Devo vs OpenText Behavioral Signals comparison

Devo and OpenText are both solutions in the Security Information and Event Management (SIEM) category. Devo is ranked #25 with an average rating of 8.5, while OpenText is ranked #40 with an average rating of 8.0. Devo holds a 1.1% mindshare in SIEM, compared to OpenText’s 0.4% mindshare. Additionally, 95% of Devo users are willing to recommend the solution, compared to 80% of OpenText users who would recommend it.

Devo

Read 22 Devo reviews

2,681 Views
1,823 Comparison Views

95% willing to recommend

OpenText Behavioral Signals

Read 5 OpenText Behavioral Signals reviews

700 Views
546 Comparison Views

80% willing to recommend

Devo

OpenText Behavioral Signals

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jun 19, 2025

OpenText Behavioral Signals and Devo compete in the data analytics category. Devo tends to have an upper hand due to its speed and scalability compared to OpenText's focus on integration and data context.

Features: OpenText Behavioral Signals provides robust sentiment analysis, voice recognition capabilities, and advanced behavioral insights. Devo offers real-time data processing, visualization, and enhanced speed for data-driven decisions.

Room for Improvement: OpenText Behavioral Signals could improve its speed, scalability, and real-time analytics features. Devo may benefit from enhancements in deployment flexibility, support for niche integrations, and simplifying user onboarding.

Ease of Deployment and Customer Service: OpenText Behavioral Signals offers flexible deployment options with responsive customer service. Devo excels in large-scale operations with comprehensive onboarding and continuous support.

Pricing and ROI: OpenText Behavioral Signals presents competitive pricing with immediate ROI through efficient integration. Devo's higher initial costs are balanced by its extensive features and long-term ROI.

To learn more, read our detailed Devo vs. OpenText Behavioral Signals Report (Updated: July 2025).

Buyer's Guide

Devo vs. OpenText Behavioral Signals

July 2025

Download the complete report

Helped 865,384 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Devo

Ranking in Security Information and Event Management (SIEM)

25th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Log Management (25th), IT Operations Analytics (9th), AIOps (18th)

OpenText Behavioral Signals

Ranking in Security Information and Event Management (SIEM)

40th

Average Rating

8.0

Reviews Sentiment

6.6

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (13th)

Mindshare comparison

As of August 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Devo is 1.1%, up from 0.9% compared to the previous year. The mindshare of OpenText Behavioral Signals is 0.4%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Michael Wenn

CEO / Co-Founder at Aiops ltd

Has cloud-first architecture with SIEM technology to run security operations

When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.

Read full review

Nagendra Nekkala

Senior Manager ICT & Innovations at Bangalore International Airport Limited

A user-friendly solution that can be used to integrate the logs properly with different connectors

ArcSight Intelligence is easy to maintain; one person is enough for the solution's maintenance. The maintenance person will add new features or devices, make policy changes or configurations, and learn and guide other engineers about new threats. ArcSight Intelligence is a user-friendly solution, and users should buy it if their company can afford its cost. Overall, I rate ArcSight Intelligence a nine out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most powerful feature is the way the data is stored and extracted. The data is always stored in its original format and you can normalize the data after it has been stored."

"Scalability is one of Devo's strengths."

"Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data."

"The strength of Devo is not only in that it is pretty intuitive, but it gives you the flexibility and creativity to merge feeds. The prime examples would be using the synthesis or union tables that give you phenomenal capabilities... The ability to use a synthesis or union table to combine all those feeds and make heads or tails of what's going on, and link it to go down a thread, is functionality that I hadn't seen before."

"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events."

"The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."

"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."

"The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us."

More Devo pros

"The product has a valuable interface."

"The most valuable feature of ArcSight Intelligence is a single console where the entire dashboard gives all the connected details in a single place."

"We found the correlation engine to be very good. It takes logs from different types of devices and does the correlation in a good way."

"The platform helps us improve threat detection capabilities."

"The ability to tailor an environment to suit our specific use cases is a major advantage of ArcSight compared to other logging servers such as Splunk."

Cons

"There are some issues from an availability and functionality standpoint, meaning the tool is somewhat slow. There were some slow response periods over the past six to nine months, though it has yet to impact us terribly as we are a relatively small shop. We've noticed it, however, so Devo could improve the responsiveness."

"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design."

"From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments."

"Their documentation could be better. They are growing quickly and need to have someone focused on tech writing to ensure that all the different updates, how to use them, and all the new features and functionality are properly documented."

"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate."

"I would like to have the ability to create more complex dashboards."

"My opinion on the solution's technical support is not as great as it could be because of the issues I have faced regarding the service management element."

"The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets."

More Devo cons

"The dashboard is not user-friendly and is in black and white."

"ArcSight Intelligence's pricing needs improvement."

"We haven't found the product fully scalable."

"The frequency of the updates that we are getting can be improved because the number and types of incidents that are happening at the global level are far more than what we are receiving. The frequency of updates feeds related to our rules should be increased. There should be more frequent information about the new rules that are coming and the global threats that are happening. There should be better options for dashboard creation. At present, the dashboards are good, but there is scope to make them better."

"ArcSight Intelligence is a bit slower, and its speed should be improved."

Pricing and Cost Advice

"I rate the pricing a four on a scale of one to ten, where one is cheap, and ten is expensive."

