CompassOne by Blackpoint Cyber vs Devo comparison

CompassOne by Blackpoint Cyber

Read 22 Devo reviews

2,579 Views
1,754 Comparison Views

95% willing to recommend

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2025

Devo and CompassOne by Blackpoint Cyber are competing products in the cybersecurity space, offering advanced threat detection and response capabilities. Users lean towards Devo for its pricing and support, while CompassOne stands out for its comprehensive feature set, making it a preferred option despite the investment required.

Features: Devo offers advanced data analytics and automation for rapid threat detection and visualization, making it strong in data-driven insights. Its Activeboards enable customization with real-time analytics and intuitive interfaces. Devo also provides the CyberChef tool, facilitating easy data manipulation. CompassOne boasts a comprehensive suite of threat-hunting tools, real-time operational capabilities, and robust protection features. Its Zwartweb monitoring and app control enhance security measures.

Room for Improvement: Devo can improve in reducing the technical resources needed for optimal deployment and incorporating more user-friendly training options for advanced features. Enhancing customer engagement and expanding features within Activeboards could also be beneficial. CompassOne might improve by refining its cost structure to be more accessible and enhancing ease of integration for users seeking simple deployment. Streamlining training processes and onboarding could enhance user experience.

Ease of Deployment and Customer Service: CompassOne by Blackpoint Cyber offers a streamlined deployment process and proactive support, contributing to high user satisfaction. Devo's flexible deployment may require more technical resources but benefits from strong customer support and intuitive user interfaces.

Pricing and ROI: Devo offers competitive pricing with automation features that potentially lower operational costs, yielding a high ROI. Its attractive pricing models are favored by users. CompassOne may have higher initial setup costs but promises significant returns through its extensive security feature set, which can justify the investment for organizations that need robust protection.

To learn more, read our detailed CompassOne by Blackpoint Cyber vs. Devo Report (Updated: September 2025).

CompassOne by Blackpoint Cyber vs. Devo

September 2025

Download the complete report

Helped 869,760 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

CompassOne by Blackpoint Cyber

Ranking in Security Information and Event Management (SIEM)

33rd

Average Rating

9.0

Reviews Sentiment

7.8

Number of Reviews

Ranking in other categories

Vulnerability Management (40th), Endpoint Detection and Response (EDR) (33rd), Application Control (9th), Managed Detection and Response (MDR) (13th)

Devo

Ranking in Security Information and Event Management (SIEM)

36th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Log Management (43rd), IT Operations Analytics (11th), AIOps (20th)

Mindshare comparison

As of October 2025, in the Security Information and Event Management (SIEM) category, the mindshare of CompassOne by Blackpoint Cyber is 0.1%, up from 0.1% compared to the previous year. The mindshare of Devo is 1.1%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Market Share Distribution
Product	Market Share (%)
CompassOne by Blackpoint Cyber	0.1%
Devo	1.1%
Other	98.8%

Security Information and Event Management (SIEM)

Featured Reviews

Gary Herbstman

Owner at Byte Solutions Inc.

Experienced reduced alert fatigue with streamlined notifications

We use Blackpoint Cyber MDR for our higher-end clients who need a higher level of control over security I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real. This feature ensures that I am notified only…

Read full review

Michael Wenn

CEO / Co-Founder at Aiops ltd

Has cloud-first architecture with SIEM technology to run security operations

When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution is all encompassing and can incorporate email monitoring."

"The solution also watches over Microsoft 365 and keeps a copy of logs."

"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."

"Their SOC is phenomenal in not monitoring and responding and taking action."

"On my end, the most valuable feature of this solution is that I can install it and forget about it. After that, their SOC team takes over and they only call me when there's a problem."

"On a scale from one to ten, I would rate the overall solution as a ten."

"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."

"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events."

"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."

"The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."

"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."

"It's very, very versatile."

"The strength of Devo is not only in that it is pretty intuitive, but it gives you the flexibility and creativity to merge feeds. The prime examples would be using the synthesis or union tables that give you phenomenal capabilities... The ability to use a synthesis or union table to combine all those feeds and make heads or tails of what's going on, and link it to go down a thread, is functionality that I hadn't seen before."

"Devo has a really good website for creating custom configurations."

"Even if it's a relatively technical tool or platform, it's very intuitive and graphical. It's very appealing in terms of the user interface. The UI has a graphically interface with the raw data in a table. The table can be as big as you want it, depending on your use case. You can easily get a report combining your data, along with calculations and graphical dashboards. You don't need a lot of training, because the UI is relatively very intuitive."

More Devo pros

Cons

"The solution does not tie into other EDR products like CyberArk or CrowdStrike but that might be more useful."

"The feature we keep asking for is a vulnerability scan."

"Some texts seem to report items as normal too quickly."

"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."

"The interface could be more intuitive."

"The interface could be more intuitive. More transparency is needed in the interface as a lot of details are hidden behind the scenes, making them difficult or impossible to access."

"Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better."

"I would like to have the ability to create more complex dashboards."

"There are some issues from an availability and functionality standpoint, meaning the tool is somewhat slow. There were some slow response periods over the past six to nine months, though it has yet to impact us terribly as we are a relatively small shop. We've noticed it, however, so Devo could improve the responsiveness."

