Devo Previous Solutions

JB
Security Engineer at Kforce

We used McAfee Nitro. We switched because the technology was very slow and outdated. It wasn't keeping up with the times. Keeping the 365 days of hot data was getting extremely expensive and cumbersome because of the number of disk resources we had to throw at it. The support and updates to the platform were manual because it was an on-prem solution. So, anytime we had to do a major rollout of a SIEM upgrade, it took hours, and it was always problematic, whereas, with a SaaS solution, it's just done in the backend for us.

Implementing Devo has helped reduce blind spots versus our previous SIEM solution especially when it comes to cloud products. McAfee Nitro SIEM had pretty much zero cloud connectivity. We're pretty heavy with Azure and M365 stack, and they had no connectors to get any of those logs into our SIEM. So, we were completely blind to our cloud products.

The biggest impact is that we're able to proactively recognize issues that we're having in those cloud environments. Previously, they were either discovered by somebody accidentally, or an issue arose or an incident happened and we had no alerting around it. We had to triage afterward, whereas now, we have alerting. So, we get those alerts ahead of time.

View full review »
SM
Product Director at a insurance company with 10,001+ employees

We were looking to replace our previous solution. We were using ArcSight as our SIEM and ELK for our operational monitoring. We needed something more modern and that could fulfill the roadmap we have. We were also very interested in all the machine learning and AI-type use cases, as forward-facing capabilities to implement. In our assessment of possible products, we were impressed by the features of AI/ML and because the data is available for almost a year. With Devo, we integrated both operational and SIEM functions into one tool.

It took us a long time to build and deploy some of the features we needed in the previous framework that we had. Also, having different tools was leading to data duplication in two different platforms, because sometimes the security data is operational data and vice versa. The new features that we needed were not available in the SIEM and they didn't have a proper plan to get us there. The roadmap that ArcSight had was not consistent with where we wanted to go.

View full review »
EM
Cyber Security Engineer at H&R Block, Inc.

Prior to Devo, we used the LogRhythm SIEM.

We switched mainly because of the ability to ingest more data. In certain instances, we had to say no to onboarding certain log sources because of the amount of value it offered, the cost-benefit didn't weigh out. LogRhythm put the point where if you added too much data, if you had too much volume being ingested, it would start breaking. It would start complaining and things would just go bad. The amount of downtime we had with LogRhythm was really the main metric driver to get us to transition to Devo. Then what really appealed to us about Devo versus other SIEMs was their "give us all your data" model. That was something we were really struggling with and that was something that we really wanted from a SIEM. We wanted to correlate between as many data sources as possible. They offered us that capability that LogRhythm really did not. 

View full review »
Buyer's Guide
Devo
March 2024
Learn what your peers think about Devo. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
JM
SVP of Managed Security at CRITICALSTART

While we continue to use Splunk as a vendor for the SIEM services that we provide, we have also added Devo as an additional vendor to provide services to customers. We have found similar experiences at both vendors from a support perspective. Although professional services skill level and availability might be better at Devo, the overall experience for onboarding and implementing a customer is still very challenging with both.

View full review »
GM
CEO at Analytica 42

We work and support other SIEM and log management solutions for our customers who use Elastic, Sumo Logic, Splunk, and more.

View full review »
TS
IT Risk Manager at a recreational facilities/services company with 501-1,000 employees

We previously used IBM QRadar, and we switched because it was antiquated. We had difficulty ingesting logs from cloud solutions, which is the direction our organization is moving in. We have several cloud solutions now versus two or three years ago, so the migration to Devo from QRadar was very timely for us in that regard.

QRadar's interface was pretty antiquated. They have updated it now, but we weren't satisfied with it at the time. We also had some support-related issues around updating the solution as it was on-prem. We were coming to a point where we had to update the hardware and software, so it was a good time for us to look for another product.

View full review »
JH
Director at a computer software company with 1,001-5,000 employees

We were using Splunk but we're phasing it out due to cost.

Our old Splunk rep went to Devo and he gave me a shout and asked me if I was looking to make a change, because he knew of some of the problems that we were having. That's how we got hooked up with Devo. It needed to have a Splunk-like feel, because I didn't want to have a long road or a huge cultural transformation and shock for our engineering teams and our security teams that use Splunk today. 

