Devo vs Splunk Enterprise Security comparison

Cancel
You must select at least 2 products to compare!
Sumo Logic Logo
4,518 views|3,195 comparisons
Devo Logo
Read 12 Devo reviews
12,723 views|4,760 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Devo and Splunk Enterprise Security based on real PeerSpot user reviews.

Find out in this report how the two IT Operations Analytics solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Devo vs. Splunk Enterprise Security Report (Updated: May 2023).
708,243 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Technical support is always great.""The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs.""The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI.""The tool has key features like operability. It will alert the admins whenever a device is onboarded."

More Sumo Logic Security Pros →

"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit.""The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is.""The most powerful feature is the way the data is stored and extracted. The data is always stored in its original format and you can normalize the data after it has been stored.""In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time.""The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them.""Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data.""The strength of Devo is not only in that it is pretty intuitive, but it gives you the flexibility and creativity to merge feeds. The prime examples would be using the synthesis or union tables that give you phenomenal capabilities... The ability to use a synthesis or union table to combine all those feeds and make heads or tails of what's going on, and link it to go down a thread, is functionality that I hadn't seen before.""The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events."

More Devo Pros →

"It is very scalable.""Easy to deploy and simple to use.""Splunk works based on parsing log files.""The solution allows easy gathering and ingestion of the data.""From my experience, the visual aid that it provides is most valuable. There are charts and other means to provide information.""It is very easy to use and integrate. There are connectors for every technology.""The indexing and data collection are valuable.""I really like the user interface and how it works."

More Splunk Enterprise Security Pros →

Cons
"The integration with multiple sources could be better.""From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc.""In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently.""The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."

More Sumo Logic Security Cons →

"There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts.""The overall performance of extraction could be a lot faster, but that's a common problem in this space in general. Also, the stock or default alerting and detecting options could definitely be broader and more all-encompassing. The fact that they're not is why we had to write all our own alerts.""One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate.""We only use the core functionality and one of the reasons for this is that their security operation center needs improvement.""Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better.""Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design.""Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data.""I would like to have the ability to create more complex dashboards."

More Devo Cons →

"Its search or filtering capability is nice, but it can be improved. It is currently a bit complicated, and it should be simplified. If we can write the search filter in a more simplified way, it would be better.""This solution could be improved by better pricing in general and by easier installation.""I haven't found a way for me to create my own plugins and integrate them into Splunk, but this isn't necessarily a limitation; it could simply be a lack of knowledge on my part.""It is a good product, but the Achilles heel for a lot of organizations is the cost model for it because it gets expensive. That's because the model is based on how much data it processes a day, which can be prohibitive, especially if you have a lot of data. A lot of customers may not be ready for the sticker shock on how to fully leverage the product. I realized that the reason for that is that when it was originally designed, it was kind of like a big data modeling application. If they want to have a bigger customer base, they can come out with subsets of their product that are focused on specific things and have different pricing models. It may help with the cost.""Its interface could be improved.""It would be nice if they had a wizard to construct searches, including more complex searches that include math or statistics.""I'd like to see more integration with more antivirus systems.""The analytics of Splunk could be improved."

More Splunk Enterprise Security Cons →

Pricing and Cost Advice
  • "The license pricing model is based on the events that are processed through the solution."
  • More Sumo Logic Security Pricing and Cost Advice →

  • "Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
  • "Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
  • "Our licensing fees are billed annually and per terabyte."
  • "I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
  • "Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."
  • "The way Devo prices things is based on the amount of data, and I wish the tiers had more granularity. Maybe at this point they do, but when we first negotiated with them, there were only three or four tiers."
  • "It's very competitive. That was also a primary draw for us. Some of the licensing models with solutions like Splunk and Sentinel were attractive upfront, but there were so many micro-charges and services we would've had to add on to make them what we wanted. We had to include things like SOAR and extended capabilities, whereas all those capabilities are completely included with the Devo platform. I haven't seen any additional fee."
  • "Devo is a hosted or subscription-based solution, whereas before, we purchased QRadar, so we owned it and just had to pay a maintenance fee. We've encountered this with some other products, too, where we went over to subscription-based. Our thought process is that with subscription based, the provider hosts and maintains the tool, and it's offsite. That comes with some additional fees, but we were able to convince our upper management it was worth the price. We used to pay under 10k a year for maintenance, and now we're paying ten times that. It was a relatively tough sell to our management, but I wonder if we have a choice anymore; this is where the market is."
  • More Devo Pricing and Cost Advice →

