CrowdStrike Observability vs Devo comparison

"The best features of CrowdStrike Observability include the way they show issues to the client or agent, and their data collection method is interesting because they use an agent-less approach in some cases, collecting data from infrastructure such as firewalls."

"The log aggregation and correlation of data are notable features that enhance our operations."

"In the logs and the trajectory, it shows detailed information about where the source of infection comes from, how it travels, and how to reach there."

"The intelligence database provided by CrowdStrike is very impressive."

"The intelligent alerting feature is excellent and configured on our console, being highly effective as it detects real alerts and just warnings or real issues."

"CrowdStrike Observability offers strong predictive analytics capabilities, and the intelligent alerting system helps minimize noise and optimize IT resources effectively."

"The intelligence database provided by CrowdStrike is very impressive."

"I find the most effective feature of CrowdStrike Observability to be its cloud vision and attack surface vision, which enhance network traffic analysis."

"Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data."

"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."

"Devo has a really good website for creating custom configurations."

"It centralizes security management within a business, functioning as a core system for a SOC."

"Being able to build and modify dashboards on the fly with Activeboards streamlines my analyst time because my analysts aren't doing it across spreadsheets or five different tools to try to build a timeline out themselves. They can just ingest it all, build a timeline out across all the logging, and all the different information sources in one dashboard. So, it's a huge time saver. It also has the accuracy of being able to look at all those data sources in one view. The log analysis, which would take 40 hours, we can probably get through it in about five to eight hours using Devo."

"The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."

"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events."

"The most useful feature for us, because of some of the issues we had previously, was the simplicity of log integrations. It's much easier with this platform to integrate log sources that might not have standard logging and things like that."

"The pricing is very high and small companies cannot afford it. They should reduce the price because the backend infrastructure is the same."

"Integration with Huawei should be more straightforward."

"We had some difficulties at the beginning, but at this moment they are improving, so probably in some months I will give them a ten."

"For reporting or log management, having a longer duration for backup without needing to purchase a paid subscription would be beneficial."

"For reporting or log management, having a longer duration for backup without needing to purchase a paid subscription would be beneficial. Currently, there is a default ninety-day backup period."

"We had some difficulties at the beginning, but at this moment they are improving, so probably in some months I will give them a ten."

"Integration with Huawei should be more straightforward."

"The customer service is not satisfactory for me. The support is only available in English, and my users in LATAM regions such as Peru and Colombia require local language support, which is not currently provided."

"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design."

"There's always room to reduce the learning curve over how to deal with events and machine data. They could make the machine data simpler."

"Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better."

"My opinion on the solution's technical support is not as great as it could be because of the issues I have faced regarding the service management element."

"Technical support could be better."

"Their documentation could be better. They are growing quickly and need to have someone focused on tech writing to ensure that all the different updates, how to use them, and all the new features and functionality are properly documented."

"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate."

"There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space."

"Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."

"It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less."

"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."

"Our licensing fees are billed annually and per terabyte."

"The way Devo prices things is based on the amount of data, and I wish the tiers had more granularity. Maybe at this point they do, but when we first negotiated with them, there were only three or four tiers."

"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."

"I rate the pricing a four on a scale of one to ten, where one is cheap, and ten is expensive."

"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."