"Their documentation could be better. They are growing quickly and need to have someone focused on tech writing to ensure that all the different updates, how to use them, and all the new features and functionality are properly documented."

"Technical support could be better."

"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."

"There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts."

"The overall performance of extraction could be a lot faster, but that's a common problem in this space in general. Also, the stock or default alerting and detecting options could definitely be broader and more all-encompassing. The fact that they're not is why we had to write all our own alerts."

More Devo cons

Pricing and Cost Advice

"The pricing is reasonable."

"The pricing is in line with other products."

"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."

"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."

"We have an OEM agreement with Devo. It is very similar to the standard licensing agreement because we are charged in the same way as any other customer, e.g., we use the backroom."

"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."

"It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less."

"Devo is a hosted or subscription-based solution, whereas before, we purchased QRadar, so we owned it and just had to pay a maintenance fee. We've encountered this with some other products, too, where we went over to subscription-based. Our thought process is that with subscription based, the provider hosts and maintains the tool, and it's offsite. That comes with some additional fees, but we were able to convince our upper management it was worth the price. We used to pay under 10k a year for maintenance, and now we're paying ten times that. It was a relatively tough sell to our management, but I wonder if we have a choice anymore; this is where the market is."

"I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."

"Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."

More Devo pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

869,760 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

16%

Healthcare Company

Manufacturing Company

Retailer

Financial Services Firm

15%

Computer Software Company

10%

University

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

By reviewers
Company Size	Count
Small Business	7
Midsize Enterprise	4
Large Enterprise	11

Questions from the Community

What is your experience regarding pricing and costs for Blackpoint Cyber MDR?

The pricing is great considering what we are receiving.

What needs improvement with Blackpoint Cyber MDR?

While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement.

What is your primary use case for Blackpoint Cyber MDR?

The solution serves as a baseline security offering. We have implemented it for every client that we do business with.

What is your experience regarding pricing and costs for Devo?

Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.

What needs improvement with Devo?

They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...

What is your primary use case for Devo?

Devo is a SIEM replacement technology used to run security operations. It centralizes security management within a business, functioning as a core system for a SOC. This system is the central cyber...

Huntress Managed EDR vs CompassOne by Blackpoint Cyber

Comparisons

Compared 30% of the time

CrowdStrike Falcon Complete MDR vs CompassOne by Blackpoint Cyber

Compared 15% of the time

SentinelOne Vigilance vs CompassOne by Blackpoint Cyber

Compared 10% of the time

Sophos MDR vs CompassOne by Blackpoint Cyber

Compared 7% of the time

Field Effect MDR vs CompassOne by Blackpoint Cyber

Compared 7% of the time

More CompassOne by Blackpoint Cyber Competitors

LogRhythm SIEM vs Devo

Compared 15% of the time

Microsoft Sentinel vs Devo

Compared 13% of the time

IBM Security QRadar vs Devo

Compared 13% of the time

Splunk Enterprise Security vs Devo

Compared 11% of the time

OpenText AI Operations Management vs Devo

Compared 6% of the time

More Devo Competitors

Product Reports

Managed Detection and Response (MDR)

September 2025

Download CompassOne by Blackpoint Cyber product report

Download Devo product report

October 2025

Also Known As

Blackpoint Cyber Managed Detection + Response, Blackpoint Cyber Managed Detection and Response

No data available

Overview

CompassOne by Blackpoint Cyber delivers comprehensive MDR capabilities, offering SLA-driven alert notifications, in-depth network discovery, and Microsoft 365 log preservation. Its SOC team efficiently manages monitoring tasks, ensuring genuine threats are prioritized and distractions minimized.

CompassOne enhances cybersecurity by offering email monitoring, app control, and effective threat identification, preventing incidents like a compromised device affecting corporate networks. While prompt in threat reporting, a need exists for detailed analysis and vulnerability scanning. Users seek integration with platforms such as CyberArk and CrowdStrike and support for Linux systems. The platform strengthens security through alert monitoring, virus prevention, account takeover prevention, and establishing a security baseline for both organizational and lab environments, with up to half of an organization's staff utilizing it and expansion plans in progress.

What are the key features of CompassOne?

SLA Notifications: Provides timely alerts to ensure swift threat response.
Network Discovery: Offers detailed insight into local networks.
Microsoft 365 Log Preservation: Maintains extensive records for compliance.
Email Monitoring and App Control: Detects and blocks suspicious activities efficiently.
Threat Prioritization: Minimizes distractions by focusing on genuine threats.

What benefits should users expect from CompassOne?

Efficient Monitoring: Relieves teams by offloading monitoring tasks to expert SOC teams.
Threat Mitigation: Protects against device compromise and secures networks.
Comprehensive Security: Extends capabilities through email and application vigilance.
Strategic Deployment: Adaptable for both enterprise and lab environments.

In sectors where security monitoring is crucial, CompassOne is implemented to observe computers, servers, and Office 365 environments, mitigating risks thoughtfully and efficiently. Companies engage its robust MDR functionalities to fend off viruses and account breaches while leveraging its security implementation services for a foundational security setup.

Blackpoint Cyber

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Sample Customers

CoreRecon, Peerless Tech Solutions, Lorien Health

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel