Try our new research platform with insights from 80,000+ expert users

AlienVault OSSIM vs Devo comparison

AT&T and Devo are both solutions in the Security Information and Event Management (SIEM) category. AT&T is ranked #11 with an average rating of 7.3, while Devo is ranked #25 with an average rating of 8.5. AT&T holds a 3.2% mindshare in SIEM, compared to Devo’s 1.1% mindshare. Additionally, 80% of AT&T users are willing to recommend the solution, compared to 95% of Devo users who would recommend it.
AlienVault OSSIM
Read 31 AlienVault OSSIM reviews
  • 5,143 Views
  • 5,040 Comparison Views
80% willing to recommend
Devo
Read 22 Devo reviews
  • 2,681 Views
  • 1,823 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

Devo and AlienVault OSSIM are two leading products in the network security space. Devo seems to have the upper hand due to its advanced data analytics capabilities and user-friendly approach, while AlienVault OSSIM is favored for its comprehensive threat detection features.

Features: Devo provides powerful data analytics, real-time monitoring, and seamless integration capabilities. AlienVault OSSIM stands out with built-in security tools, threat intelligence, and incident response features. Devo offers strong analytics, while AlienVault OSSIM delivers a comprehensive security package.

Room for Improvement: Users suggest Devo could benefit from enhanced reporting, more intuitive configuration options, and refining existing features. AlienVault OSSIM users wish for improved scalability, better documentation, and enhanced overall usability and support materials.

Ease of Deployment and Customer Service: Devo is frequently praised for its straightforward deployment process and responsive customer service. AlienVault OSSIM has a more complex deployment model which can be challenging for new users. AlienVault OSSIM's customer service, while helpful, sometimes lacks the quick response times reported by Devo users.

Pricing and ROI: Devo has a more appealing pricing model and is often seen as providing better ROI due to its efficiency and cost-effectiveness. AlienVault OSSIM tends to have higher setup costs but compensates with its comprehensive feature set, which users find justifies the investment. While Devo is more budget-friendly, AlienVault OSSIM delivers a balanced ROI with its wide range of capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AlienVault OSSIM vs. Devo Report (Updated: July 2025).
Buyer's Guide
AlienVault OSSIM vs. Devo
July 2025
Download the complete report
Helped 865,164 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AlienVault OSSIM
Ranking in Security Information and Event Management (SIEM)
11th
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
31
Ranking in other categories
No ranking in other categories
Devo
Ranking in Security Information and Event Management (SIEM)
25th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
22
Ranking in other categories
Log Management (25th), IT Operations Analytics (9th), AIOps (18th)
 

Mindshare comparison

As of August 2025, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 3.2%, down from 4.3% compared to the previous year. The mindshare of Devo is 1.1%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

HarshBhardiya - PeerSpot reviewer
An open-source solution that provide good detection and more visibility
The solution is not scalable. It impacts so hard. In the initial stages, AlienVault OSSIM can be suitable for small environments. There may be limitations if the customer expresses a desire to expand and add more devices. In such cases, we would need to either explore additional solutions or work within the constraints of the existing setup. We have set up alerts and configured everything in AlienVault OSSIM. It actively monitors for any security incidents. It provides us with regular updates and notifications about any ongoing activities. Only one person is using the solution. It is the perfect solution for small businesses. I rate the solution’s scalability a three out of ten.
Read full review
Michael Wenn - PeerSpot reviewer
Has cloud-first architecture with SIEM technology to run security operations
When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"The most valuable feature is the logging capability."
"The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable at least you can do something about it."
"AlienVault OSSIM is an enterprise solution that sells easily. It is rated highly by organizations."
"It has helped us remediate threats in the past by providing significant events that assisted in identifying suspicious activities, such as logins from multiple countries."
"The product is easy to use."
"The most valuable features of AlienVault OSSIM are vulnerability assessment, network intrusion detection system, response to critical events, and awareness of the whole network."
"Better than other SIEM solutions because almost everything can be integrated."
More AlienVault OSSIM pros
"Being able to build and modify dashboards on the fly with Activeboards streamlines my analyst time because my analysts aren't doing it across spreadsheets or five different tools to try to build a timeline out themselves. They can just ingest it all, build a timeline out across all the logging, and all the different information sources in one dashboard. So, it's a huge time saver. It also has the accuracy of being able to look at all those data sources in one view. The log analysis, which would take 40 hours, we can probably get through it in about five to eight hours using Devo."
"The most valuable feature is that it has native MSSP capabilities and maintains perfect data separation. It does all of that in a very easy-to-manage cloud-based solution."
"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."
"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."
"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way."
"The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."
"Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data."
"The most useful feature for us, because of some of the issues we had previously, was the simplicity of log integrations. It's much easier with this platform to integrate log sources that might not have standard logging and things like that."
More Devo pros
 

