Try our new research platform with insights from 80,000+ expert users

Devo vs USM Anywhere comparison

Devo and LevelBlue are both solutions in the Security Information and Event Management (SIEM) category. Devo is ranked #36, while LevelBlue is ranked #31 with an average rating of 7.3. Devo holds a 1.1% mindshare in SIEM, compared to LevelBlue’s 1.0% mindshare. Additionally, 95% of Devo users are willing to recommend the solution, compared to 92% of LevelBlue users who would recommend it.
Devo
Read 22 Devo reviews
  • 2,625 Views
  • 1,811 Comparison Views
95% willing to recommend
USM Anywhere
Read 115 USM Anywhere reviews
  • 2,455 Views
  • 1,719 Comparison Views
92% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

USM Anywhere and Devo are significant players in the cybersecurity space. User reviews indicate USM Anywhere is preferred for its simpler deployment and stronger customer service, while Devo stands out with its robust feature set.

Features: USM Anywhere is appreciated for its extensive threat detection capabilities, intuitive centralized management, and straightforward deployment. Devo has advanced analytics, scalability, and comprehensive event management.

Room for Improvement: USM Anywhere users suggest improving its data integration capabilities and the performance of certain modules. Devo users wish for a more streamlined user experience and better documentation.

Ease of Deployment and Customer Service: USM Anywhere is praised for its straightforward deployment process and responsive support team. Devo, although requiring more configuration, offers comprehensive deployment flexibility. Users find USM Anywhere's customer service more reliable and accessible compared to Devo.

Pricing and ROI: USM Anywhere offers competitive pricing, making it appealing for small to medium-sized enterprises. Devo's higher pricing is justified by its expansive feature set and better scalability. Users report a favorable ROI for both, but Devo's extensive capabilities provide more significant long-term value.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Devo vs. USM Anywhere Report (Updated: September 2025).
Buyer's Guide
Devo vs. USM Anywhere
September 2025
Download the complete report
Helped 867,676 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Devo
Ranking in Log Management
44th
Ranking in Security Information and Event Management (SIEM)
36th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
22
Ranking in other categories
IT Operations Analytics (10th), AIOps (19th)
USM Anywhere
Ranking in Log Management
42nd
Ranking in Security Information and Event Management (SIEM)
31st
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
115
Ranking in other categories
Endpoint Detection and Response (EDR) (52nd), Compliance Management (14th)
 

Mindshare comparison

As of September 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Devo is 1.1%, up from 0.9% compared to the previous year. The mindshare of USM Anywhere is 1.0%, down from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Market Share Distribution
ProductMarket Share (%)
USM Anywhere1.0%
Devo1.1%
Other97.9%
Security Information and Event Management (SIEM)
 

Featured Reviews

Michael Wenn - PeerSpot reviewer
Has cloud-first architecture with SIEM technology to run security operations
When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.
Read full review
Kris Nawani - PeerSpot reviewer
Offers complete coverage without the need to install additional software
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools The solution offers complete coverage without the need to install additional software, as it is maintained by the vendor. It helps in saving…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."
"The most valuable feature is that it has native MSSP capabilities and maintains perfect data separation. It does all of that in a very easy-to-manage cloud-based solution."
"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events."
"The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."
"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."
"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."
"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."
"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way."
More Devo pros
"The vulnerability scanning is helpful to identify the areas that need patching or fixes installed."
"The most valuable feature of this solution is security management for PCI DSS."
"The other big selling feature for us was its integration capabilities with all the other security-based products."
"The asset management functionality (active and passive scans) is also really important. You can't protect what you do not know about, so having an inventory of all your devices and software is critical to a security management program."
"Having everything in a central place has been helpful."
"The setup is very easy and straightforward."
"Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs."
"Asset discovery seems to be good."
More USM Anywhere pros
 

Cons

"The price is one problem with Devo."
"Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data."
"I would like to have the ability to create more complex dashboards."
"We only use the core functionality and one of the reasons for this is that their security operation center needs improvement."
"Their documentation could be better. They are growing quickly and need to have someone focused on tech writing to ensure that all the different updates, how to use them, and all the new features and functionality are properly documented."
"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate."
"An admin who is trying to audit user activity usually cannot go beyond a day in the UI. I would like to have access to pages and pages of that data, going back as far as the storage we have, so I could look at every command or search or deletion or anything that a user has run. As an admin, that would really help. Going back just a day in the UI is not going to help, and that means I have to find a different way to do that."
"There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space."
More Devo cons
"The solution is a bit complicated. It could be simplified quite a bit."
"It was easy on PoC, but when we got to the product it was different story. We had to learn the product again and got feeling that the PoC was a different product."
"It would be nice to see some machine learning and monitoring of the configuration in network devices."
"they seem to have bugs from time to time that go unfixed for a while and that is frustrating. I'm not saying the product needs to be bug-free, but they need to be responsive to bugs."
"Support can be slow at times, but the quality is high. Posted knowledge base articles could use improvement."
"We've had some stability problems, not a lot, but a few. Updates seem to be the worst. That seems to be when the stability problems come up."
"I want to see more compliance management capability. The quality of integrations seems to be a little bit low."
"Plugins could be better utilized, as some of them do not recognize all logs."
More USM Anywhere cons
 

