No more typing reviews! Try our Samantha, our new voice AI agent.

AlienVault OSSIM vs Devo comparison

AT&T and Devo are both solutions in the Security Information and Event Management (SIEM) category. AT&T is ranked #24 with an average rating of 7.0, while Devo is ranked #28 with an average rating of 8.0. AT&T holds a 1.2% mindshare in SIEM, compared to Devo’s 1.2% mindshare. Additionally, 80% of AT&T users are willing to recommend the solution, compared to 95% of Devo users who would recommend it.
AlienVault OSSIM
Read 31 AlienVault OSSIM reviews
  • 5,253 Views
  • 5,095 Comparison Views
80% willing to recommend
Devo
Read 24 Devo reviews
  • 5,955 Views
  • 3,335 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

Devo and AlienVault OSSIM are two leading products in the network security space. Devo seems to have the upper hand due to its advanced data analytics capabilities and user-friendly approach, while AlienVault OSSIM is favored for its comprehensive threat detection features.

Features: Devo provides powerful data analytics, real-time monitoring, and seamless integration capabilities. AlienVault OSSIM stands out with built-in security tools, threat intelligence, and incident response features. Devo offers strong analytics, while AlienVault OSSIM delivers a comprehensive security package.

Room for Improvement: Users suggest Devo could benefit from enhanced reporting, more intuitive configuration options, and refining existing features. AlienVault OSSIM users wish for improved scalability, better documentation, and enhanced overall usability and support materials.

Ease of Deployment and Customer Service: Devo is frequently praised for its straightforward deployment process and responsive customer service. AlienVault OSSIM has a more complex deployment model which can be challenging for new users. AlienVault OSSIM's customer service, while helpful, sometimes lacks the quick response times reported by Devo users.

Pricing and ROI: Devo has a more appealing pricing model and is often seen as providing better ROI due to its efficiency and cost-effectiveness. AlienVault OSSIM tends to have higher setup costs but compensates with its comprehensive feature set, which users find justifies the investment. While Devo is more budget-friendly, AlienVault OSSIM delivers a balanced ROI with its wide range of capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AlienVault OSSIM vs. Devo Report (Updated: June 2026).
Buyer's Guide
AlienVault OSSIM vs. Devo
June 2026
Download the complete report
Helped 900,644 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AlienVault OSSIM
Ranking in Security Information and Event Management (SIEM)
24th
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
31
Ranking in other categories
No ranking in other categories
Devo
Ranking in Security Information and Event Management (SIEM)
28th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
24
Ranking in other categories
Log Management (26th), IT Operations Analytics (9th), AIOps (18th)
 

Mindshare comparison

As of June 2026, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 1.2%, down from 3.6% compared to the previous year. The mindshare of Devo is 1.2%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
AlienVault OSSIM1.2%
Devo1.2%
Other97.6%
Security Information and Event Management (SIEM)
 

Featured Reviews

BP
Brandon Pearce
Independent Contractor at a comms service provider with 5,001-10,000 employees
Enables cost-effective security management for small businesses
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implementation. The main area where the AlienVault product was lacking around the 2018 timeframe was in its ability to scale. By pushing it to a cloud-based system, they've largely alleviated scale issues. It's native in Amazon but will also run in Azure. They have worked with cloud service providers to offer enough throughput at a cost reasonable for a corporation. Scaling was their biggest problem, and they've largely conquered those issues.
Read full review
FR
Francisco JavierRomo
Strategic Account Executive at a computer software company with 51-200 employees
Has improved investigative workflows with interactive dashboards and simplified data correlation
The data analytics cloud component focuses on real-time analytics, which is very impressive. The SIEM collects and correlates logs data from different sources and can integrate with ServiceNow, hardware asset management, and software asset management. The security orchestration, automation, and response (SOAR) is another valuable feature. The security data platform serves as the foundation of Devo. Regarding advanced query capabilities, Devo offers several models including query logs, visual query builder, language integrated query, and SQL, with SQL being the most frequently used querying data capability. The single pane of glass that Devo offers is the SOC. The tools in Devo's active ports are for investigating, not just viewing data. They are more interactive than other market solutions. The drill-down reports capabilities allow analysts to click on any element in a widget. When they see a spike in a line chart for a failed login, which could be a true or false attempt, they can click that spike, and a table widget on the same active board instantly populates with raw logs of data for those specific failed logins. This is particularly important for enterprise companies with numerous endpoints and users. The dynamic filtering of inputs significantly reduces the time cybersecurity analysts spend trying to figure out failed logins and identifying false positives.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of this solution are the data correlation and vulnerability assessment."
"The most valuable feature is the logging capability."
"The product is easy to use."
"The most valuable features of AlienVault OSSIM are vulnerability assessment, network intrusion detection system, response to critical events, and awareness of the whole network."
"With AlienVault you get everything in one box."
"I recommend it due to the experience of the people running it."
"I have deployed it widely because I find that it gives value for money."
"Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. It is also free and very powerful."
More AlienVault OSSIM pros
"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way."
"The real-time analytics of security-related data are super. There are a lot of data feeds going into it and it's very quick at pulling up and correlating the data and showing you what's going on in your infrastructure. It's fast. The way that their architecture and technology works, they've really focused on the speed of query results and making sure that we can do what we need to do quickly. Devo is pulling back information in a fast fashion, based on real-time events."
"Overall, I have no issues with it and my guys love it."
"Because of the way Devo works, our onboarding time has shrunk by 50 percent at least."
"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."
"It's very, very versatile."
"The most valuable feature is that it has native MSSP capabilities and maintains perfect data separation. It does all of that in a very easy-to-manage cloud-based solution."
"Devo saves us hours in every investigation."
More Devo pros
 

