Devo vs OpenText Enterprise Security Manager comparison

Devo and OpenText are both solutions in the Security Information and Event Management (SIEM) category. Devo is ranked #25 with an average rating of 8.5, while OpenText is ranked #22 with an average rating of 7.0. Devo holds a 1.1% mindshare in SIEM, compared to OpenText’s 1.4% mindshare. Additionally, 95% of Devo users are willing to recommend the solution, compared to 88% of OpenText users who would recommend it.

Devo

Read 22 Devo reviews

2,681 Views
1,823 Comparison Views

95% willing to recommend

OpenText Enterprise Securit...

Read 97 OpenText Enterprise Security Manager reviews

2,541 Views
2,414 Comparison Views

88% willing to recommend

Devo

OpenText Enterprise Securit...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jun 19, 2025

OpenText Enterprise Security Manager and Devo compete in the enterprise security and information management space, with Devo seemingly having the upper hand due to its real-time analytics and cloud-native architecture.

Features: OpenText Enterprise Security Manager emphasizes scalability and integration capabilities, offering customizable complex correlations and supporting a wide range of devices. Devo provides strong real-time analytics, extensive data retention, and an intuitive query-building process, enhanced by its seamless cloud-native architecture.

Room for Improvement: OpenText Enterprise Security Manager needs to simplify network modeling and enhance tech support, with users mentioning deployment complexities and Oracle DB performance issues. Devo requires improvements in data ingestion and integration with diverse log sources, alongside more robust reporting capabilities.

Ease of Deployment and Customer Service: OpenText Enterprise Security Manager mainly operates on-premises, requiring expert deployment efforts and has mixed reviews on customer support. Devo offers flexible deployment options with good overall customer service but faces some challenges in technical support for its SecOps module.

Pricing and ROI: OpenText Enterprise Security Manager is often seen as expensive with a complex licensing model, yet users acknowledge its value. Devo’s pricing, based on ingestion volume, is perceived as straightforward, though recent changes have raised concerns about hidden costs. Despite this, Devo's features strengthen its cost justification compared to competitors, delivering satisfactory ROI.

To learn more, read our detailed Devo vs. OpenText Enterprise Security Manager Report (Updated: July 2025).

Buyer's Guide

Devo vs. OpenText Enterprise Security Manager

July 2025

Download the complete report

Helped 865,140 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Devo

Ranking in Security Information and Event Management (SIEM)

25th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Log Management (25th), IT Operations Analytics (9th), AIOps (18th)

OpenText Enterprise Securit...

Ranking in Security Information and Event Management (SIEM)

22nd

Average Rating

7.8

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of August 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Devo is 1.1%, up from 0.9% compared to the previous year. The mindshare of OpenText Enterprise Security Manager is 1.4%, up from 1.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Michael Wenn

CEO / Co-Founder at Aiops ltd

Has cloud-first architecture with SIEM technology to run security operations

When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.

Read full review

Gaurav Ranade

CTO at Rah Infotech Pvt Ltd

Excels at performing regression and correlation on the data

ArcSight is a legacy technology, and many customers want AI-powered technologies integrated with it. That hasn't been done yet, but ArcSight needs to catch up with the newer solutions and technologies available in the market. It can't just rely on the legacy technology from 2010 or 2012. You can't run that in 2024. It's a legacy technology with its own limitations. Customers often face issues that other software or newer solutions can resolve easily. That's the main challenge we face from customers right now. So, the only concerns are that AI needs to be integrated and scalability improved. Those are the main areas to be improved.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data."

"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."

"The strength of Devo is not only in that it is pretty intuitive, but it gives you the flexibility and creativity to merge feeds. The prime examples would be using the synthesis or union tables that give you phenomenal capabilities... The ability to use a synthesis or union table to combine all those feeds and make heads or tails of what's going on, and link it to go down a thread, is functionality that I hadn't seen before."

"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."

"Devo has a really good website for creating custom configurations."

