Devo vs OpenText Enterprise Security Manager comparison

Devo and OpenText are both solutions in the Security Information and Event Management (SIEM) category. Devo is ranked #25 with an average rating of 8.5, while OpenText is ranked #21 with an average rating of 7.0. Devo holds a 1.1% mindshare in SIEM, compared to OpenText’s 1.1% mindshare. Additionally, 95% of Devo users are willing to recommend the solution, compared to 88% of OpenText users who would recommend it.

Devo

Read 22 Devo reviews

2,008 Views
839 Comparison Views

95% willing to recommend

OpenText Enterprise Securit...

Read 97 OpenText Enterprise Security Manager reviews

2,406 Views
1,060 Comparison Views

88% willing to recommend

Devo

OpenText Enterprise Securit...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jun 19, 2025

OpenText Enterprise Security Manager and Devo compete in the enterprise security and information management space, with Devo seemingly having the upper hand due to its real-time analytics and cloud-native architecture.

Features: OpenText Enterprise Security Manager emphasizes scalability and integration capabilities, offering customizable complex correlations and supporting a wide range of devices. Devo provides strong real-time analytics, extensive data retention, and an intuitive query-building process, enhanced by its seamless cloud-native architecture.

Room for Improvement: OpenText Enterprise Security Manager needs to simplify network modeling and enhance tech support, with users mentioning deployment complexities and Oracle DB performance issues. Devo requires improvements in data ingestion and integration with diverse log sources, alongside more robust reporting capabilities.

Ease of Deployment and Customer Service: OpenText Enterprise Security Manager mainly operates on-premises, requiring expert deployment efforts and has mixed reviews on customer support. Devo offers flexible deployment options with good overall customer service but faces some challenges in technical support for its SecOps module.

Pricing and ROI: OpenText Enterprise Security Manager is often seen as expensive with a complex licensing model, yet users acknowledge its value. Devo’s pricing, based on ingestion volume, is perceived as straightforward, though recent changes have raised concerns about hidden costs. Despite this, Devo's features strengthen its cost justification compared to competitors, delivering satisfactory ROI.

To learn more, read our detailed Devo vs. OpenText Enterprise Security Manager Report (Updated: June 2025).

Buyer's Guide

Devo vs. OpenText Enterprise Security Manager

June 2025

Download the complete report

Helped 857,688 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Devo

Ranking in Security Information and Event Management (SIEM)

25th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Log Management (27th), IT Operations Analytics (8th), AIOps (17th)

OpenText Enterprise Securit...

Ranking in Security Information and Event Management (SIEM)

21st

Average Rating

7.8

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of June 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Devo is 1.1%, up from 1.0% compared to the previous year. The mindshare of OpenText Enterprise Security Manager is 1.1%, down from 1.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Michael Wenn

CEO / Co-Founder at Aiops ltd

Has cloud-first architecture with SIEM technology to run security operations

When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.

Read full review

Gaurav Ranade

CTO at Rah Infotech Pvt Ltd

Excels at performing regression and correlation on the data

ArcSight is a legacy technology, and many customers want AI-powered technologies integrated with it. That hasn't been done yet, but ArcSight needs to catch up with the newer solutions and technologies available in the market. It can't just rely on the legacy technology from 2010 or 2012. You can't run that in 2024. It's a legacy technology with its own limitations. Customers often face issues that other software or newer solutions can resolve easily. That's the main challenge we face from customers right now. So, the only concerns are that AI needs to be integrated and scalability improved. Those are the main areas to be improved.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events."

"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."

"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."

"Devo has a really good website for creating custom configurations."

"Even if it's a relatively technical tool or platform, it's very intuitive and graphical. It's very appealing in terms of the user interface. The UI has a graphically interface with the raw data in a table. The table can be as big as you want it, depending on your use case. You can easily get a report combining your data, along with calculations and graphical dashboards. You don't need a lot of training, because the UI is relatively very intuitive."