Cons

"The solution is not scalable."
"Lacking in depth of reporting."
"The incidence reporting could be better."
"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."
"It's so hard to configure and explore something new on it. It is not easy to find the steps we need to follow in order to use the solution effectively."
"They can add more compliance templates."
"I would advise others to not implement it for any enterprise-level organization."
"AlienVault OSSIM failed to provide our company a full insight, while also giving out a lot of false positives."
More AlienVault OSSIM cons
"The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets."
"My opinion on the solution's technical support is not as great as it could be because of the issues I have faced regarding the service management element."
"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring."
"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."
"The tools in Devo's active ports need enhancement in their investigative capabilities."
"However, the incident and threat detection is not what we had hoped for."
"They can improve their AI capabilities"
"Technical support could be better."
More Devo cons
 

Pricing and Cost Advice

"We are using the community version, which can be used for free."
"I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log."
"When comparing AlienVault OSSIM to Microsoft Sentinel, AlienVault OSSIM incurs additional costs due to its licensing price structure. If you are using AlienVault for security purposes at a certain level it can have a higher price point than the current pricing of Microsoft Sentinel."
"We are using a free version of the solution. If you purchase a license there are more features available but the price is a little high. The solution should be cheaper to allow more customers to be able to afford it."
"The solution is open source, so it's free to use."
"AlienVault pricing is the best. Whatever cost you are paying, you are getting a return on every penny... It's not like your IBM, your QRadar, or Splunk, where the cost is too high."
"AlienVault OSSIM is free."
"OSSIM is open source, and USM is the paid license. So, if you want, you can switch to USM. There you will have to buy a license, and they have a support team that helps you out on issues you face."
More AlienVault OSSIM pricing and cost advice
"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
"The way Devo prices things is based on the amount of data, and I wish the tiers had more granularity. Maybe at this point they do, but when we first negotiated with them, there were only three or four tiers."
"We have an OEM agreement with Devo. It is very similar to the standard licensing agreement because we are charged in the same way as any other customer, e.g., we use the backroom."
"It's very competitive. That was also a primary draw for us. Some of the licensing models with solutions like Splunk and Sentinel were attractive upfront, but there were so many micro-charges and services we would've had to add on to make them what we wanted. We had to include things like SOAR and extended capabilities, whereas all those capabilities are completely included with the Devo platform. I haven't seen any additional fee."
"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
"[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."
"Our licensing fees are billed annually and per terabyte."
"Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."
More Devo pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
900,644 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Comms Service Provider
14%
Financial Services Firm
8%
Computer Software Company
8%
Manufacturing Company
7%
Financial Services Firm
14%
Construction Company
10%
Manufacturing Company
8%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business18
Midsize Enterprise9
Large Enterprise8
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise12
 

Questions from the Community

What is your experience regarding pricing and costs for AlienVault OSSIM?
It depends. I would need to review their cost models, but generally, they are on a scaled basis based on throughput usage. Because it's a software as a service solution for their core product for U...
See all answers
What needs improvement with AlienVault OSSIM?
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implement...
See all answers
What is your primary use case for AlienVault OSSIM?
This solution is very similar to most of the other MSSPs that you would find out there. When I look at use cases, AlienVault was initially aimed at small to medium businesses. It grew, and that was...
See all answers
What is your experience regarding pricing and costs for Devo?
Pricing generally depends on the scale, data ingestion requirements, and integrations for what the enterprise monitoring needs. I have not been part of the procurement process, so I am not aware of...
See all answers
What needs improvement with Devo?
One improvement area for Devo could be simplifying some configuration and improving the onboarding for new analysts because it is quite complex for fresher or new analysts who are handling Devo.UI ...
See all answers
What is your primary use case for Devo?
Devo serves as our centralized log monitoring, threat investigation, alert monitoring, and security analytics platform. We use it to collect logs from multiple systems so we can correlate the event...
See all answers
 

Comparisons

Wazuh vs AlienVault OSSIM Logo
Wazuh vs AlienVault OSSIM
Compared 18% of the time
Venusense USM vs AlienVault OSSIM Logo
Venusense USM vs AlienVault OSSIM
Compared 12% of the time
USM Anywhere vs AlienVault OSSIM Logo
USM Anywhere vs AlienVault OSSIM
Compared 8% of the time
Splunk Enterprise Security vs AlienVault OSSIM Logo
Splunk Enterprise Security vs AlienVault OSSIM
Compared 6% of the time
Elastic Security vs AlienVault OSSIM Logo
Elastic Security vs AlienVault OSSIM
Compared 4% of the time
More AlienVault OSSIM Competitors
LogRhythm SIEM vs Devo Logo
LogRhythm SIEM vs Devo
Compared 8% of the time
Splunk Enterprise Security vs Devo Logo
Splunk Enterprise Security vs Devo
Compared 7% of the time
New Relic vs Devo Logo
New Relic vs Devo
Compared 4% of the time
IBM Security QRadar vs Devo Logo
IBM Security QRadar vs Devo
Compared 3% of the time
Microsoft Sentinel vs Devo Logo
Microsoft Sentinel vs Devo
Compared 3% of the time
More Devo Competitors
 

