Devo vs OpenText Enterprise Security Manager comparison

Devo and OpenText are both solutions in the Security Information and Event Management (SIEM) category. Devo is ranked #25 with an average rating of 8.5, while OpenText is ranked #21 with an average rating of 7.0. Devo holds a 1.1% mindshare in SIEM, compared to OpenText’s 1.2% mindshare. Additionally, 95% of Devo users are willing to recommend the solution, compared to 88% of OpenText users who would recommend it.

Devo

Read 22 Devo reviews

2,811 Views
1,911 Comparison Views

95% willing to recommend

OpenText Enterprise Securit...

Read 97 OpenText Enterprise Security Manager reviews

2,528 Views
2,376 Comparison Views

88% willing to recommend

Devo

OpenText Enterprise Securit...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jun 19, 2025

OpenText Enterprise Security Manager and Devo compete in the enterprise security and information management space, with Devo seemingly having the upper hand due to its real-time analytics and cloud-native architecture.

Features: OpenText Enterprise Security Manager emphasizes scalability and integration capabilities, offering customizable complex correlations and supporting a wide range of devices. Devo provides strong real-time analytics, extensive data retention, and an intuitive query-building process, enhanced by its seamless cloud-native architecture.

Room for Improvement: OpenText Enterprise Security Manager needs to simplify network modeling and enhance tech support, with users mentioning deployment complexities and Oracle DB performance issues. Devo requires improvements in data ingestion and integration with diverse log sources, alongside more robust reporting capabilities.

Ease of Deployment and Customer Service: OpenText Enterprise Security Manager mainly operates on-premises, requiring expert deployment efforts and has mixed reviews on customer support. Devo offers flexible deployment options with good overall customer service but faces some challenges in technical support for its SecOps module.

Pricing and ROI: OpenText Enterprise Security Manager is often seen as expensive with a complex licensing model, yet users acknowledge its value. Devo’s pricing, based on ingestion volume, is perceived as straightforward, though recent changes have raised concerns about hidden costs. Despite this, Devo's features strengthen its cost justification compared to competitors, delivering satisfactory ROI.

To learn more, read our detailed Devo vs. OpenText Enterprise Security Manager Report (Updated: July 2025).

Buyer's Guide

Devo vs. OpenText Enterprise Security Manager

July 2025

Download the complete report

Helped 861,524 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Devo

Ranking in Security Information and Event Management (SIEM)

25th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Log Management (26th), IT Operations Analytics (8th), AIOps (18th)

OpenText Enterprise Securit...

Ranking in Security Information and Event Management (SIEM)

21st

Average Rating

7.8

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of July 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Devo is 1.1%, up from 1.0% compared to the previous year. The mindshare of OpenText Enterprise Security Manager is 1.2%, down from 1.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Michael Wenn

CEO / Co-Founder at Aiops ltd

Has cloud-first architecture with SIEM technology to run security operations

When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.

Read full review

Gaurav Ranade

CTO at Rah Infotech Pvt Ltd

Excels at performing regression and correlation on the data

ArcSight is a legacy technology, and many customers want AI-powered technologies integrated with it. That hasn't been done yet, but ArcSight needs to catch up with the newer solutions and technologies available in the market. It can't just rely on the legacy technology from 2010 or 2012. You can't run that in 2024. It's a legacy technology with its own limitations. Customers often face issues that other software or newer solutions can resolve easily. That's the main challenge we face from customers right now. So, the only concerns are that AI needs to be integrated and scalability improved. Those are the main areas to be improved.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us."

"The most valuable feature is that it has native MSSP capabilities and maintains perfect data separation. It does all of that in a very easy-to-manage cloud-based solution."

"The most powerful feature is the way the data is stored and extracted. The data is always stored in its original format and you can normalize the data after it has been stored."

"Even if it's a relatively technical tool or platform, it's very intuitive and graphical. It's very appealing in terms of the user interface. The UI has a graphically interface with the raw data in a table. The table can be as big as you want it, depending on your use case. You can easily get a report combining your data, along with calculations and graphical dashboards. You don't need a lot of training, because the UI is relatively very intuitive."

"The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."

"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."

"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."

"The real-time analytics of security-related data are super. There are a lot of data feeds going into it and it's very quick at pulling up and correlating the data and showing you what's going on in your infrastructure. It's fast. The way that their architecture and technology works, they've really focused on the speed of query results and making sure that we can do what we need to do quickly. Devo is pulling back information in a fast fashion, based on real-time events."