"I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."

"Our licensing fees are billed annually and per terabyte."

"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."

"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."

"[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."

"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."

"It's very competitive. That was also a primary draw for us. Some of the licensing models with solutions like Splunk and Sentinel were attractive upfront, but there were so many micro-charges and services we would've had to add on to make them what we wanted. We had to include things like SOAR and extended capabilities, whereas all those capabilities are completely included with the Devo platform. I haven't seen any additional fee."

More Devo pricing and cost advice

"The solution is expensive and only suitable for enterprise environments."

"Its price is average and not very high. Splunk might be a bit cheaper than this. Its licensing is on a monthly basis."

"They offer perpetual licenses for the product."

"ArcSight Intelligence is an expensive solution."

"It is an expensive platform."

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

865,384 professionals have used our research since 2012.

Comparison Review

it_user186927

Director of Operations at Bell

Feb 16, 2015

Cybereason vs. Interset vs. SQRRL

Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…

Read full review

Top Industries

By visitors reading reviews

Financial Services Firm

16%

Computer Software Company

11%

University

Government

19%

Computer Software Company

14%

Manufacturing Company

University

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Devo?

Devo has a really good website for creating custom configurations.

See all answers

What is your experience regarding pricing and costs for Devo?

Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.

See all answers

What needs improvement with Devo?

They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...

See all answers

What do you like most about ArcSight Interset / Intelligence?

The platform helps us improve threat detection capabilities.

See all answers

What is your experience regarding pricing and costs for ArcSight Interset / Intelligence?

They offer perpetual licenses for the product.

See all answers

What needs improvement with ArcSight Interset / Intelligence?

The product could be improved in several areas; it currently requires significant enhancement. Compared to QRadar and Splunk, ArcSight Intelligence falls behind, placing it as the third choice amon...

See all answers

Comparisons

Splunk Enterprise Security vs Devo

Compared 14% of the time

IBM Security QRadar vs Devo

Compared 13% of the time

Microsoft Sentinel vs Devo

Compared 12% of the time

LogRhythm SIEM vs Devo

Compared 12% of the time

Wazuh vs Devo

Compared 5% of the time

More Devo Competitors

Microsoft Sentinel vs OpenText Behavioral Signals

Compared 28% of the time

OpenText Enterprise Security Manager vs OpenText Behavioral Signals

Compared 20% of the time

Fortinet FortiSIEM vs OpenText Behavioral Signals

Compared 14% of the time

Splunk User Behavior Analytics vs OpenText Behavioral Signals

Compared 10% of the time

IBM Security QRadar vs OpenText Behavioral Signals

Compared 9% of the time

More OpenText Behavioral Signals Competitors

Product Reports

Buyer's Guide

Devo

August 2025

Download Devo product report

Buyer's Guide

Security Information and Event Management (SIEM)

August 2025

Download OpenText Behavioral Signals product report

Also Known As

No data available

ArcSight Interset / Intelligence, FileTrek, Interset UEBA, Micro Focus Interset UEBA, Micro Focus Interset, ArcSight Interset

Overview

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Devo

OpenText Behavioral Signals enhances organizational security monitoring with its robust correlation engine and streamlined dashboard, offering customization to suit different environments like airports or banks.

OpenText Behavioral Signals effectively integrates device logs through its strong correlation engine. The platform's customization options enable tailored alerts to match specific use cases, such as airports or banks. Although it needs more frequent updates to stay aligned with global incidents, it provides a centralized dashboard that ensures comprehensive visibility across networks. Users find the interface intuitive, making rule writing and report access easy, aiding in a comprehensive understanding of the network environment.

What are the key features of OpenText Behavioral Signals?

Correlation Engine: Integrates logs from diverse devices for seamless analysis.
Customization: Tailors alerts based on specific industry needs such as banks.
Centralized Dashboard: Offers complete visibility into network activities.
Easy Rule Writing: Facilitates enhanced usability for users.
Intuitive Interface: Provides streamlined access to reports and insights.

What benefits should businesses expect when using OpenText Behavioral Signals?

Increased Security: Effective monitoring and alerts enhance network safety.
Global Intelligence Gathering: Access to global attack notifications keeps organizations informed.
Reduced False Positives: Improved accuracy in detecting genuine threats.
Improved Log Management: Efficient handling of security and network device logs.

In industries like banking and airports, OpenText Behavioral Signals is implemented for gathering global intelligence from the cloud. It notifies organizations about global attacks and updates its correlation engines. These industries utilize the platform for monitoring and analyzing logs from network devices, security log management, and addressing network challenges like link failures and unauthorized login attempts, ensuring better security posture with behavioral analytics and log integration using Unix and Microsoft-based connectors.

OpenText

Sample Customers

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel

Accuvant, Splunk Inc., NuTech, Box, rSolutions, Voodoo Technology Limited

Buyer's Guide

Devo vs. OpenText Behavioral Signals

July 2025

Free Report: Devo vs. OpenText Behavioral Signals

Find out what your peers are saying about Devo vs. OpenText Behavioral Signals and other solutions. Updated: July 2025.

DOWNLOAD NOW

865,384 professionals have used our research since 2012.

See our Devo vs. OpenText Behavioral Signals report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.