  • "My customers have found the price of the solution to be high."
  • "The price of Splunk is reasonable."
  • "The subscription is monthly."
  • "It can be cost-prohibitive when you start to scale and have terabytes of data. Its cost model is based on how much data it processes a day. If they're able to create scaled-down niche or custom package offerings, it may help with the cost. Instead of the full-blown features, if they can narrow the scope where it can only be used for a specific purpose, it would kind of create that market for the product, and it may help with the costing. When you start using it as a central aggregator and you're pumping tons of logs at it, pretty soon, you'll start hitting your cap on what it can process a day. Once you've got that, you're kind of defeating the purpose because you're going to have to scale back."
  • "It's a yearly subscription."
  • "This product could use better pricing in general."
  • "The pricing modules could be improved."
  • "This solution is costly. Splunk is obviously a great product, but you should only choose this product if you need all the features provided. Otherwise, if you don't need all the features to meet your requirements, there are probably other products that will be more cost-effective. It's cost versus the functionality requirement."
  • More Splunk Enterprise Security Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which IT Operations Analytics solutions are best for your needs.
    708,243 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the… more »
    Top Answer:The license pricing model is based on the events that are processed through the solution. The price of Sumo Logic… more »
    Top Answer:The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then… more »
    Top Answer:The most useful feature for us, because of some of the issues we had previously, was the simplicity of log integrations… more »
    Top Answer:It's very competitive. That was also a primary draw for us. Some of the licensing models with solutions like Splunk and… more »
    Top Answer:Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical… more »
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR)… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring… more »
    Comparisons
    Learn More
    Overview

    Sumo Logic empowers the people who power modern, digital business. Our cloud-native SaaS analytics platform powered by logs helps customers deliver reliable and secure cloud-native applications. With Sumo Logic, practitioners and developers can ensure application reliability, secure and protect against modern threats and gain insights into their cloud infrastructures. Customers worldwide rely on our scalable platform to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications. For more information, visit: SUMOLOGIC.COM

    Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    Offer
    Learn more about Sumo Logic Security
    See Devo in Action

    See how Devo allows you to free yourself from data management, and make machine data and insights accessible.

    Learn more about Splunk Enterprise Security
    Sample Customers
    United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Top Industries
    REVIEWERS
    Financial Services Firm33%
    Media Company22%
    Retailer11%
    Transportation Company11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm11%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Computer Software Company50%
    Comms Service Provider10%
    Retailer10%
    Insurance Company10%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Government10%
    Financial Services Firm9%
    Comms Service Provider8%
    REVIEWERS
    Financial Services Firm17%
    Computer Software Company14%
    Energy/Utilities Company10%
    Government7%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm15%
    Government10%
    Comms Service Provider6%
    Company Size
    REVIEWERS
    Small Business25%
    Midsize Enterprise6%
    Large Enterprise69%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise17%
    Large Enterprise60%
    REVIEWERS
    Small Business21%
    Midsize Enterprise21%
    Large Enterprise58%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise15%
    Large Enterprise62%
    REVIEWERS
    Small Business34%
    Midsize Enterprise13%
    Large Enterprise53%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise13%
    Large Enterprise69%
    Buyer's Guide
    Devo vs. Splunk Enterprise Security
    May 2023
    Find out what your peers are saying about Devo vs. Splunk Enterprise Security and other solutions. Updated: May 2023.
    708,243 professionals have used our research since 2012.

    Devo is ranked 3rd in IT Operations Analytics with 12 reviews while Splunk Enterprise Security is ranked 1st in IT Operations Analytics with 47 reviews. Devo is rated 8.0, while Splunk Enterprise Security is rated 8.2. The top reviewer of Devo writes "Accepts data in raw format but does not offer their own agent". On the other hand, the top reviewer of Splunk Enterprise Security writes "Very versatile for many use cases". Devo is most compared with Wazuh, Elastic Security, AWS Security Hub, Microsoft Sentinel and New Relic, whereas Splunk Enterprise Security is most compared with Microsoft Sentinel, Wazuh, Dynatrace, Elastic Security and Fortinet FortiAnalyzer. See our Devo vs. Splunk Enterprise Security report.

    See our list of best IT Operations Analytics vendors and best Security Information and Event Management (SIEM) vendors.

    We monitor all IT Operations Analytics reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.