More Devo pros

"I really like the correlation part and the way the logs are correlated. I have never faced issues with parsing in this product. I like the way it parses, and everything is so clear to me."

"I would rate the ease of use for new users an eight out of ten, with ten being easy to use. It is a good tool."

"Customization. ArcSight gives you a platform to on-board out-of-the-box devices with a more accurate way of collecting desired logs/events."

"The solution has gone beyond signature-based monitoring and analysis and is AI-powered. It is good enough to cover the full range of cybersecurity services."

"The most valuable feature is the correlation of different logs that are collected."

"It is a very useful tool for intelligence building because it has many use cases and many rule sets."

"We do consulting and I get feedback from our clients that the product really helped them with compliance, especially with GDPR."

"When WannaCry attacks I can minimize the damage. My company had no protection at the time. We get alerts in ArcSight and then whenever a user got a copy of WannaCry and the WannaCry malware wants to connect to the mother ship, it alerts me in the ArcSight dashboard, and that helps us a lot. We then just go to the user and erase the malware."

More OpenText Enterprise Security Manager pros

Cons

"My opinion on the solution's technical support is not as great as it could be because of the issues I have faced regarding the service management element."

"Devo has a lot of cloud connectors, but they need to do a little bit of work there. They've got good integrations with the public cloud, but there are a lot of cloud SaaS systems that they still need to work with on integrations, such as Salesforce and other SaaS providers where we need to get access logs."

"There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space."

"Their documentation could be better. They are growing quickly and need to have someone focused on tech writing to ensure that all the different updates, how to use them, and all the new features and functionality are properly documented."

"Technical support could be better."

"There's always room to reduce the learning curve over how to deal with events and machine data. They could make the machine data simpler."

"The overall performance of extraction could be a lot faster, but that's a common problem in this space in general. Also, the stock or default alerting and detecting options could definitely be broader and more all-encompassing. The fact that they're not is why we had to write all our own alerts."

"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate."

More Devo cons

"ArcSight ESM is lacking cloud scalable technology."

"I am having issues with report generation with older versions. I don't know if this is because of compatibility issues, but report generation has been a little bit difficult in older versions. It is not similar to the newer and current versions. We are looking at moving to the cloud. It would be good if ArcSight ESM can move to the cloud. They already seem to be working on this. It would also be very helpful and great if we can integrate external threat intelligence, machine learning, and AI into this solution. It has good dashboards, but they can always be better. Its stability can also be improved."

"Deployment typology could be improved. Difficult to scale across all the different lines of businesses."

"The UI interface is somewhat complex and needs to be simplified."

"There could be more API features for extracting logs on different devices included in the product."

"The initial setup is very complex. We had to architect a deployment which allowed us to incorporate an ever growing number of customers into our hosted instance of ArcSight."

"When we need to consume old events, we have to wait for a long time. ArcSight should improve the database capability to reply to queries faster. It would also be interesting if they implemented network visibility. For example, they could add a feature like NetWitness with a model just for looking through the packets."

"What could be improved in ArcSight Enterprise Security Manager (ESM) is its analytics feature. That feature should be more powerful and have more correlation in terms of AI/ML, though MicroFocus has done a good job in adding analytics to ArcSight Enterprise Security Manager (ESM) which has become a big draw to customers. What I'd like to see in the next release of the solution is the addition of AI/ML features."

More OpenText Enterprise Security Manager cons

Pricing and Cost Advice

"[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."

"Our licensing fees are billed annually and per terabyte."

"The way Devo prices things is based on the amount of data, and I wish the tiers had more granularity. Maybe at this point they do, but when we first negotiated with them, there were only three or four tiers."

"We have an OEM agreement with Devo. It is very similar to the standard licensing agreement because we are charged in the same way as any other customer, e.g., we use the backroom."

"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."

"Devo is a hosted or subscription-based solution, whereas before, we purchased QRadar, so we owned it and just had to pay a maintenance fee. We've encountered this with some other products, too, where we went over to subscription-based. Our thought process is that with subscription based, the provider hosts and maintains the tool, and it's offsite. That comes with some additional fees, but we were able to convince our upper management it was worth the price. We used to pay under 10k a year for maintenance, and now we're paying ten times that. It was a relatively tough sell to our management, but I wonder if we have a choice anymore; this is where the market is."

"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."

"I rate the pricing a four on a scale of one to ten, where one is cheap, and ten is expensive."

More Devo pricing and cost advice

"ArcSight ESM is an affordable solution, it cost approximately $200,000 for three years. This price was at a substantial discount."

