

Devo and SentinelOne Singularity AI SIEM are competing products in the SIEM landscape. SentinelOne appears to have the upper hand due to its advanced threat detection capabilities.
Features: Devo specializes in high-speed search, multi-tenant architecture, and real-time analytics. SentinelOne stands out with its sophisticated behavioral AI, automated threat hunting, and extensive endpoint protection.
Room for Improvement: Devo requires improvement in user interface customization, scaling advanced analytics, and enhancing native integrations. SentinelOne could improve the onboarding processes, reduce initial setup costs, and enhance reporting flexibility.
Ease of Deployment and Customer Service: Devo offers a cloud-native architecture for simplified deployment and responsive customer support. SentinelOne provides streamlined deployment with strong AI model training and extensive utilization resources.
Pricing and ROI: Devo is praised for its competitive pricing and cost-effectiveness, offering a strong ROI. SentinelOne, while more costly initially, leverages advanced features for long-term gains, appealing to organizations prioritizing top-tier security.
SentinelOne Singularity AI SIEM has reduced our response time to true positive alerts by approximately forty percent through automation.
At the moment, I feel the pricing is a little bit on the higher side, but the tool is positioned in a place where risk is very high, and we do not want to take chances, so we are prepared to pay the premium.
The effect of SentinelOne Singularity AI SIEM on our customers' SOC efficiency in investigating alerts and responding to incidents is significant.
I rate the customer support a nine out of ten because of their timely technical guidance and responsiveness during the deployment and troubleshooting periods.
SentinelOne Singularity AI SIEM has AI-based technical support available.
Based on my experience with the technical support of SentinelOne Singularity AI SIEM, I would rate them a ten.
In rating the technical support for SentinelOne, it depends on whether we are discussing EDR or SentinelOne Singularity AI SIEM.
Devo is a unified SIEM solution designed to handle growing log volumes and enterprise-scale monitoring requirements.
With any AI adoption, the end goal should be more governance and data security and safety.
The performance depends on the configuration.
It is scalable, and we can increase the compute size. It can scale. There are no challenges.
It is stable and reliable for our security operations.
When it comes to stability, I would give SentinelOne Singularity AI SIEM a nine.
In terms of performance stability, I have never had any crashes, downtimes, or performance issues.
Even the data lake feature they have, in terms of keeping all the logs intact, those log searches are extremely fast on SentinelOne Singularity AI SIEM, even though the data is very high.
This is particularly evident when dealing with failed login attempts and determining true versus false positives.
UI improvements, a simplified dashboard, or an easier reporting workflow could further improve analyst productivity.
The cost is a little higher compared to other tools such as DataDog or Elasticsearch, so they could work on reducing costs.
The adoption rate will be less compared to other products, as this can be a time-taken process because all my data needs to be offloaded and the system needs to understand my existing alerts, logs, and other things.
The interface flickers frequently, and sometimes it does not load properly.
Whenever OT security comes into the picture, the customers do not allow us to integrate their OT devices on a cloud. It should be available on-premises because the OT SIEM market, in the India market for instance, is something around a four to eight billion dollar market.
I find SentinelOne's pricing to be reasonable and competitive.
When they see a spike in a line chart for a failed login, which could be a true or false attempt, they can click that spike, and a table widget on the same active board instantly populates with raw logs of data for those specific failed logins.
When the analyst uses queries to search, it pulls the data quickly, in a second, which aids us greatly with the investigation.
It utilizes 400 days of hot data, allowing queries to run very fast and yield results quicker than other tools in terms of security and SIEM capability.
We finally have visibility into things that were never visible before.
It employs a combination of AI and ML to check for viruses or any other malicious processes, including fileless attacks.
The AI-driven threat detection capabilities improve our overall security posture.
| Product | Mindshare (%) |
|---|---|
| SentinelOne Singularity AI SIEM | 1.4% |
| Devo | 1.2% |
| Other | 97.4% |
| Company Size | Count |
|---|---|
| Small Business | 9 |
| Midsize Enterprise | 5 |
| Large Enterprise | 12 |
| Company Size | Count |
|---|---|
| Small Business | 5 |
| Midsize Enterprise | 3 |
| Large Enterprise | 3 |
Devo offers powerful visual analytics, real-time data querying, and log integration capabilities within a cloud-native, multi-tenant architecture, supporting extended data retention ideal for long-term analysis and compliance.
Devo is recognized for its Activeboards, which facilitate visual analytics. High-speed search capabilities and real-time analytics enable efficient data manipulation and querying. Its multi-tenant architecture supports effective data segregation and customization tailored to distinct business needs, enhancing its value for handling complex log integrations. With extended data retention of 400 days and a cloud-native architecture, Devo is a robust platform for long-term analysis and compliance requirements. Though opportunities exist to improve browser stability on large searches, SOAR integrations, and its parser capabilities, Devo remains essential for incident response and security monitoring, offering centralized data storage and analysis.
What are Devo's most important features?Devo is extensively used in industries focused on incident response and digital forensics, centralizing data for security monitoring across hybrid environments. Organizations benefit from its ability to store and analyze aggregated logs, creating alerts and dashboards to enhance visibility for network and endpoint activities in multi-domain settings.
SentinelOne Singularity AI SIEM offers comprehensive security information and incident management designed to enhance threat detection, response, and investigation capabilities within enterprise environments.
SentinelOne Singularity AI SIEM is known for its robust capabilities in the realm of cybersecurity, providing organizations with an advanced tool to combat modern threats. The platform integrates machine learning and artificial intelligence to automate threat identification and streamline incident response processes. Its intuitive interface allows teams to manage security events efficiently, ensuring rapid reaction to potential vulnerabilities. As a scalable tool, it adapts to evolving security demands, providing valuable insights to safeguard critical business operations.
What are the important features of SentinelOne Singularity AI SIEM?In industries such as finance and healthcare, implementation of SentinelOne Singularity AI SIEM often means tailored solutions to protect sensitive data, meeting regulatory compliance. These sectors appreciate its capability to provide detailed insights and reduce the risk of data breaches, thus preserving stakeholder trust.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.