i-SIEM [EOL] product report

Overview

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Devo

i-SIEM [EOL] is an innovative security information and event management platform designed to enhance threat detection and response capabilities in IT environments.

i-SIEM [EOL] offers a comprehensive approach to managing and analyzing security alerts, ensuring that businesses can effectively mitigate risks. With advanced threat intelligence and robust analytics, it helps organizations streamline their security operations and improve incident response times, providing each organization the information required to make informed security decisions.

What are the most important features of i-SIEM [EOL]?

Real-time Monitoring: Continuously tracks network activity to detect potential threats.
Advanced Threat Detection: Utilizes AI to identify sophisticated attacks.
Customizable Dashboards: Allows users to tailor their view and focus on relevant data.
Automated Incident Response: Streamlines the response process by automating certain actions.
Scalable Architecture: Easily adapts to growing business needs.

What benefits and ROI should users consider in reviews?

Improved Security Posture: Enhanced monitoring capabilities reduce risk exposure.
Operational Efficiency: Automation cuts down manual efforts and saves time.
Increased Visibility: Comprehensive insights into activity improve decision-making.
Cost Management: Helps allocate resources more effectively, potentially reducing costs.

i-SIEM [EOL] is particularly beneficial in industries such as finance and healthcare where data security is paramount. Its ability to integrate with existing infrastructure allows seamless adoption, offering enhanced security without disrupting operations. Industries handling sensitive information value its advanced capabilities to safeguard data integrity.

Cybereason

Sample Customers

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel

University of Oklahoma, Donnelley

Buyer's Guide

Security Information and Event Management (SIEM)

November 2025

Download Free Report

Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: November 2025.

DOWNLOAD NOW

879,371 professionals have used our research since 2012.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.