Product Reports

Buyer's Guide
AlienVault OSSIM
June 2026
AlienVault OSSIM reportDownload AlienVault OSSIM product report
Buyer's Guide
Devo
June 2026
Devo reportDownload Devo product report
 

Also Known As

OSSIM
No data available
 

Overview

AlienVault OSSIM integrates threat alerts, asset discovery, and data correlation with vulnerability assessment, logging, and network configuration for enhanced usability and threat intelligence via OTX, appealing to those seeking an open-source SIEM solution with comprehensive features.

AlienVault OSSIM offers an open-source platform focused on monitoring and security event management. It enables users to conduct threat detection, vulnerability scanning, log collection, and maintain compliance with standards. Its capabilities in incident management, network visibility, and SOC functions offer a cost-effective approach to security information and event management. OSSIM helps analyze data from diverse sources and triggers alerts for malicious activities. The platform is praised for its integration capabilities, centralized dashboards, and ease of use, attracting those who wish to assess SIEM solutions without heavy investment. However, challenges exist with scalability and integration, especially in large enterprises and regulated environments, requiring interface improvements and configuration ease. Enhancements in log management and false positive reduction are priorities for users.

What features does AlienVault OSSIM offer?
  • Threat Alerts: Provides timely notifications of potential threats.
  • Asset Discovery: Identifies and catalogs devices on the network.
  • Data Correlation: Integrates information from multiple sources to detect complex threats.
  • Vulnerability Assessment: Scans systems for known vulnerabilities.
  • Integration Capabilities: Connects with external systems for improved data sharing.
  • Logging and Dashboards: Centralizes information for easier monitoring and analysis.
What benefits can users expect from AlienVault OSSIM?
  • Enhanced Security Detection: Comprehensive threat identification features.
  • Cost-Effectiveness: Delivers security capabilities at lower costs.
  • Network Traffic Analysis: Offers detailed insights into network activities.
  • Advanced Threat Policies: Supports sophisticated security policy configuration.

AlienVault OSSIM is deployed in industries requiring robust security event management. It assists in monitoring network traffic and identifying threats in sectors like finance, healthcare, and IT services. By leveraging open-source software, businesses enhance security without incurring excessive costs, making it suitable for small to medium enterprises.

AT&T

Devo offers powerful visual analytics, real-time data querying, and log integration capabilities within a cloud-native, multi-tenant architecture, supporting extended data retention ideal for long-term analysis and compliance.

Devo is recognized for its Activeboards, which facilitate visual analytics. High-speed search capabilities and real-time analytics enable efficient data manipulation and querying. Its multi-tenant architecture supports effective data segregation and customization tailored to distinct business needs, enhancing its value for handling complex log integrations. With extended data retention of 400 days and a cloud-native architecture, Devo is a robust platform for long-term analysis and compliance requirements. Though opportunities exist to improve browser stability on large searches, SOAR integrations, and its parser capabilities, Devo remains essential for incident response and security monitoring, offering centralized data storage and analysis.

What are Devo's most important features?
  • Activeboards: Facilitate visual analytics and data exploration.
  • High-Speed Search: Enables fast data querying and manipulation.
  • Real-Time Analytics: Supports instant insights and decision-making.
  • Multi-Tenant Architecture: Allows effective data segregation and customization.
  • Extended Data Retention: Offers 400-day log retention for compliance and analysis.
  • Complex Log Integration: Handles intricate data sources effortlessly.
What benefits and ROI should organizations look for in reviews?
  • Visual Insights: Enhance understanding through interactive dashboards.
  • Performance Efficiency: Saves time with high-speed data search and real-time results.
  • Customization Flexibility: Fits specific business requirements with multi-tenant architecture.
  • Long-Term Compliance: Ensures alignment with extended data retention needs.
  • Centralized Monitoring: Enables comprehensive incident response and security monitoring.

Devo is extensively used in industries focused on incident response and digital forensics, centralizing data for security monitoring across hybrid environments. Organizations benefit from its ability to store and analyze aggregated logs, creating alerts and dashboards to enhance visibility for network and endpoint activities in multi-domain settings.

Devo
 

Sample Customers

Council Rock School District
United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
Buyer's Guide
AlienVault OSSIM vs. Devo
June 2026
Free Report: AlienVault OSSIM vs. Devo
Find out what your peers are saying about AlienVault OSSIM vs. Devo and other solutions. Updated: June 2026.
DOWNLOAD NOW
900,644 professionals have used our research since 2012.
See our AlienVault OSSIM vs. Devo report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.