Coming October 25: PeerSpot Awards will be announced! Learn more

ArcSight Interset / Intelligence vs LogPoint comparison

Cancel
You must select at least 2 products to compare!
Devo Logo
Read 15 Devo reviews
14,037 views|5,387 comparisons
LogPoint Logo
3,793 views|2,107 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between ArcSight Interset / Intelligence and LogPoint based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed ArcSight Interset / Intelligence vs. LogPoint report (Updated: September 2022).
635,162 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way.""The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us.""The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them.""In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time.""The real-time analytics of security-related data are super. There are a lot of data feeds going into it and it's very quick at pulling up and correlating the data and showing you what's going on in your infrastructure. It's fast. The way that their architecture and technology works, they've really focused on the speed of query results and making sure that we can do what we need to do quickly. Devo is pulling back information in a fast fashion, based on real-time events.""The most valuable feature is that it has native MSSP capabilities and maintains perfect data separation. It does all of that in a very easy-to-manage cloud-based solution.""Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data.""The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."

More Devo Pros →

"We found the correlation engine to be very good. It takes logs from different types of devices and does the correlation in a good way."

More ArcSight Interset / Intelligence Pros →

"The solution's most valuable aspect is the combination of the software and the support that they have.""It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them.""The most beneficial was being able to prove, with proper reports, that from a compliance perspective, the company is in control. The service part of LogPoint did modifications or did some additional work to have the proper reports defined.""The most valuable features are the ones that we use the most, which are the search and report facilities.""They basically charge you in a better way.""The search feature is valuable. The dashboards are also valuable for our bosses. Another valuable feature, which is the main feature of the product, is the centralization of all the logs.""It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline.""The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."

More LogPoint Pros →

Cons
"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design.""Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data.""There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space.""We only use the core functionality and one of the reasons for this is that their security operation center needs improvement.""The overall performance of extraction could be a lot faster, but that's a common problem in this space in general. Also, the stock or default alerting and detecting options could definitely be broader and more all-encompassing. The fact that they're not is why we had to write all our own alerts.""Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution.""Technical support could be better.""The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets."

More Devo Cons →

"The frequency of the updates that we are getting can be improved because the number and types of incidents that are happening at the global level are far more than what we are receiving. The frequency of updates feeds related to our rules should be increased. There should be more frequent information about the new rules that are coming and the global threats that are happening. There should be better options for dashboard creation. At present, the dashboards are good, but there is scope to make them better."

More ArcSight Interset / Intelligence Cons →

"In terms of functionality, it is very good. The only issue is the documentation. Its documentation should be improved.""One of the downsides is it is not a SaaS solution. It must be on-premises.""LogPoint can improve its dashboards. We are not able to customize the dashboard when creating them. They only have preset dashboards which do not have exactly what we are looking for.""The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness.""It is a good product, but its interface or GUI could be better.""One of the things we faced last year was that we had some memory issues with the server running. We were running them as virtual services, and we were facing some performance issues. Back then, there were some things that had already been solved at the end, but one of the small issues we had was that it was quite memory-consuming. After one upgrade that we did, we faced some performance issues.""I know that they have user behavior analytics, but it's an extra cost for this feature. It would be nice if it was in with the standard products.""The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."

More LogPoint Cons →

Pricing and Cost Advice
  • "I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."
  • "Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."
  • "[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."
  • "Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
  • "Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
  • "Our licensing fees are billed annually and per terabyte."
  • "I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
  • "Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."
  • More Devo Pricing and Cost Advice →

  • "Its price is average and not very high. Splunk might be a bit cheaper than this. Its licensing is on a monthly basis."
  • More ArcSight Interset / Intelligence Pricing and Cost Advice →

  • "It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value."
  • "LogPoint seemed like it was a good product, but it was expensive and there wasn't any room to move the pricing when customers needed a lower-costing solution."
  • "It has a fixed price, which is what I like about LogPoint. I bought the system and paid for it, and I pay maintenance. It is not a consumption model. Most SIEMs or most of the log management systems are consumption-based, which means that you pay for how many logs you have in the system. That's a real problem because logs can grow very quickly in different circumstances, and when you have a variable price model, you never know what you're going to pay. Splunk is notoriously expensive for that reason. If you use Splunk or QRadar, it becomes expensive because there are not just the logs; you also have to parse the logs and create indexes. Those indexes can be very expensive in terms of space. Therefore, if they charge you by this space, you can end up paying a significant amount of money. It can be more than what you expect to pay. I like the fact that LogPoint has a fixed cost. I know what I'm going to pay on a yearly basis. I pay that, and I pay the maintenance, and I just make it work."
  • "It was on a yearly basis at about $100K. It was not a huge environment. We were running it on our own virtual server environment, which, of course, had a cost. There was hardware and some energy cost, and then there were Microsoft Windows licenses for servers. That's all, but there was nothing in comparison to the licensing costs."
  • More LogPoint Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    635,162 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Devo, like other vendors, doesn't charge extra for playbooks and automation. That way, you are only paying for the side… more »
    Top Answer:I need more empowerment in reporting. For example, when I'm using Qlik or Power BI in terms of reporting for the… more »
    Top Answer:We found the correlation engine to be very good. It takes logs from different types of devices and does the correlation… more »
    Top Answer:Its price is average and not very high. Splunk might be a bit cheaper than this. Its licensing is on a monthly basis.
    Top Answer:The frequency of the updates that we are getting can be improved because the number and types of incidents that are… more »
    Top Answer:They basically charge you in a better way.
    Top Answer:LogPoint seemed like it was a good product, but it was expensive and there wasn't any room to move the pricing when… more »
    Top Answer:It wasn't one of the products we stressed for our customers just because it was a higher-end service. Our customers were… more »
    Comparisons
    Also Known As
    FileTrek, Interset UEBA, Micro Focus Interset UEBA, Micro Focus Interset, ArcSight Interset
    Learn More
    Overview

    Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

    Interset provides an insider and targeted outsider threat detection solution to protect sensitive data, such as intellectual property, trade secrets, and classified files. Interset proactively detects enterprise threats and enables immediate forensic investigation allowing IT teams to stop attacks before data is compromised. It uses agentless data collectors, lightweight endpoint sensors, advanced behavioral analytics, and an intuitive user interface for providing visibility over sensitive data, enabling early attack detection and actionable forensic intelligence without false positives or white noise.

    LogPoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs. 

    Benefits of LogPoint

    Some of the benefits of using LogPoint include:

    • Unifies data logs: LogPoint creates a single system of classification for collected data. It makes it easy for users to search for and find data, which aids users when they are creating reports or alerts. Users can conserve resources while at the same time seeing a rise in the efficiency of their business operations.
    • Intuitive solution design: LogPoint is designed so that anyone can utilize all of its features, even if they are not an expert in network security. LogPoint’s UI is simple enough that users can utilize it without undergoing extensive training. 
    • Highly flexible: LogPoint is designed so that users can scale it linearly to accommodate projects that are large and complex. This allows users to expand the scope of their projects according to their needs without worrying that their infrastructure won’t be able to handle the increase in size. The solution’s security features can be deployed both on the cloud and in a physical environment. 
    • Simple role-based access security: LogPoint allows administrators to employ Microsoft’s active directory (AD) and a Lightweight Directory Access Protocol to manage user access. These can help administrators protect their systems from being abused or otherwise harmed by bad actors. 

    Reviews from Real Users

    LogPoint is a security and management solution that stands out among its competitors for a number of reasons. Two major ones are its data gathering and artificial intelligence (AI) capabilities. LogPoint enables users to not only gather the data, but also to maximize both the amount of data that can be gathered and its usefulness. It removes many of the challenges that users may face in data collection. The solution allows users to set rules for collection and then it pulls information from sources that meet the rules that have been set. This data is then broken into manageable segments and ordered. Users can then analyze these ordered segments with ease. Additionally, LogPoint utilizes both machine learning and AI technology. Users gain the ability to protect themselves from and if necessary resolve emerging threats as soon as they arise. The AI sets security parameters for a user’s system. These act as a baseline that are triggered and notify the user if anything deviates from the rules that it set up. 

    The chief infrastructure & security officer at a financial services firm writes, “It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parsed because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them.”

    A. Secca., a Cyber Security Analyst at a transportation company, writes, “It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all of the user’s activities. It devises a baseline and monitors if there is any deviation from the baseline.”

    Offer
    See Devo in Action

    See how Devo allows you to free yourself from data management, and make machine data and insights accessible.

    Learn more about ArcSight Interset / Intelligence
    Learn more about LogPoint
    Sample Customers
    United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
    Accuvant, Splunk Inc., NuTech, Box, rSolutions, Voodoo Technology Limited
    AP Pension, Copenhagen Airports, KMD, Terma, DISA, Danish Crown, Durham City Council, Game, TopDanmark, Lahti Energia, Energi Midt, Synoptik, Eissmann Group Automotive, Aligro, CG50...
    Top Industries
    REVIEWERS
    Computer Software Company63%
    Comms Service Provider13%
    Retailer13%
    Insurance Company13%
    VISITORS READING REVIEWS
    Computer Software Company22%
    Comms Service Provider14%
    Financial Services Firm9%
    Government9%
    VISITORS READING REVIEWS
    Computer Software Company31%
    Financial Services Firm12%
    Comms Service Provider9%
    Government7%
    VISITORS READING REVIEWS
    Computer Software Company24%
    Comms Service Provider19%
    Government8%
    Retailer5%
    Company Size
    REVIEWERS
    Small Business24%
    Midsize Enterprise18%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise16%
    Large Enterprise62%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise7%
    Large Enterprise69%
    REVIEWERS
    Small Business50%
    Midsize Enterprise14%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise17%
    Large Enterprise55%
    Buyer's Guide
    Security Information and Event Management (SIEM)
    September 2022
    Find out what your peers are saying about Splunk, IBM, Microsoft and others in Security Information and Event Management (SIEM). Updated: September 2022.
    635,162 professionals have used our research since 2012.

    ArcSight Interset / Intelligence is ranked 26th in Security Information and Event Management (SIEM) with 1 review while LogPoint is ranked 12th in Security Information and Event Management (SIEM) with 8 reviews. ArcSight Interset / Intelligence is rated 8.0, while LogPoint is rated 7.8. The top reviewer of ArcSight Interset / Intelligence writes "Good correlation engine, average price, stable, and easy to deploy". On the other hand, the top reviewer of LogPoint writes "Collects logs from different systems, works extremely fast, and has a predictable cost model". ArcSight Interset / Intelligence is most compared with Microsoft Sentinel, ArcSight Enterprise Security Manager (ESM), Splunk User Behavior Analytics and Exabeam Fusion SIEM, whereas LogPoint is most compared with Splunk, Microsoft Sentinel, LogRhythm NextGen SIEM, IBM QRadar and Elastic Security.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.