No more typing reviews! Try our Samantha, our new voice AI agent.

CompassOne by Blackpoint Cyber vs Devo comparison

Blackpoint Cyber and Devo are both solutions in the Security Information and Event Management (SIEM) category. Blackpoint Cyber is ranked #38 with an average rating of 9.5, while Devo is ranked #26 with an average rating of 8.0. Blackpoint Cyber holds a 0.5% mindshare in SIEM, compared to Devo’s 1.2% mindshare. Additionally, 100% of Blackpoint Cyber users are willing to recommend the solution, compared to 95% of Devo users who would recommend it.
CompassOne by Blackpoint Cyber
Read 5 CompassOne by Blackpoint Cyber reviews
  • 4,091 Views
  • 777 Comparison Views
100% willing to recommend
Devo
Read 23 Devo reviews
  • 5,226 Views
  • 3,031 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Mar 15, 2026

Devo and CompassOne by Blackpoint Cyber are competitive solutions in the cybersecurity domain. Devo has the upper hand in pricing and customer support while CompassOne excels in advanced features.

Features: Devo offers high scalability, real-time data analytics with Activeboards, and a user-friendly analytics dashboard. CompassOne provides advanced threat detection, incident response tools, and comprehensive threat intelligence integration.

Room for Improvement: Devo could enhance its data parsing process, improve integration with third-party tools, and refine alerting mechanisms. CompassOne might improve deployment complexity, simplify user interface navigation, and increase flexibility in custom reporting.

Ease of Deployment and Customer Service: Devo's deployment is straightforward, supported by responsive customer service, making integration seamless. CompassOne, though having a more complex deployment, offers comprehensive support and guidance throughout the process.

Pricing and ROI: Devo presents a cost-effective solution with substantial ROI, appealing to budget-conscious enterprises. In contrast, CompassOne demands a higher initial investment, justified by its feature-rich capabilities, potentially leading to a greater long-term return.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed CompassOne by Blackpoint Cyber vs. Devo Report (Updated: April 2026).
Buyer's Guide
CompassOne by Blackpoint Cyber vs. Devo
April 2026
Download the complete report
Helped 894,738 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CompassOne by Blackpoint Cyber
Ranking in Security Information and Event Management (SIEM)
38th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
5
Ranking in other categories
Vulnerability Management (45th), Endpoint Detection and Response (EDR) (38th), Application Control (10th), Managed Detection and Response (MDR) (10th)
Devo
Ranking in Security Information and Event Management (SIEM)
26th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
23
Ranking in other categories
Log Management (27th), IT Operations Analytics (7th), AIOps (19th)
 

Mindshare comparison

As of May 2026, in the Security Information and Event Management (SIEM) category, the mindshare of CompassOne by Blackpoint Cyber is 0.5%, up from 0.1% compared to the previous year. The mindshare of Devo is 1.2%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Devo1.2%
CompassOne by Blackpoint Cyber0.5%
Other98.3%
Security Information and Event Management (SIEM)
 

