Coming October 25: PeerSpot Awards will be announced! Learn more

Seceon Open Threat Management Platform vs Splunk comparison

Cancel
You must select at least 2 products to compare!
Devo Logo
Read 15 Devo reviews
14,037 views|5,387 comparisons
Splunk Logo
83,583 views|68,944 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Seceon Open Threat Management Platform and Splunk based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Seceon Open Threat Management Platform vs. Splunk report (Updated: August 2022).
635,987 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them.""Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit.""The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way.""The strength of Devo is not only in that it is pretty intuitive, but it gives you the flexibility and creativity to merge feeds. The prime examples would be using the synthesis or union tables that give you phenomenal capabilities... The ability to use a synthesis or union table to combine all those feeds and make heads or tails of what's going on, and link it to go down a thread, is functionality that I hadn't seen before.""The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us.""The real-time analytics of security-related data are super. There are a lot of data feeds going into it and it's very quick at pulling up and correlating the data and showing you what's going on in your infrastructure. It's fast. The way that their architecture and technology works, they've really focused on the speed of query results and making sure that we can do what we need to do quickly. Devo is pulling back information in a fast fashion, based on real-time events.""The most powerful feature is the way the data is stored and extracted. The data is always stored in its original format and you can normalize the data after it has been stored.""The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."

More Devo Pros →

"The most valuable features are behaviour analytics, threat intelligence, endpoint detection, and response features.""The solution is stable.""The main thing is the value proposition. It is one of the most sophisticated yet affordable solutions that I've come across. It is also one of the easiest-to-manage yet comprehensive solutions for a SOC analyst. Its customizations are really good, and it has a lot of integrations. It is multi-tenant and very fast to onboard. Its stability is 100%. We've never had an outage with it. It doesn't require extensive hardware resources. Its level of support is also very good. They have a very responsive technical team."

More Seceon Open Threat Management Platform Pros →

"It is the best tool if you have a complex environment or if data ingestion is too huge.""The most valuable features in Splunk are the search function and the ability to run selected session reports. The session reports are important because I can use them to see what is going on in our environment weekly. Additionally, we can use the graph to see how often that particular event is happening.""The initial setup isn't overly complex.""The level of robustness on offer is very good.""It allows us to digest the information, the data, the different data streams, so we can make decisions based upon information that we receive, and it is pretty robust.""The log aggregation is great.""The most valuable feature of Splunk is the management and built-in workflows.""The solution has proven to be quite stable."

More Splunk Pros →

Cons
"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate.""An admin who is trying to audit user activity usually cannot go beyond a day in the UI. I would like to have access to pages and pages of that data, going back as far as the storage we have, so I could look at every command or search or deletion or anything that a user has run. As an admin, that would really help. Going back just a day in the UI is not going to help, and that means I have to find a different way to do that.""There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts.""Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design.""The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets.""Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution.""There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space.""Devo has a lot of cloud connectors, but they need to do a little bit of work there. They've got good integrations with the public cloud, but there are a lot of cloud SaaS systems that they still need to work with on integrations, such as Salesforce and other SaaS providers where we need to get access logs."

More Devo Cons →

"It would be ideal with the processing was more manageable. Not many customers are willing to have a dedicated server with two CPUs and one TB of memory. The cost of this is huge for a smaller organization.""It is a standalone solution now. They need to make it into a cloud-based subscription model. It needs more compatibility for co-managed solutions. It can also have more threats and deeper integration with Microsoft.""The product could be improved by including sandboxing capabilities in the next release."

More Seceon Open Threat Management Platform Cons →

"It would be nice if they had a wizard to construct searches, including more complex searches that include math or statistics.""Its search or filtering capability is nice, but it can be improved. It is currently a bit complicated, and it should be simplified. If we can write the search filter in a more simplified way, it would be better.""You do need a lot of training and certification with this product.""I would like to see more SIEM functionality and a better ticket tool.""Being a SIEM solution with a centralized dashboard, we would like to have more options to customize it.""I would like Splunk to add more integration. QRadar has many indications with more products than Splunk.""The solution could improve by giving more email details.""An area of improvement would be the licensing of the solution. They need a free license, which would allow faster lead times."