"The most powerful feature is the way the data is stored and extracted. The data is always stored in its original format and you can normalize the data after it has been stored."

"It centralizes security management within a business, functioning as a core system for a SOC."

"The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."

More Devo pros

"This process has helped to improve our organization because we have centralized the intra-group security equipment logs."

"The real-time analysis adds value."

"The solution offers very good monitoring."

"The tool is good for correlation and aggregation. We use it as a collection platform."

"It is a vital tool for live monitoring and helps us to understand the traffic alerts of any major issue on the network, thereby reducing hacking attempts."

"The product is quite mature. It's been around for a long time."

"We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities."

"Once the rules are defined, it becomes easy to detect changes and generate automated logs."

More OpenText Enterprise Security Manager pros

Cons

"The overall performance of extraction could be a lot faster, but that's a common problem in this space in general. Also, the stock or default alerting and detecting options could definitely be broader and more all-encompassing. The fact that they're not is why we had to write all our own alerts."

"The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets."

"They can improve their AI capabilities"

"There's always room to reduce the learning curve over how to deal with events and machine data. They could make the machine data simpler."

"The price is one problem with Devo."

"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design."

"There are some issues from an availability and functionality standpoint, meaning the tool is somewhat slow. There were some slow response periods over the past six to nine months, though it has yet to impact us terribly as we are a relatively small shop. We've noticed it, however, so Devo could improve the responsiveness."

"Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data."

More Devo cons

"The stability isn't quite perfect. We occasionally run into problems."

"The visualization is not very good compared to Splunk."

"When I asked our networking juniors for a comparison between LogRhythm and ArcSight, they said that both platforms are almost the same. It is just that LogRhythm is more modern with a digital platform, which probably gives it some advantage over ArcSight. ArcSight is a very old and mature product that is running on an old platform. It is an old legacy platform. In terms of new features, it just requires platform upgrades so that it becomes lighter and easily adaptable, specifically in the cloud. It would be a good thing if they can also make reporting easier."

"The stability of ArcSight Enterprise Security Manager (ESM) is not very robust."

"It would be nice to have it on the cloud so that you can deploy it easily, saving time and resources."

"I would like to have a feature that gives us an entire report listing what devices are integrated."

"The solution could be more stable."

"The centralized dashboard for the hybrid cloud environment needs to be more focused. It needs to be redefined because it's missing most of the information. It should be a little bit easy to use. Currently, integration with various applications and connectors is not that easy. Deployment is easy, but integration is not that easy. ArcSight also has a very high bandwidth consumption to pull the local servers. It should have some kind of better process or ability to transfer files from on-premises to the cloud, from the cloud to on-premises, and from a cloud to another cloud."

More OpenText Enterprise Security Manager cons

Pricing and Cost Advice

"I rate the pricing a four on a scale of one to ten, where one is cheap, and ten is expensive."

"We have an OEM agreement with Devo. It is very similar to the standard licensing agreement because we are charged in the same way as any other customer, e.g., we use the backroom."

"It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less."

"I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."

"Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."

"Our licensing fees are billed annually and per terabyte."

"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."

"[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."

More Devo pricing and cost advice

"The licensing cost is affordable if you get an enterprise license. The licensing is based on EPS, so you can probably provide a package of license for multiple ESMs with their correlational end fees. It is cost-effective."

"Price-wise, ArcSight ESM was a bit high compared to competitors, which factored into our decision to switch to Splunk. It couldn't cover all our business needs for what we wanted to implement."

"There is a license required for this solution."

"The product licenses are inexpensive."

"ArcSight can be a little bit expensive because of the area that we work in and the cost. Licensing is mostly on a yearly basis, not monthly."

"The pricing model is expensive compared to open-source alternatives."

"Aggregation can help a lot in pushing down licensing costs."

"We have a license to use this solution. The price of ArcSight Enterprise Security Manager is expensive."

