Devo vs Trellix ESM comparison

Devo and Trellix are both solutions in the Security Information and Event Management (SIEM) category. Devo is ranked #26 with an average rating of 8.5, while Trellix is ranked #24 with an average rating of 7.6. Devo holds a 1.1% mindshare in SIEM, compared to Trellix’s 0.9% mindshare. Additionally, 95% of Devo users are willing to recommend the solution, compared to 75% of Trellix users who would recommend it.

Devo

Read 22 Devo reviews

2,078 Views
1,007 Comparison Views

95% willing to recommend

Trellix ESM

Read 36 Trellix ESM reviews

2,027 Views
858 Comparison Views

75% willing to recommend

Devo

Trellix ESM

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

Trellix ESM and Devo compete in the realm of security information and event management solutions. Based on user reviews, Devo seems to have the upper hand due to its superior features and functionality.

Features: Trellix ESM provides valuable features such as automated threat detection, flexible integration, and strong customer service. Devo offers powerful analytics, real-time threat detection, and advanced capabilities, leading to higher user satisfaction regarding features.

Room for Improvement: Trellix ESM needs a more intuitive system, reduced complexity in setup, and streamlined workflows. Devo could improve by offering more customization options, better documentation, and enhanced user training materials.

Ease of Deployment and Customer Service: Trellix ESM’s deployment is straightforward, supported by strong customer service that eases user adoption. Devo also offers smooth deployment but has slightly less stellar customer service.

Pricing and ROI: Trellix ESM users are generally satisfied with its pricing and ROI, finding it cost-effective. Devo, despite higher costs, delivers a compelling ROI due to its advanced features, justifying the investment for users.

To learn more, read our detailed Devo vs. Trellix ESM Report (Updated: April 2025).

Buyer's Guide

Devo vs. Trellix ESM

April 2025

Download the complete report

Helped 850,236 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Devo

Ranking in Security Information and Event Management (SIEM)

26th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Log Management (27th), IT Operations Analytics (6th), AIOps (17th)

Trellix ESM

Ranking in Security Information and Event Management (SIEM)

24th

Average Rating

7.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of May 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Devo is 1.1%, up from 1.0% compared to the previous year. The mindshare of Trellix ESM is 0.9%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Michael Wenn

CEO / Co-Founder at Aiops ltd

Has cloud-first architecture with SIEM technology to run security operations

When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.

Read full review

Daniel Durian

Senior Information Security Manager at a real estate/law firm with 10,001+ employees

Helps to monitor and detect cyberattacks

The tool's effectiveness depends on how you define your log sources. To build visibility of incoming and outgoing traffic, you need logs from perimeter defense, firewalls, web application firewalls, and endpoint protection. With good traffic visibility, incident response time is really quick. Trellix ESM provides situation awareness. On the dashboard, I can see outbound and inbound communications to known threat hosts, IPS/IDS activity, and threat intelligence of the perimeter defense in the firewall. This information helps preempt attacks.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way."

"It's very, very versatile."

"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."

"The most valuable feature is that it has native MSSP capabilities and maintains perfect data separation. It does all of that in a very easy-to-manage cloud-based solution."

"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."

"Those 400 days of hot data mean that people can look for trends and at what happened in the past. And they can not only do so from a security point of view, but even for operational use cases. In the past, our operational norm was to keep live data for only 30 days. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. That's one reason that having 400 days of live data is pretty huge. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics."

"The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."

"The most powerful feature is the way the data is stored and extracted. The data is always stored in its original format and you can normalize the data after it has been stored."

More Devo pros

"It is easy to use."

"The ease of use is the most valuable feature. Over the years I have always been using this solution and have become comfortable with it."

"The product’s most valuable feature is log monitoring."

"It has good technical support, which is available around the clock. You can call up anytime and get whatever you want. My queues are resolved."

"I rate the tool's deployment an eight out of ten. The deployment is completed in two days."

"It is user-friendly. The notification part of McAfee ESM is very easy."

"Compared to other solutions, the user interface is good."

"Trellix ESM utilizes fewer human resources and improves security and visibility."

More Trellix ESM pros

Cons

"The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc."

"Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better."

"I would like to have the ability to create more complex dashboards."

"There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts."

"The price is one problem with Devo."

"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design."

"There's always room to reduce the learning curve over how to deal with events and machine data. They could make the machine data simpler."

"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."

More Devo cons

"The only issue I have with McAfee is the amount of computer resources that it takes... it's definitely impacting some of the other applications that are running on a computer at the same time."

"The only drawback is that they don't have any packet capturing or network behavior analysis."

"Update to user interface from version 9 is cosmetic in some aspects, and after a few clicks you are back on the old interface."

"The product's stability is an area of concern where improvements are required."

"It is more difficult to operate Trellix ESM than other solutions."

"The solution needs to improve case management. The UI is confusing."

"The product’s alert response feature needs improvement. It could be more flexible and secure."

"Product-wise, adding accounts on a single data source by batch would be a really great help."

More Trellix ESM cons

Pricing and Cost Advice

"Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."

"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."

"It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less."

"Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."

"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."

"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."

"Our licensing fees are billed annually and per terabyte."

"I rate the pricing a four on a scale of one to ten, where one is cheap, and ten is expensive."

More Devo pricing and cost advice

"McAfee is the right choice for a low-budget solution."

"When compared to IBM Security QRadar and other similar platforms, the pricing of McAfee ESM is reasonable and comparatively less expensive."

"The pricing is fair."

"The price of McAfee ESM is higher than some of the other solutions. There are additional features that can be added at an additional fee."

"We renew our license annually."

"The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."

"The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."

"The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."

More Trellix ESM pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

850,236 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Financial Services Firm

18%

Computer Software Company

15%

Government

University

Educational Organization

70%

Financial Services Firm

Computer Software Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Devo?

Devo has a really good website for creating custom configurations.

See all answers

What is your experience regarding pricing and costs for Devo?

Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.

See all answers

What needs improvement with Devo?

They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...

See all answers

What do you like most about McAfee ESM?

The solution's technical support is great.

See all answers

What is your experience regarding pricing and costs for McAfee ESM?

Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar.

See all answers

What needs improvement with McAfee ESM?

The product is mature and needs little improvement, but we could enhance the customized dashboarding based on use cases.

See all answers

Comparisons

IBM Security QRadar vs Devo

Compared 17% of the time

Splunk Enterprise Security vs Devo

Compared 17% of the time

Microsoft Sentinel vs Devo

Compared 16% of the time

LogRhythm SIEM vs Devo

Compared 6% of the time

Wazuh vs Devo

Compared 6% of the time

More Devo Competitors

ArcSight Enterprise Security Manager (ESM) vs Trellix ESM

Compared 26% of the time

Splunk Enterprise Security vs Trellix ESM

Compared 17% of the time

LogRhythm SIEM vs Trellix ESM

Compared 16% of the time

IBM Security QRadar vs Trellix ESM

Compared 11% of the time

Fortinet FortiSIEM vs Trellix ESM

Compared 11% of the time

More Trellix ESM Competitors

Product Reports

Buyer's Guide

Devo

May 2025

Download Devo product report

Buyer's Guide

Trellix ESM

April 2025

Download Trellix ESM product report

Also Known As

No data available

McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager

Overview

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Devo

Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

Trellix

Sample Customers

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel

San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport

Buyer's Guide

Devo vs. Trellix ESM

April 2025

Free Report: Devo vs. Trellix ESM

Find out what your peers are saying about Devo vs. Trellix ESM and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,236 professionals have used our research since 2012.

See our Devo vs. Trellix ESM report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.