Try our new research platform with insights from 80,000+ expert users

ArcSight Intelligence vs Devo comparison

OpenText and Devo are both solutions in the Security Information and Event Management (SIEM) category. OpenText is ranked #39 with an average rating of 8.0, while Devo is ranked #26 with an average rating of 8.5. OpenText holds a 0.3% mindshare in SIEM, compared to Devo’s 1.1% mindshare. Additionally, 80% of OpenText users are willing to recommend the solution, compared to 95% of Devo users who would recommend it.
ArcSight Intelligence
Read 5 ArcSight Intelligence reviews
  • 460 Views
  • 305 Comparison Views
80% willing to recommend
Devo
Read 22 Devo reviews
  • 2,078 Views
  • 1,007 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

ArcSight Intelligence and Devo compete in the security information and event management (SIEM) space. Based on user reviews, ArcSight Intelligence excels in features and ease of deployment, while Devo stands out for pricing and support.

Features: ArcSight Intelligence is praised for its advanced threat detection and response capabilities, seamless data integration, and robust analytics. Devo is noted for real-time visibility, comprehensive log management, and scalability. ArcSight Intelligence offers deeper analytics, while Devo provides superior live data monitoring.

Room for Improvement: Users highlight that ArcSight Intelligence could benefit from a more intuitive learning curve and enhanced documentation. Devo users suggest greater flexibility in customization and improved historical data analysis. Both products have distinct improvement needs, with ArcSight focusing on usability and Devo on adaptability.

Ease of Deployment and Customer Service: ArcSight Intelligence is commended for its straightforward deployment process and responsive customer support. Devo is appreciated for fast setup times and proactive service. ArcSight is user-friendly during deployment, whereas Devo offers quicker onboarding and better post-deployment assistance.

Pricing and ROI: ArcSight Intelligence is perceived as having a higher initial setup cost but delivers strong long-term ROI. Devo is valued for its competitive pricing model and quicker financial returns. Users feel ArcSight's ROI justifies its cost, while Devo's lower price point offers substantial short-term value.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ArcSight Intelligence vs. Devo Report (Updated: April 2025).
Buyer's Guide
ArcSight Intelligence vs. Devo
April 2025
Download the complete report
Helped 850,491 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Intelligence
Ranking in Security Information and Event Management (SIEM)
39th
Average Rating
8.0
Reviews Sentiment
6.6
Number of Reviews
5
Ranking in other categories
User Entity Behavior Analytics (UEBA) (14th)
Devo
Ranking in Security Information and Event Management (SIEM)
26th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
22
Ranking in other categories
Log Management (27th), IT Operations Analytics (6th), AIOps (17th)
 

Mindshare comparison

As of May 2025, in the Security Information and Event Management (SIEM) category, the mindshare of ArcSight Intelligence is 0.3%, down from 0.3% compared to the previous year. The mindshare of Devo is 1.1%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Pravir KumarSinha - PeerSpot reviewer
Has essential threat detection capabilities, but the features for intelligence need enhancement
We integrated this tool with our security infrastructure. We installed it on a Linux server, where we have a Logger and ESM installed. With the Linux server as the hub, we manage all the configurations and rules, including those for email triggers. The logs are routed through a connector to the Logger, allowing us to monitor our infrastructure effectively. The platform helps us improve threat detection capabilities. I recommend it to others and rate it a seven out of ten.
Read full review
Michael Wenn - PeerSpot reviewer
Has cloud-first architecture with SIEM technology to run security operations
When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We found the correlation engine to be very good. It takes logs from different types of devices and does the correlation in a good way."
"The product has a valuable interface."
"The most valuable feature of ArcSight Intelligence is a single console where the entire dashboard gives all the connected details in a single place."
"The ability to tailor an environment to suit our specific use cases is a major advantage of ArcSight compared to other logging servers such as Splunk."
"The platform helps us improve threat detection capabilities."
"Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data."
"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events."
"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."
"Scalability is one of Devo's strengths."
"It centralizes security management within a business, functioning as a core system for a SOC."
"The most useful feature for us, because of some of the issues we had previously, was the simplicity of log integrations. It's much easier with this platform to integrate log sources that might not have standard logging and things like that."
"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."
"The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."
More Devo pros
 