More OpenText Enterprise Security Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

857,688 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Jun 28, 2015

Qradar vs. ArcSight

Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…

Read full review

Top Industries

By visitors reading reviews

Financial Services Firm

18%

Computer Software Company

15%

University

Government

Financial Services Firm

20%

Computer Software Company

14%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Devo?

Devo has a really good website for creating custom configurations.

See all answers

What is your experience regarding pricing and costs for Devo?

Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.

See all answers

What needs improvement with Devo?

They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...

See all answers

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?

In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...

See all answers

What do you like most about ArcSight Enterprise Security Manager (ESM)?

We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.

See all answers

What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?

ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.

See all answers

Comparisons

IBM Security QRadar vs Devo

Compared 16% of the time

Microsoft Sentinel vs Devo

Compared 15% of the time

Splunk Enterprise Security vs Devo

Compared 14% of the time

Wazuh vs Devo

Compared 6% of the time

LogRhythm SIEM vs Devo

Compared 5% of the time

More Devo Competitors

Trellix ESM vs OpenText Enterprise Security Manager

Compared 24% of the time

Splunk Enterprise Security vs OpenText Enterprise Security Manager

Compared 14% of the time

Elastic Security vs OpenText Enterprise Security Manager

Compared 10% of the time

Wazuh vs OpenText Enterprise Security Manager

Compared 6% of the time

Google Chronicle Suite vs OpenText Enterprise Security Manager

Compared 6% of the time

More OpenText Enterprise Security Manager Competitors

Product Reports

Buyer's Guide

Devo

June 2025

Download Devo product report

Buyer's Guide

OpenText Enterprise Security Manager

April 2025

OpenText Enterprise Security Manager report

Download OpenText Enterprise Security Manager product report

Also Known As

No data available

Micro Focus ArcSight, HPE ArcSight, ArcSight

Overview

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Devo

OpenText Enterprise Security Manager enables real-time threat detection through scalable and adaptable solutions, integrating seamlessly with multiple platforms for complex security scenarios across different environments.

OpenText Enterprise Security Manager offers extensive security monitoring capabilities, combining log analysis and incident management to enhance cybersecurity and compliance. Its powerful event correlation engine provides real-time alerts for rapid incident response. Users benefit from customizable dashboards and comprehensive log collection, making it a significant tool in the SIEM market. Flexible deployment options cater to both on-premises and cloud environments, supporting enterprises in managing IT infrastructure and threat detection efficiently.

What are the key features of OpenText Enterprise Security Manager?

Event Correlation Engine: Real-time threat detection with advanced correlation capabilities.
Scalability: Adapts to enterprise-level demands and complex security needs.
Integration: Seamlessly integrates with multiple platforms and third-party tools.
Customizable Dashboards: Tailored views and active lists enhance user experience.
Advanced Alerting: Provides timely incident response and security alerts.

Why should users look for reviews when evaluating OpenText Enterprise Security Manager?

Timely Incident Responses: Fast alerting and action against threats.
User-Friendly Experience: Customizable dashboards simplify monitoring tasks.
Comprehensive Security Management: Integrated log management and threat detection across domains.
Adaptability and Scalability: Supports both on-premises and cloud deployments.

In industries such as finance, healthcare, and energy, OpenText Enterprise Security Manager is implemented for monitoring critical systems and ensuring compliance with regulatory needs. Enterprises leverage its capabilities for forensic investigations and active threat management, serving as a central hub for cybersecurity operations across diverse IT infrastructures.

OpenText

Sample Customers

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.

Buyer's Guide

Devo vs. OpenText Enterprise Security Manager

June 2025

Free Report: Devo vs. OpenText Enterprise Security Manager

Find out what your peers are saying about Devo vs. OpenText Enterprise Security Manager and other solutions. Updated: June 2025.

DOWNLOAD NOW

857,688 professionals have used our research since 2012.

See our Devo vs. OpenText Enterprise Security Manager report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.