We liked the PoC. Everything it did was super-simple to use and was very cost-effective. That's really why we went down this path.

Once we got through the PoC and once we got people to take a look at it and give us a thumbs-up on what they'd seen, we moved ahead. From a price standpoint, it made a lot of sense and it does everything we needed to do, as far as we can tell.

View full review »
JG
Manager of Security Services at OpenText

I've used a ton of other solutions: ELK Stack, Kibana, and Splunk. The cost of Devo, as it relates to Splunk, is significantly less with higher value. Its capabilities of ingesting so many different types of structured and unstructured data beats out the other tools that I've used. The pre-built parsers also beat out what we've used. Overall, it's far more advanced and user-friendly than the other competitive log analysis and SIEM tools. I've used these tools at OpenText and in different roles as well.

We're on the professional services side. This isn't OpenText IT services. This is us providing service to customers who are doing investigations. As investigators, we use whatever tool is out there that's best-of-breed. We came across Devo, then PoC'd and liked it. That's why we brought it into the toolbox.

View full review »
KG
Director of World Wide Security Services at Open Text

This is the first solution of this type that we implemented.

At other companies, where my teams have come from, it has been very challenging to do the same tasks that we're able to do inside of Devo with other platforms. This is either because they have to index everything, whereas Devo doesn't, or because they don't have a true multi-tenancy. Perhaps they have to bounce between different systems, or because they don't have certain capabilities when it gets above 10 terabytes of data. For instance, at that point, it becomes very problematic to run searches because they'll fail or they'll time out.

The products that my teams were familiar with were Splunk, Sumo Logic, and LogRhythm. 

View full review »
PK
Director of Security Architecture & Engineering at a computer software company with 51-200 employees

We used McAfee ESM on-prem. We switched because it  

  • was getting old and not evolving
  • was not cloud-based or cloud-centric
  • had limited correlation engine capabilities compared to Devo
  • was hard to segment customer data
  • required us to host all the hardware in-house.

The list goes on and on and on.

The switch to Devo helped reduce blind spots and had a very good effect on our ability to protect our organization.  With the limitations removed on how data is inserted and extracted, we were able to alert on things we were never able to alert on before.

View full review »
JC
Security Operations Center (SOC) Director at a tech company with 51-200 employees

Our previous solution just wasn't as robust in both processing power and the ability to analyze data.

View full review »
PP
Director of Security at a tech company with 501-1,000 employees

Devo is the first SIEM for us. We didn't have anything before this. We're growing as an organization, and SIEM in general, and Devo in particular, let us scale up our capabilities without having to scale up our manpower.

View full review »
CB
CISO at a computer software company with 501-1,000 employees

Prior to using Devo, we were using QRadar. We switched because when we looked at the data we wanted to throw at QRadar, it was going to fall over and blow up. The amount of money IBM wanted for that amount of data was absurd. It's a legacy system that operates and scales in a legacy way. It just can't really handle what we planned to throw at it, as we ramp up towards IPO, in our infrastructure.

View full review »
LV
Digital Security VP at a tech services company with 201-500 employees

Prior to Devo, we were using QRadar and Elastic. We switched because Devo is more powerful and the scalability is better.

With respect to analyst threat hunting and incident response, you can create a lot of complex dashboards and consequently, it is easier to perform a deep dive. It is really aligned with Splunk in terms of capabilities and usability.  Our analysis had data from different solutions to work with and they preferred to use what was coming from Devo.

View full review »
MV
Security Analyst at a comms service provider with 10,001+ employees

We used Splunk prior to Devo. We switched because we were not happy with Splunk. We felt that the platform wasn't built properly and the support was very problematic and expensive. We had an RFQ process, a tender, and Splunk was in the game since it was our current platform. But we were just not happy with them even during the tender. So we decided that we were going to change.

The differences between Splunk and Devo are performance, ease of use, the functionality, and the approach of the company. The latter includes how they do support and development. Devo, overall, is a better solution for us.

View full review »
JS
CEO at a tech vendor with 1,001-5,000 employees

We implemented Devo into our platform from scratch. McAfee and other solutions don't have this offering yet. This was a new thing in 2014 when we implemented it.

View full review »
Buyer's Guide
Devo
March 2024
Learn what your peers think about Devo. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.