"It's very, very versatile."

"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way."

"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."

More Devo pros

"It is a very useful tool for intelligence building because it has many use cases and many rule sets."

"Once the rules are defined, it is capable of detecting minute changes in the systems, which are effectively based on the entries in the log."

"It gives better overall visibility. Before, we didn't have a unified system for managing security alerts. ArcSight introduced various alerts, giving us a better visibility of potential problems."

"ESM has valuable features for event prediction and security analysis."

"The solution is pretty stable."

"I would rate the ease of use for new users an eight out of ten, with ten being easy to use. It is a good tool."

"The webpage algorithm is the most valuable feature because it was the fastest feature for searching the logs, events, and correlation."

"The most valuable feature of ArcSight ESM is its ease of use."

More OpenText Enterprise Security Manager pros

Cons

"Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better."

"We only use the core functionality and one of the reasons for this is that their security operation center needs improvement."

"My opinion on the solution's technical support is not as great as it could be because of the issues I have faced regarding the service management element."

"There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts."

"I would like to have the ability to create more complex dashboards."

"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."

"Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data."

"The overall performance of extraction could be a lot faster, but that's a common problem in this space in general. Also, the stock or default alerting and detecting options could definitely be broader and more all-encompassing. The fact that they're not is why we had to write all our own alerts."

More Devo cons

"Customer service during the transition from HPE to Micro Focus was abysmal where it became disruptive to our service delivery."

"In other products, I have found that they use some kind of GUI that is drag and drop. While in ArcSight they use still scripting. They should keep scripting because some people prefer scripting but they should have the option for those who prefer using drag and drop."

"The visualization is not very good compared to Splunk."

"The correlation engine effectively connects different events, significantly improving our detection reach. However, limitations exist with non-default alerts, where additional costs arise for integration."

"I would like for them to integrate mobile devices. Integration or any kind of functionality which will act as a substitute for IBM so that we can really track our mobile devices as well as look at SIEM."

"Could benefit from a more modern interface."

"The UI interface is somewhat complex and needs to be simplified."

"The biggest requirement is that there is no cloud solution for this product yet. They need to create a cloud version. It's the biggest thing they can do to make the solution better."

More OpenText Enterprise Security Manager cons

Pricing and Cost Advice

"[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."

"It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less."

"Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."

"We have an OEM agreement with Devo. It is very similar to the standard licensing agreement because we are charged in the same way as any other customer, e.g., we use the backroom."

"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."

"Devo is a hosted or subscription-based solution, whereas before, we purchased QRadar, so we owned it and just had to pay a maintenance fee. We've encountered this with some other products, too, where we went over to subscription-based. Our thought process is that with subscription based, the provider hosts and maintains the tool, and it's offsite. That comes with some additional fees, but we were able to convince our upper management it was worth the price. We used to pay under 10k a year for maintenance, and now we're paying ten times that. It was a relatively tough sell to our management, but I wonder if we have a choice anymore; this is where the market is."

"I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."

"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."

More Devo pricing and cost advice

"We're paying a fee for an MSSP, and the cost of the total cost of ArcSight ESM was approximately three to four million dollars a year. The price was less than similar solutions. We did not have additional fees."

"Thanks to Micro Focus's licensing model, as an MSSP, we are able to see a complete return on our investment almost immediately."

"ArcSight ESM is an affordable solution, it cost approximately $200,000 for three years. This price was at a substantial discount."

"The licensing cost is affordable if you get an enterprise license. The licensing is based on EPS, so you can probably provide a package of license for multiple ESMs with their correlational end fees. It is cost-effective."

"HPE ArcSight pricing might be more expensive than other SIEM solutions, but in my opinion it has powerful features and great flexibility in developing complex use cases."

"ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value."

"It's a good price, it's one of the cheaper solutions."

"The pricing model is expensive compared to open-source alternatives."