"Pricing is good, I'd rate the pricing a seven out of ten, with ten being low price. It's better than Splunk and IBM QRadar because their pricing is based on EPS."

"The solution is super expensive. At our organization size and license model, I think the price is average to what anyone else would charge us."

"The cost of the solution is not very high, although hiring a qualified analyst to work with the product is expensive."

"The pricing model is expensive compared to open-source alternatives."

"The pricing is great compared to others."

"The licensing cost is affordable if you get an enterprise license. The licensing is based on EPS, so you can probably provide a package of license for multiple ESMs with their correlational end fees. It is cost-effective."

"Aggregation can help a lot in pushing down licensing costs."

More OpenText Enterprise Security Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

861,524 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Jun 28, 2015

Qradar vs. ArcSight

Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…

Read full review

Top Industries

By visitors reading reviews

Financial Services Firm

18%

Computer Software Company

14%

University

Government

Financial Services Firm

19%

Computer Software Company

13%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Devo?

Devo has a really good website for creating custom configurations.

See all answers

What is your experience regarding pricing and costs for Devo?

Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.

See all answers

What needs improvement with Devo?

They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...

See all answers

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?

In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...

See all answers

What do you like most about ArcSight Enterprise Security Manager (ESM)?

We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.

See all answers

What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?

ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.

See all answers

Comparisons

IBM Security QRadar vs Devo

Compared 16% of the time

Microsoft Sentinel vs Devo

Compared 15% of the time

Splunk Enterprise Security vs Devo

Compared 14% of the time

LogRhythm SIEM vs Devo

Compared 6% of the time

Wazuh vs Devo

Compared 6% of the time

More Devo Competitors

Trellix ESM vs OpenText Enterprise Security Manager

Compared 23% of the time

Splunk Enterprise Security vs OpenText Enterprise Security Manager

Compared 14% of the time

Elastic Security vs OpenText Enterprise Security Manager

Compared 9% of the time

IBM Security QRadar vs OpenText Enterprise Security Manager

Compared 6% of the time

Google Chronicle Suite vs OpenText Enterprise Security Manager

Compared 6% of the time

More OpenText Enterprise Security Manager Competitors

Product Reports

Buyer's Guide

Devo

July 2025

Download Devo product report

Buyer's Guide

OpenText Enterprise Security Manager

June 2025

OpenText Enterprise Security Manager report

Download OpenText Enterprise Security Manager product report

Also Known As

No data available

Micro Focus ArcSight, HPE ArcSight, ArcSight

Overview

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Devo

OpenText Enterprise Security Manager enables real-time threat detection through scalable and adaptable solutions, integrating seamlessly with multiple platforms for complex security scenarios across different environments.

OpenText Enterprise Security Manager offers extensive security monitoring capabilities, combining log analysis and incident management to enhance cybersecurity and compliance. Its powerful event correlation engine provides real-time alerts for rapid incident response. Users benefit from customizable dashboards and comprehensive log collection, making it a significant tool in the SIEM market. Flexible deployment options cater to both on-premises and cloud environments, supporting enterprises in managing IT infrastructure and threat detection efficiently.

What are the key features of OpenText Enterprise Security Manager?

Event Correlation Engine: Real-time threat detection with advanced correlation capabilities.
Scalability: Adapts to enterprise-level demands and complex security needs.
Integration: Seamlessly integrates with multiple platforms and third-party tools.
Customizable Dashboards: Tailored views and active lists enhance user experience.
Advanced Alerting: Provides timely incident response and security alerts.

Why should users look for reviews when evaluating OpenText Enterprise Security Manager?

Timely Incident Responses: Fast alerting and action against threats.
User-Friendly Experience: Customizable dashboards simplify monitoring tasks.
Comprehensive Security Management: Integrated log management and threat detection across domains.
Adaptability and Scalability: Supports both on-premises and cloud deployments.

In industries such as finance, healthcare, and energy, OpenText Enterprise Security Manager is implemented for monitoring critical systems and ensuring compliance with regulatory needs. Enterprises leverage its capabilities for forensic investigations and active threat management, serving as a central hub for cybersecurity operations across diverse IT infrastructures.

OpenText

Sample Customers

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.

Buyer's Guide

Devo vs. OpenText Enterprise Security Manager

July 2025

Free Report: Devo vs. OpenText Enterprise Security Manager

Find out what your peers are saying about Devo vs. OpenText Enterprise Security Manager and other solutions. Updated: July 2025.

DOWNLOAD NOW

861,524 professionals have used our research since 2012.

See our Devo vs. OpenText Enterprise Security Manager report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.