Featured Reviews

Gary Herbstman - PeerSpot reviewer
Gary Herbstman
Owner at Byte Solutions Inc.
Experienced reduced alert fatigue with streamlined notifications
We use Blackpoint Cyber MDR for our higher-end clients who need a higher level of control over security I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real. This feature ensures that I am notified only…
Read full review
FR
Francisco JavierRomo
Strategic Account Executive at a computer software company with 51-200 employees
Has improved investigative workflows with interactive dashboards and simplified data correlation
The data analytics cloud component focuses on real-time analytics, which is very impressive. The SIEM collects and correlates logs data from different sources and can integrate with ServiceNow, hardware asset management, and software asset management. The security orchestration, automation, and response (SOAR) is another valuable feature. The security data platform serves as the foundation of Devo. Regarding advanced query capabilities, Devo offers several models including query logs, visual query builder, language integrated query, and SQL, with SQL being the most frequently used querying data capability. The single pane of glass that Devo offers is the SOC. The tools in Devo's active ports are for investigating, not just viewing data. They are more interactive than other market solutions. The drill-down reports capabilities allow analysts to click on any element in a widget. When they see a spike in a line chart for a failed login, which could be a true or false attempt, they can click that spike, and a table widget on the same active board instantly populates with raw logs of data for those specific failed logins. This is particularly important for enterprise companies with numerous endpoints and users. The dynamic filtering of inputs significantly reduces the time cybersecurity analysts spend trying to figure out failed logins and identifying false positives.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"On my end, the most valuable feature of this solution is that I can install it and forget about it. After that, their SOC team takes over and they only call me when there's a problem."
"On a scale from one to ten, I would rate the overall solution as a ten."
"The solution also watches over Microsoft 365 and keeps a copy of logs."
"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."
"The solution is all encompassing and can incorporate email monitoring."
"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."
"Their SOC is phenomenal in not monitoring and responding and taking action."
"The drill-down reports capabilities allow analysts to click on any element in a widget. When they see a spike in a line chart for a failed login, which could be a true or false attempt, they can click that spike, and a table widget on the same active board instantly populates with raw logs of data for those specific failed logins."
"Even if it's a relatively technical tool or platform, it's very intuitive and graphical. It's very appealing in terms of the user interface. The UI has a graphically interface with the raw data in a table. The table can be as big as you want it, depending on your use case. You can easily get a report combining your data, along with calculations and graphical dashboards. You don't need a lot of training, because the UI is relatively very intuitive."
"Being able to build and modify dashboards on the fly with Activeboards streamlines my analyst time because my analysts aren't doing it across spreadsheets or five different tools to try to build a timeline out themselves. They can just ingest it all, build a timeline out across all the logging, and all the different information sources in one dashboard. So, it's a huge time saver. It also has the accuracy of being able to look at all those data sources in one view. The log analysis, which would take 40 hours, we can probably get through it in about five to eight hours using Devo."
"The real-time analytics of security-related data are super. There are a lot of data feeds going into it and it's very quick at pulling up and correlating the data and showing you what's going on in your infrastructure. It's fast. The way that their architecture and technology works, they've really focused on the speed of query results and making sure that we can do what we need to do quickly. Devo is pulling back information in a fast fashion, based on real-time events."
"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."
"Overall, using Devo has saved us time when compared to our previous security solutions, and I estimate that it took us 10 times longer to achieve the same thing without Devo."
"The ROI has been great as we could launch it in a few months instead of a couple of years, and when you put all the costs together, it is less to have done it than with the open source approach."
"We can ingest virtually any log source, which is much better than our previous solution."
More Devo pros
 

Cons

"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."
"The feature we keep asking for is a vulnerability scan."
"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."
"The interface could be more intuitive. More transparency is needed in the interface as a lot of details are hidden behind the scenes, making them difficult or impossible to access."
"The interface could be more intuitive."
"The solution does not tie into other EDR products like CyberArk or CrowdStrike but that might be more useful."
"Some texts seem to report items as normal too quickly."
"Devo has a lot of cloud connectors, but they need to do a little bit of work there. They've got good integrations with the public cloud, but there are a lot of cloud SaaS systems that they still need to work with on integrations, such as Salesforce and other SaaS providers where we need to get access logs."
"An admin who is trying to audit user activity usually cannot go beyond a day in the UI. I would like to have access to pages and pages of that data, going back as far as the storage we have, so I could look at every command or search or deletion or anything that a user has run. As an admin, that would really help. Going back just a day in the UI is not going to help, and that means I have to find a different way to do that."
"An admin who is trying to audit user activity usually cannot go beyond a day in the UI. I would like to have access to pages and pages of that data, going back as far as the storage we have, so I could look at every command or search or deletion or anything that a user has run."
"Some basic reporting mechanisms have room for improvement."
"We only use the core functionality and one of the reasons for this is that their security operation center needs improvement."
"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design."
"My opinion on the solution's technical support is not as great as it could be because of the issues I have faced regarding the service management element."
"From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework, and it seems like it wasn't tuned properly to handle a large volume of Windows event logs."
More Devo cons
 