More OpenText Enterprise Security Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

865,140 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Jun 28, 2015

Qradar vs. ArcSight

Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…

Read full review

Top Industries

By visitors reading reviews

Financial Services Firm

16%

Computer Software Company

11%

University

Government

Financial Services Firm

15%

Computer Software Company

13%

Manufacturing Company

11%

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Devo?

Devo has a really good website for creating custom configurations.

See all answers

What is your experience regarding pricing and costs for Devo?

Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.

See all answers

What needs improvement with Devo?

They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...

See all answers

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?

In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...

See all answers

What do you like most about ArcSight Enterprise Security Manager (ESM)?

We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.

See all answers

What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?

ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.

See all answers

Comparisons

Splunk Enterprise Security vs Devo

Compared 14% of the time

IBM Security QRadar vs Devo

Compared 14% of the time

Microsoft Sentinel vs Devo

Compared 13% of the time

LogRhythm SIEM vs Devo

Compared 12% of the time

Wazuh vs Devo

Compared 5% of the time

More Devo Competitors

Trellix ESM vs OpenText Enterprise Security Manager

Compared 18% of the time

IBM Security QRadar vs OpenText Enterprise Security Manager

Compared 11% of the time

Splunk Enterprise Security vs OpenText Enterprise Security Manager

Compared 10% of the time

Elastic Security vs OpenText Enterprise Security Manager

Compared 6% of the time

SurfWatch Labs SurfWatch vs OpenText Enterprise Security Manager

Compared 5% of the time

More OpenText Enterprise Security Manager Competitors

Product Reports

Buyer's Guide

Devo

August 2025

Download Devo product report

Buyer's Guide

OpenText Enterprise Security Manager

August 2025

OpenText Enterprise Security Manager report

Download OpenText Enterprise Security Manager product report

Also Known As

No data available

Micro Focus ArcSight, HPE ArcSight, ArcSight

Overview

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Devo

OpenText Enterprise Security Manager enables real-time threat detection through scalable and adaptable solutions, integrating seamlessly with multiple platforms for complex security scenarios across different environments.

OpenText Enterprise Security Manager offers extensive security monitoring capabilities, combining log analysis and incident management to enhance cybersecurity and compliance. Its powerful event correlation engine provides real-time alerts for rapid incident response. Users benefit from customizable dashboards and comprehensive log collection, making it a significant tool in the SIEM market. Flexible deployment options cater to both on-premises and cloud environments, supporting enterprises in managing IT infrastructure and threat detection efficiently.

What are the key features of OpenText Enterprise Security Manager?

Event Correlation Engine: Real-time threat detection with advanced correlation capabilities.
Scalability: Adapts to enterprise-level demands and complex security needs.
Integration: Seamlessly integrates with multiple platforms and third-party tools.
Customizable Dashboards: Tailored views and active lists enhance user experience.
Advanced Alerting: Provides timely incident response and security alerts.

Why should users look for reviews when evaluating OpenText Enterprise Security Manager?

Timely Incident Responses: Fast alerting and action against threats.
User-Friendly Experience: Customizable dashboards simplify monitoring tasks.
Comprehensive Security Management: Integrated log management and threat detection across domains.
Adaptability and Scalability: Supports both on-premises and cloud deployments.

In industries such as finance, healthcare, and energy, OpenText Enterprise Security Manager is implemented for monitoring critical systems and ensuring compliance with regulatory needs. Enterprises leverage its capabilities for forensic investigations and active threat management, serving as a central hub for cybersecurity operations across diverse IT infrastructures.

OpenText

Sample Customers

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.

Buyer's Guide

Devo vs. OpenText Enterprise Security Manager

July 2025

Free Report: Devo vs. OpenText Enterprise Security Manager

Find out what your peers are saying about Devo vs. OpenText Enterprise Security Manager and other solutions. Updated: July 2025.

DOWNLOAD NOW

865,140 professionals have used our research since 2012.

See our Devo vs. OpenText Enterprise Security Manager report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.