We performed a comparison between Devo and ExtraHop Reveal(x) for IT Operations based on real PeerSpot user reviews.
Find out in this report how the two IT Operations Analytics solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Devo has a really good website for creating custom configurations."
"It's very, very versatile."
"The most useful feature for us, because of some of the issues we had previously, was the simplicity of log integrations. It's much easier with this platform to integrate log sources that might not have standard logging and things like that."
"The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."
"Being able to build and modify dashboards on the fly with Activeboards streamlines my analyst time because my analysts aren't doing it across spreadsheets or five different tools to try to build a timeline out themselves. They can just ingest it all, build a timeline out across all the logging, and all the different information sources in one dashboard. So, it's a huge time saver. It also has the accuracy of being able to look at all those data sources in one view. The log analysis, which would take 40 hours, we can probably get through it in about five to eight hours using Devo."
"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way."
"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events."
"The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us."
"Not only can you look at the protocol import level. It also has a live PCAP analysis."
"This solution is more applications reference architecture focused. Its benefit is that it specializes in that space."
"There are many valuable features in this product, but probably the biggest is the customization capability it has."
"The most valuable feature is the way it handles data, from Layer 2 up to Layer 7. We can see everything that happens in the network."
"The most valuable features are security detections, perimeter detection, dashboards, and alerts."
"Wire data analytics."
"There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space."
"There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts."
"From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments."
"Their documentation could be better. They are growing quickly and need to have someone focused on tech writing to ensure that all the different updates, how to use them, and all the new features and functionality are properly documented."
"Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better."
"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."
"I would like to have the ability to create more complex dashboards."
"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate."
"We'd like to see a local presence within the region in order to have seamless service whether it's the support, the implementation, or professional services."
"This solution would be improved if it had the ability to retain data longer."
"I would improve the Rule-Based Access Control (RBAC) by providing granular access control to the data."
"Network visibility is something that needs to be improved."
"They have a new solution, ExtraHop Reveal(x), and I think it needs improvement."
"They either have to go broad or decide what their bread and butter is and get really good at that."
More ExtraHop Reveal(x) for IT Operations Pricing and Cost Advice →
Devo is ranked 3rd in IT Operations Analytics with 21 reviews while ExtraHop Reveal(x) for IT Operations is ranked 7th in IT Operations Analytics with 8 reviews. Devo is rated 8.4, while ExtraHop Reveal(x) for IT Operations is rated 8.6. The top reviewer of Devo writes "Keeps 400 days of hot data, covers our cloud products, and has a high ingestion rate and super easy log integrations". On the other hand, the top reviewer of ExtraHop Reveal(x) for IT Operations writes "Great for identifying application interdependencies with helpful support but needs better visualizations". Devo is most compared with Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar, Wazuh and LogRhythm SIEM, whereas ExtraHop Reveal(x) for IT Operations is most compared with vRealize Network Insight, NETSCOUT nGeniusONE, ThousandEyes, SolarWinds NPM and Dynatrace. See our Devo vs. ExtraHop Reveal(x) for IT Operations report.
See our list of best IT Operations Analytics vendors.
We monitor all IT Operations Analytics reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.