Cons

"There needs to be more support or some kind of training program so users can self-learn the system more effectively."
"It's so hard to configure and explore something new on it."
"Lacking in depth of reporting."
"They can add more compliance templates."
"The user interface needs to be friendlier across the board."
"The documentation could be improved."
"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."
"There are somewhat more false positives with the user behavior analytics, which could benefit from an additional machine learning model to detect user patterns more rapidly."
More AlienVault OSSIM cons
"There's always room to reduce the learning curve over how to deal with events and machine data. They could make the machine data simpler."
"Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data."
"The price is one problem with Devo."
"The overall performance of extraction could be a lot faster, but that's a common problem in this space in general. Also, the stock or default alerting and detecting options could definitely be broader and more all-encompassing. The fact that they're not is why we had to write all our own alerts."
"They can improve their AI capabilities"
"Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better."
"We only use the core functionality and one of the reasons for this is that their security operation center needs improvement."
"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."
More Devo cons
 

Pricing and Cost Advice

"The tool's licensing costs are yearly."
"AlienVault OSSIM is an open-source solution."
"AlienVault pricing is the best. Whatever cost you are paying, you are getting a return on every penny... It's not like your IBM, your QRadar, or Splunk, where the cost is too high."
"The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this."
"I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log."
"We are using the community version, which can be used for free."
"OSSIM is free."
"OSSIM is open source, and USM is the paid license. So, if you want, you can switch to USM. There you will have to buy a license, and they have a support team that helps you out on issues you face."
More AlienVault OSSIM pricing and cost advice
"Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
"The way Devo prices things is based on the amount of data, and I wish the tiers had more granularity. Maybe at this point they do, but when we first negotiated with them, there were only three or four tiers."
"It's very competitive. That was also a primary draw for us. Some of the licensing models with solutions like Splunk and Sentinel were attractive upfront, but there were so many micro-charges and services we would've had to add on to make them what we wanted. We had to include things like SOAR and extended capabilities, whereas all those capabilities are completely included with the Devo platform. I haven't seen any additional fee."
"Devo is a hosted or subscription-based solution, whereas before, we purchased QRadar, so we owned it and just had to pay a maintenance fee. We've encountered this with some other products, too, where we went over to subscription-based. Our thought process is that with subscription based, the provider hosts and maintains the tool, and it's offsite. That comes with some additional fees, but we were able to convince our upper management it was worth the price. We used to pay under 10k a year for maintenance, and now we're paying ten times that. It was a relatively tough sell to our management, but I wonder if we have a choice anymore; this is where the market is."
"Our licensing fees are billed annually and per terabyte."
"Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."
"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
"I rate the pricing a four on a scale of one to ten, where one is cheap, and ten is expensive."
More Devo pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
865,164 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Comms Service Provider
11%
University
8%
Educational Organization
8%
Financial Services Firm
16%
Computer Software Company
11%
University
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about AlienVault OSSIM?
Asset discovery is good.
See all answers
What is your experience regarding pricing and costs for AlienVault OSSIM?
It depends. I would need to review their cost models, but generally, they are on a scaled basis based on throughput usage. Because it's a software as a service solution for their core product for U...
See all answers
What needs improvement with AlienVault OSSIM?
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implement...
See all answers
What do you like most about Devo?
Devo has a really good website for creating custom configurations.
See all answers
What is your experience regarding pricing and costs for Devo?
Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.
See all answers
What needs improvement with Devo?
They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...
See all answers
 

Comparisons

Wazuh vs AlienVault OSSIM Logo
Wazuh vs AlienVault OSSIM
Compared 71% of the time
USM Anywhere vs AlienVault OSSIM Logo
USM Anywhere vs AlienVault OSSIM
Compared 6% of the time
Venusense USM vs AlienVault OSSIM Logo
Venusense USM vs AlienVault OSSIM
Compared 4% of the time
Elastic Security vs AlienVault OSSIM Logo
Elastic Security vs AlienVault OSSIM
Compared 4% of the time
Splunk Enterprise Security vs AlienVault OSSIM Logo
Splunk Enterprise Security vs AlienVault OSSIM
Compared 4% of the time
More AlienVault OSSIM Competitors
Splunk Enterprise Security vs Devo Logo
Splunk Enterprise Security vs Devo
Compared 14% of the time
IBM Security QRadar vs Devo Logo
IBM Security QRadar vs Devo
Compared 14% of the time
Microsoft Sentinel vs Devo Logo
Microsoft Sentinel vs Devo
Compared 13% of the time
LogRhythm SIEM vs Devo Logo
LogRhythm SIEM vs Devo
Compared 12% of the time
Wazuh vs Devo Logo
Wazuh vs Devo
Compared 5% of the time
More Devo Competitors
 

Product Reports

Buyer's Guide
AlienVault OSSIM
August 2025
AlienVault OSSIM reportDownload AlienVault OSSIM product report
Buyer's Guide
Devo
August 2025
Devo reportDownload Devo product report
 

Also Known As

OSSIM
No data available
 

Overview

AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

AT&T

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Devo
 

Sample Customers

Council Rock School District
United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
Buyer's Guide
AlienVault OSSIM vs. Devo
July 2025
Free Report: AlienVault OSSIM vs. Devo
Find out what your peers are saying about AlienVault OSSIM vs. Devo and other solutions. Updated: July 2025.
DOWNLOAD NOW
865,164 professionals have used our research since 2012.
See our AlienVault OSSIM vs. Devo report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.