Cons

"We haven't found the product fully scalable."
"The dashboard is not user-friendly and is in black and white."
"ArcSight Intelligence's pricing needs improvement."
"The frequency of the updates that we are getting can be improved because the number and types of incidents that are happening at the global level are far more than what we are receiving. The frequency of updates feeds related to our rules should be increased. There should be more frequent information about the new rules that are coming and the global threats that are happening. There should be better options for dashboard creation. At present, the dashboards are good, but there is scope to make them better."
"ArcSight Intelligence is a bit slower, and its speed should be improved."
"From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments."
"Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better."
"The price is one problem with Devo."
"There's always room to reduce the learning curve over how to deal with events and machine data. They could make the machine data simpler."
"My opinion on the solution's technical support is not as great as it could be because of the issues I have faced regarding the service management element."
"Technical support could be better."
"An admin who is trying to audit user activity usually cannot go beyond a day in the UI. I would like to have access to pages and pages of that data, going back as far as the storage we have, so I could look at every command or search or deletion or anything that a user has run. As an admin, that would really help. Going back just a day in the UI is not going to help, and that means I have to find a different way to do that."
"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design."
More Devo cons
 

Pricing and Cost Advice

"They offer perpetual licenses for the product."
"ArcSight Intelligence is an expensive solution."
"It is an expensive platform."
"Its price is average and not very high. Splunk might be a bit cheaper than this. Its licensing is on a monthly basis."
"The solution is expensive and only suitable for enterprise environments."
"Our licensing fees are billed annually and per terabyte."
"I rate the pricing a four on a scale of one to ten, where one is cheap, and ten is expensive."
"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."
"It's very competitive. That was also a primary draw for us. Some of the licensing models with solutions like Splunk and Sentinel were attractive upfront, but there were so many micro-charges and services we would've had to add on to make them what we wanted. We had to include things like SOAR and extended capabilities, whereas all those capabilities are completely included with the Devo platform. I haven't seen any additional fee."
"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
"Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."
"Devo is a hosted or subscription-based solution, whereas before, we purchased QRadar, so we owned it and just had to pay a maintenance fee. We've encountered this with some other products, too, where we went over to subscription-based. Our thought process is that with subscription based, the provider hosts and maintains the tool, and it's offsite. That comes with some additional fees, but we were able to convince our upper management it was worth the price. We used to pay under 10k a year for maintenance, and now we're paying ten times that. It was a relatively tough sell to our management, but I wonder if we have a choice anymore; this is where the market is."
"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
More Devo pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
850,491 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
Read full review
 

Top Industries

By visitors reading reviews
Government
20%
Computer Software Company
17%
Financial Services Firm
9%
Manufacturing Company
8%
Financial Services Firm
18%
Computer Software Company
15%
University
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about ArcSight Interset / Intelligence?
The platform helps us improve threat detection capabilities.
See all answers
What is your experience regarding pricing and costs for ArcSight Interset / Intelligence?
They offer perpetual licenses for the product.
See all answers
What needs improvement with ArcSight Interset / Intelligence?
The product could be improved in several areas; it currently requires significant enhancement. Compared to QRadar and Splunk, ArcSight Intelligence falls behind, placing it as the third choice amon...
See all answers
What do you like most about Devo?
Devo has a really good website for creating custom configurations.
See all answers
What is your experience regarding pricing and costs for Devo?
Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.
See all answers
What needs improvement with Devo?
They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...
See all answers
 

Comparisons

ArcSight Enterprise Security Manager (ESM) vs ArcSight Intelligence Logo
ArcSight Enterprise Security Manager (ESM) vs ArcSight Intelligence
Compared 100% of the time
More ArcSight Intelligence Competitors
IBM Security QRadar vs Devo Logo
IBM Security QRadar vs Devo
Compared 17% of the time
Splunk Enterprise Security vs Devo Logo
Splunk Enterprise Security vs Devo
Compared 17% of the time
Microsoft Sentinel vs Devo Logo
Microsoft Sentinel vs Devo
Compared 16% of the time
Wazuh vs Devo Logo
Wazuh vs Devo
Compared 6% of the time
LogRhythm SIEM vs Devo Logo
LogRhythm SIEM vs Devo
Compared 6% of the time
More Devo Competitors
 

Product Reports

Buyer's Guide
Security Information and Event Management (SIEM)
April 2025
ArcSight Intelligence reportDownload ArcSight Intelligence product report
Buyer's Guide
Devo
May 2025
Devo reportDownload Devo product report
 

Also Known As

ArcSight Interset / Intelligence, FileTrek, Interset UEBA, Micro Focus Interset UEBA, Micro Focus Interset, ArcSight Interset
No data available
 

Overview

Empower your threat hunting team to pre-empt elusive attacks with anomaly detection powered by security AI to find insider threats, zero-day attacks, and APTs.

OpenText

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Devo
 

Sample Customers

Accuvant, Splunk Inc., NuTech, Box, rSolutions, Voodoo Technology Limited
United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
Buyer's Guide
ArcSight Intelligence vs. Devo
April 2025
Free Report: ArcSight Intelligence vs. Devo
Find out what your peers are saying about ArcSight Intelligence vs. Devo and other solutions. Updated: April 2025.
DOWNLOAD NOW
850,491 professionals have used our research since 2012.
See our ArcSight Intelligence vs. Devo report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.