More Splunk Cons →

Pricing and Cost Advice
  • "I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."
  • "Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."
  • "[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."
  • "Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
  • "Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
  • "Our licensing fees are billed annually and per terabyte."
  • "I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
  • "Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."
  • More Devo Pricing and Cost Advice →

  • "It has a per-asset model instead of an ingestion-based model, which gives predictable pricing. In terms of price, it is in the middle to lower range of SIEMs that it competes against. It is the most affordable solution that we have implemented so far. It was much more affordable than anything else I've implemented."
  • More Seceon Open Threat Management Platform Pricing and Cost Advice →

  • "I think that most of the monitoring solutions are expensive."
  • "I think that most of the log analytics solutions are expensive and I'm not sure if it's worth it."
  • "Our customers often complain that the price of Splunk is too high."
  • "Licensing is a yearly, one-time cost."
  • "The price is comparable."
  • "The pricing model is expensive and a nightmare based on the amount of data."
  • "The solution is a little expensive."
  • "It is economical than other solutions."
  • More Splunk Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    635,987 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Devo, like other vendors, doesn't charge extra for playbooks and automation. That way, you are only paying for the side… more »
    Top Answer:I need more empowerment in reporting. For example, when I'm using Qlik or Power BI in terms of reporting for the… more »
    Top Answer:The main thing is the value proposition. It is one of the most sophisticated yet affordable solutions that I've come… more »
    Top Answer:It has a per-asset model instead of an ingestion-based model, which gives predictable pricing. In terms of price, it is… more »
    Top Answer:It is a standalone solution now. They need to make it into a cloud-based subscription model. It needs more compatibility… more »
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR)… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring… more »
    Comparisons
    Also Known As
    Seceon OTM, Seceon aiSIEM, aiSIEM, Seceon Open Threat Management
    Splunk Enterprise Security
    Learn More
    Overview

    Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

    Seceon Open Threat Management Platform enables organizations to see cyber threats quickly and clearly, and to stop them as they happen, preventing the infliction of extensive corporate damage. The platform was built to use elastic compute power to develop the industry’s first and only fully automated threat detection and remediation system. It detects all forms of threats as they happen, and automatically stops them in minutes. Anticipating attackers’ behavior choices, Seceon’s environment-agnostic solution identifies both known and unknown threats in real-time, preventing risk, damage or loss of valuable information. Seceon can save companies tens of millions spent annually addressing data loss while dramatically reducing the number of cybersecurity tools required.

    Splunk software has been around since 2006 and the company has since grown to become an industry leader. Splunk's vision is to make machine data accessible, usable and valuable to everybody. The company offers a wide range of products to turn machine data into valuable information by monitoring and analyzing all activities. This is known as Operational Intelligence and is the unique value proposition of Splunk.

    Splunk is well-known for its Log Management capabilities and also for its Security Information and Event Management (SIEM) solutions.

    Offer
    See Devo in Action

    See how Devo allows you to free yourself from data management, and make machine data and insights accessible.

    Learn more about Seceon Open Threat Management Platform
    Learn more about Splunk
    Sample Customers
    United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
    Caduceus, SUNY
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Top Industries
    REVIEWERS
    Computer Software Company63%
    Comms Service Provider13%
    Retailer13%
    Insurance Company13%
    VISITORS READING REVIEWS
    Computer Software Company22%
    Comms Service Provider14%
    Financial Services Firm9%
    Government9%
    VISITORS READING REVIEWS
    Computer Software Company33%
    Comms Service Provider21%
    Construction Company8%
    Energy/Utilities Company8%
    REVIEWERS
    Financial Services Firm19%
    Energy/Utilities Company10%
    Computer Software Company10%
    Government7%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm14%
    Comms Service Provider13%
    Government8%
    Company Size
    REVIEWERS
    Small Business24%
    Midsize Enterprise18%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise16%
    Large Enterprise62%
    VISITORS READING REVIEWS
    Small Business43%
    Midsize Enterprise13%
    Large Enterprise44%
    REVIEWERS
    Small Business32%
    Midsize Enterprise14%
    Large Enterprise54%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise14%
    Large Enterprise68%
    Buyer's Guide
    Seceon Open Threat Management Platform vs. Splunk
    August 2022
    Find out what your peers are saying about Seceon Open Threat Management Platform vs. Splunk and other solutions. Updated: August 2022.
    635,987 professionals have used our research since 2012.

    Seceon Open Threat Management Platform is ranked 23rd in Security Information and Event Management (SIEM) with 3 reviews while Splunk is ranked 1st in Security Information and Event Management (SIEM) with 69 reviews. Seceon Open Threat Management Platform is rated 8.6, while Splunk is rated 8.2. The top reviewer of Seceon Open Threat Management Platform writes "Very fast, easy to set up, and makes rule creation simple". On the other hand, the top reviewer of Splunk writes "Very versatile for many use cases". Seceon Open Threat Management Platform is most compared with Microsoft Sentinel, Elastic Security, LogRhythm NextGen SIEM, Fortinet FortiSIEM and IBM QRadar, whereas Splunk is most compared with Microsoft Sentinel, Elastic Security, Dynatrace, Azure Monitor and LogRhythm NextGen SIEM. See our Seceon Open Threat Management Platform vs. Splunk report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.