Pricing and Cost Advice

"The pricing is reasonable."
"The pricing is in line with other products."
"It's very competitive. That was also a primary draw for us. Some of the licensing models with solutions like Splunk and Sentinel were attractive upfront, but there were so many micro-charges and services we would've had to add on to make them what we wanted. We had to include things like SOAR and extended capabilities, whereas all those capabilities are completely included with the Devo platform. I haven't seen any additional fee."
"It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less."
"Devo is a hosted or subscription-based solution, whereas before, we purchased QRadar, so we owned it and just had to pay a maintenance fee. We've encountered this with some other products, too, where we went over to subscription-based. Our thought process is that with subscription based, the provider hosts and maintains the tool, and it's offsite. That comes with some additional fees, but we were able to convince our upper management it was worth the price. We used to pay under 10k a year for maintenance, and now we're paying ten times that. It was a relatively tough sell to our management, but I wonder if we have a choice anymore; this is where the market is."
"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."
"Our licensing fees are billed annually and per terabyte."
"Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."
"We have an OEM agreement with Devo. It is very similar to the standard licensing agreement because we are charged in the same way as any other customer, e.g., we use the backroom."
"I rate the pricing a four on a scale of one to ten, where one is cheap, and ten is expensive."
More Devo pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
894,738 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
11%
Financial Services Firm
9%
Outsourcing Company
7%
Healthcare Company
7%
Financial Services Firm
13%
Construction Company
8%
Computer Software Company
8%
Outsourcing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise4
Large Enterprise11
 

Questions from the Community

What is your experience regarding pricing and costs for Blackpoint Cyber MDR?
The pricing is great considering what we are receiving.
See all answers
What needs improvement with Blackpoint Cyber MDR?
While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement.
See all answers
What is your primary use case for Blackpoint Cyber MDR?
The solution serves as a baseline security offering. We have implemented it for every client that we do business with.
See all answers
What is your experience regarding pricing and costs for Devo?
Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.
See all answers
What needs improvement with Devo?
The single pane of glass that Devo offers could be improved. The tools in Devo's active ports need enhancement in their investigative capabilities. The drill-down reports capabilities, while useful...
See all answers
What is your primary use case for Devo?
During my time at MetaBase Q and as a partner integrator of ServiceNow, I had the chance to understand and be part of projects integrating SOCs, NOCs, and Security Operation Centers with Devo. Most...
See all answers
 

Comparisons

Huntress Managed EDR vs CompassOne by Blackpoint Cyber Logo
Huntress Managed EDR vs CompassOne by Blackpoint Cyber
Compared 12% of the time
Adlumin Security Operations vs CompassOne by Blackpoint Cyber Logo
Adlumin Security Operations vs CompassOne by Blackpoint Cyber
Compared 8% of the time
SentinelOne Wayfinder Threat Detection and Response vs CompassOne by Blackpoint Cyber Logo
SentinelOne Wayfinder Threat Detection and Response vs CompassOne by Blackpoint Cyber
Compared 7% of the time
ConnectWise SIEM vs CompassOne by Blackpoint Cyber Logo
ConnectWise SIEM vs CompassOne by Blackpoint Cyber
Compared 5% of the time
CrowdStrike Falcon Complete MDR vs CompassOne by Blackpoint Cyber Logo
CrowdStrike Falcon Complete MDR vs CompassOne by Blackpoint Cyber
Compared 5% of the time
More CompassOne by Blackpoint Cyber Competitors
LogRhythm SIEM vs Devo Logo
LogRhythm SIEM vs Devo
Compared 9% of the time
Splunk Enterprise Security vs Devo Logo
Splunk Enterprise Security vs Devo
Compared 7% of the time
New Relic vs Devo Logo
New Relic vs Devo
Compared 4% of the time
IBM Security QRadar vs Devo Logo
IBM Security QRadar vs Devo
Compared 3% of the time
Microsoft Sentinel vs Devo Logo
Microsoft Sentinel vs Devo
Compared 3% of the time
More Devo Competitors
 

Product Reports

Buyer's Guide
Managed Detection and Response (MDR)
May 2026
CompassOne by Blackpoint Cyber reportDownload CompassOne by Blackpoint Cyber product report
Buyer's Guide
Devo
May 2026
Devo reportDownload Devo product report
 

Also Known As

Blackpoint Cyber Managed Detection + Response, Blackpoint Cyber Managed Detection and Response
No data available
 

Overview

CompassOne by Blackpoint Cyber delivers comprehensive MDR capabilities, offering SLA-driven alert notifications, in-depth network discovery, and Microsoft 365 log preservation. Its SOC team efficiently manages monitoring tasks, ensuring genuine threats are prioritized and distractions minimized.