Pricing and Cost Advice

"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
"Our licensing fees are billed annually and per terabyte."
"[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."
"Devo is a hosted or subscription-based solution, whereas before, we purchased QRadar, so we owned it and just had to pay a maintenance fee. We've encountered this with some other products, too, where we went over to subscription-based. Our thought process is that with subscription based, the provider hosts and maintains the tool, and it's offsite. That comes with some additional fees, but we were able to convince our upper management it was worth the price. We used to pay under 10k a year for maintenance, and now we're paying ten times that. It was a relatively tough sell to our management, but I wonder if we have a choice anymore; this is where the market is."
"I rate the pricing a four on a scale of one to ten, where one is cheap, and ten is expensive."
"The way Devo prices things is based on the amount of data, and I wish the tiers had more granularity. Maybe at this point they do, but when we first negotiated with them, there were only three or four tiers."
"I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."
More Devo pricing and cost advice
"They are a little more expensive than Microsoft."
"I rate the price of AT&T AlienVault USM a four out of five."
"The price of this solution is reasonable, which is one of the reasons why we selected it over other solutions."
"It has good pricing."
"Negotiate the best package for your environment."
"Its price is in the medium to upper range."
"It is affordable, and it also has many features that the premium products such as ArcSight and QRadar have. It is a very good platform for a SIEM solution. Everything is included in the price."
"The licensing fees are dependent on usage."
More USM Anywhere pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
867,676 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Computer Software Company
12%
University
9%
Manufacturing Company
6%
Computer Software Company
18%
Comms Service Provider
10%
Financial Services Firm
7%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise4
Large Enterprise11
By reviewers
Company SizeCount
Small Business64
Midsize Enterprise29
Large Enterprise25
 

Questions from the Community

What do you like most about Devo?
Devo has a really good website for creating custom configurations.
See all answers
What is your experience regarding pricing and costs for Devo?
Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.
See all answers
What needs improvement with Devo?
They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...
See all answers
What do you like most about AT&T AlienVault USM?
The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
See all answers
What is your experience regarding pricing and costs for AT&T AlienVault USM?
The pricing is amazing and really cheap.
See all answers
What needs improvement with AT&T AlienVault USM?
There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.
See all answers
 

Comparisons

LogRhythm SIEM vs Devo Logo
LogRhythm SIEM vs Devo
Compared 15% of the time
Microsoft Sentinel vs Devo Logo
Microsoft Sentinel vs Devo
Compared 13% of the time
IBM Security QRadar vs Devo Logo
IBM Security QRadar vs Devo
Compared 11% of the time
Splunk Enterprise Security vs Devo Logo
Splunk Enterprise Security vs Devo
Compared 10% of the time
Datadog vs Devo Logo
Datadog vs Devo
Compared 6% of the time
More Devo Competitors
AlienVault OSSIM vs USM Anywhere Logo
AlienVault OSSIM vs USM Anywhere
Compared 22% of the time
LogRhythm SIEM vs USM Anywhere Logo
LogRhythm SIEM vs USM Anywhere
Compared 13% of the time
Splunk Enterprise Security vs USM Anywhere Logo
Splunk Enterprise Security vs USM Anywhere
Compared 9% of the time
Rapid7 InsightIDR vs USM Anywhere Logo
Rapid7 InsightIDR vs USM Anywhere
Compared 7% of the time
IBM Security QRadar vs USM Anywhere Logo
IBM Security QRadar vs USM Anywhere
Compared 7% of the time
More USM Anywhere Competitors
 

Product Reports

Buyer's Guide
Devo
September 2025
Devo reportDownload Devo product report
Buyer's Guide
USM Anywhere
August 2025
USM Anywhere reportDownload USM Anywhere product report
 

Also Known As

No data available
AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
 

Overview

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Devo

USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

Discover

  • Network asset discovery
  • Software & services discovery
  • AWS asset discovery
  • Azure asset discovery
  • Google Cloud Platform asset discovery

Analyze

  • SIEM event correlation, auto-prioritized alarms
  • User activity monitoring
  • Up to 90-days of online, searchable events

Detect

  • Cloud intrusion detection (AWS, Azure, GCP)
  • Network intrusion detection (NIDS)
  • Host intrusion detection (HIDS)
  • Endpoint Detection and Response (EDR)

Respond

  • Forensics querying
  • Automate & orchestrate response
  • Notifications and ticketing

Assess

  • Vulnerability scanning
  • Cloud infrastructure assessment
  • User & asset configuration
  • Dark web monitoring

Report

  • Pre-built compliance reporting templates
  • Pre-built event reporting templates
  • Customizable views and dashboards
  • Log storage
LevelBlue
 

Sample Customers

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
Buyer's Guide
Devo vs. USM Anywhere
September 2025
Free Report: Devo vs. USM Anywhere
Find out what your peers are saying about Devo vs. USM Anywhere and other solutions. Updated: September 2025.
DOWNLOAD NOW
867,676 professionals have used our research since 2012.
See our Devo vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors and best Log Management vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.