CompassOne enhances cybersecurity by offering email monitoring, app control, and effective threat identification, preventing incidents like a compromised device affecting corporate networks. While prompt in threat reporting, a need exists for detailed analysis and vulnerability scanning. Users seek integration with platforms such as CyberArk and CrowdStrike and support for Linux systems. The platform strengthens security through alert monitoring, virus prevention, account takeover prevention, and establishing a security baseline for both organizational and lab environments, with up to half of an organization's staff utilizing it and expansion plans in progress.

What are the key features of CompassOne?
  • SLA Notifications: Provides timely alerts to ensure swift threat response.
  • Network Discovery: Offers detailed insight into local networks.
  • Microsoft 365 Log Preservation: Maintains extensive records for compliance.
  • Email Monitoring and App Control: Detects and blocks suspicious activities efficiently.
  • Threat Prioritization: Minimizes distractions by focusing on genuine threats.
What benefits should users expect from CompassOne?
  • Efficient Monitoring: Relieves teams by offloading monitoring tasks to expert SOC teams.
  • Threat Mitigation: Protects against device compromise and secures networks.
  • Comprehensive Security: Extends capabilities through email and application vigilance.
  • Strategic Deployment: Adaptable for both enterprise and lab environments.

In sectors where security monitoring is crucial, CompassOne is implemented to observe computers, servers, and Office 365 environments, mitigating risks thoughtfully and efficiently. Companies engage its robust MDR functionalities to fend off viruses and account breaches while leveraging its security implementation services for a foundational security setup.

Blackpoint Cyber

Devo offers powerful visual analytics, real-time data querying, and log integration capabilities within a cloud-native, multi-tenant architecture, supporting extended data retention ideal for long-term analysis and compliance.

Devo is recognized for its Activeboards, which facilitate visual analytics. High-speed search capabilities and real-time analytics enable efficient data manipulation and querying. Its multi-tenant architecture supports effective data segregation and customization tailored to distinct business needs, enhancing its value for handling complex log integrations. With extended data retention of 400 days and a cloud-native architecture, Devo is a robust platform for long-term analysis and compliance requirements. Though opportunities exist to improve browser stability on large searches, SOAR integrations, and its parser capabilities, Devo remains essential for incident response and security monitoring, offering centralized data storage and analysis.

What are Devo's most important features?
  • Activeboards: Facilitate visual analytics and data exploration.
  • High-Speed Search: Enables fast data querying and manipulation.
  • Real-Time Analytics: Supports instant insights and decision-making.
  • Multi-Tenant Architecture: Allows effective data segregation and customization.
  • Extended Data Retention: Offers 400-day log retention for compliance and analysis.
  • Complex Log Integration: Handles intricate data sources effortlessly.
What benefits and ROI should organizations look for in reviews?
  • Visual Insights: Enhance understanding through interactive dashboards.
  • Performance Efficiency: Saves time with high-speed data search and real-time results.
  • Customization Flexibility: Fits specific business requirements with multi-tenant architecture.
  • Long-Term Compliance: Ensures alignment with extended data retention needs.
  • Centralized Monitoring: Enables comprehensive incident response and security monitoring.

Devo is extensively used in industries focused on incident response and digital forensics, centralizing data for security monitoring across hybrid environments. Organizations benefit from its ability to store and analyze aggregated logs, creating alerts and dashboards to enhance visibility for network and endpoint activities in multi-domain settings.

Devo
 

Sample Customers

CoreRecon, Peerless Tech Solutions, Lorien Health
United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
Buyer's Guide
CompassOne by Blackpoint Cyber vs. Devo
April 2026
Free Report: CompassOne by Blackpoint Cyber vs. Devo
Find out what your peers are saying about CompassOne by Blackpoint Cyber vs. Devo and other solutions. Updated: April 2026.
DOWNLOAD NOW
894,738 professionals have used our research since 2012.
See our CompassOne by Blackpoint Cyber vs. Devo report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.