Try our new research platform with insights from 80,000+ expert users

Devo vs LogRhythm SIEM comparison

Devo and LogRhythm are both solutions in the Security Information and Event Management (SIEM) category. Devo is ranked #28 with an average rating of 8.3, while LogRhythm is ranked #7 with an average rating of 7.6. Devo holds a 1.1% mindshare in SIEM, compared to LogRhythm’s 3.6% mindshare. Additionally, 95% of Devo users are willing to recommend the solution, compared to 89% of LogRhythm users who would recommend it.
Devo
Read 22 Devo reviews
  • 2,914 Views
  • 1,265 Comparison Views
95% willing to recommend
LogRhythm SIEM
Read 172 LogRhythm SIEM reviews
  • 7,946 Views
  • 4,617 Comparison Views
89% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

LogRhythm SIEM and Devo offer robust security information and event management solutions. Users favor Devo for its advanced features and overall satisfaction, despite higher pricing.

Features: LogRhythm SIEM is praised for its comprehensive threat detection, response capabilities, and integration flexibility. Devo stands out with strong analytics, scalability, and real-time data processing.

Room for Improvement: LogRhythm SIEM users suggest enhancements in integration flexibility, simpler configuration, and user interface. Devo users note the need for improved documentation, streamlined update processes, and better customer training.

Ease of Deployment and Customer Service: LogRhythm SIEM deployment is considered straightforward but time-consuming, with responsive customer service. Devo's deployment is quick and efficient, with excellent support.

Pricing and ROI: LogRhythm SIEM has lower initial setup costs and satisfactory ROI. Devo, more expensive, is seen as worth the investment due to superior performance and long-term benefits.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Devo vs. LogRhythm SIEM Report (Updated: December 2024).
Buyer's Guide
Devo vs. LogRhythm SIEM
December 2024
Download the complete report
Helped 824,053 peers since 2012
 

Categories and Ranking

Devo
Ranking in Log Management
25th
Ranking in Security Information and Event Management (SIEM)
28th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
22
Ranking in other categories
IT Operations Analytics (4th), AIOps (16th)
LogRhythm SIEM
Ranking in Log Management
10th
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
172
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of December 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Devo is 1.1%, down from 1.4% compared to the previous year. The mindshare of LogRhythm SIEM is 3.6%, down from 5.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Michael Wenn - PeerSpot reviewer
Has cloud-first architecture with SIEM technology to run security operations
When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.
Read full review
Joseph W. - PeerSpot reviewer
Has pre-built pieces for third party vendors and does not take a long time to implement
One of the main features that I like about LogRhythm SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us. We use the Event Log Filtering feature a lot. We use it for simple troubleshooting tasks like when a user is logged out, to more important tasks like trying to investigate a threat. As far as its effect on productivity, we can go and search instead of trying to troubleshoot and guess what is causing an error. We can identify what the program is or where the hiccup is. LogRhythm helped us to identify a lot of blind spots. Originally, we didn't have a SIEM tool. We had auditors say that this is something that we should be doing. My management team asked me to go and find a product, and I researched a bunch of them and found LogRhythm. It really opened our eyes to see how much traffic we have, whether it's other IP addresses that are scanning us or external users trying to hit certain ports that could then get closed. It helped us tighten down some of those firewall rules that may have been left open unintentionally through other changes. It helped us a lot early on to identify who was trying to communicate with us or, essentially, who was trying to attack us. As far as our overall security posture, our SIEM tool was the initial push that really got us going into identifying where all of our threats were. We expanded over the seven years that we've had it, and I implemented at least eight other products that are all security related because the SIEM tool indicated the need to identify other risks. It really helped us as an organization to identify risks and move forward to a more secure environment.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Those 400 days of hot data mean that people can look for trends and at what happened in the past. And they can not only do so from a security point of view, but even for operational use cases. In the past, our operational norm was to keep live data for only 30 days. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. That's one reason that having 400 days of live data is pretty huge. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics."
"Even if it's a relatively technical tool or platform, it's very intuitive and graphical. It's very appealing in terms of the user interface. The UI has a graphically interface with the raw data in a table. The table can be as big as you want it, depending on your use case. You can easily get a report combining your data, along with calculations and graphical dashboards. You don't need a lot of training, because the UI is relatively very intuitive."
"Being able to build and modify dashboards on the fly with Activeboards streamlines my analyst time because my analysts aren't doing it across spreadsheets or five different tools to try to build a timeline out themselves. They can just ingest it all, build a timeline out across all the logging, and all the different information sources in one dashboard. So, it's a huge time saver. It also has the accuracy of being able to look at all those data sources in one view. The log analysis, which would take 40 hours, we can probably get through it in about five to eight hours using Devo."
"The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."
"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."
"It centralizes security management within a business, functioning as a core system for a SOC."
"The most useful feature for us, because of some of the issues we had previously, was the simplicity of log integrations. It's much easier with this platform to integrate log sources that might not have standard logging and things like that."
"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way."
More Devo pros
"As a SIEM, probably the best feature is that it can be tuned effectively. There are very few SIEMs out there that can be effectively tuned to provide you with meaningful information and not be overwhelmed."
"In general, the visibility of events and advanced analysis of events are good."
"The Web Console is my favorite. It enables me, at a glance, to see the health of the environments."
"It supports most standard log sources."
"I like LogRhythm's ease of use. The solution has improved compared to previous versions. It had many issues before, like integration, the console, creating reports, false positives, etc. The AI engine has made it stronger in the latest version."
"Even other products we have that feed into it, instead of having to watch all of them we only have to watch one. For example, we have CrowdStrike, so instead of having to pay attention that solution - because their dashboard doesn't really pop when an alarm comes up - we can see issues with the red on the LogRhythm alarm. That is very nice."
"The most valuable features would be the automation, reporting, and the support."
"LogRhythm has increased productivity because all the tools that we need are in the web UI, allowing us to find threats on our network fast and efficiently."
More LogRhythm SIEM pros
 

Cons

"Their documentation could be better. They are growing quickly and need to have someone focused on tech writing to ensure that all the different updates, how to use them, and all the new features and functionality are properly documented."
"The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets."
"There are some issues from an availability and functionality standpoint, meaning the tool is somewhat slow. There were some slow response periods over the past six to nine months, though it has yet to impact us terribly as we are a relatively small shop. We've noticed it, however, so Devo could improve the responsiveness."
"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate."
"Devo has a lot of cloud connectors, but they need to do a little bit of work there. They've got good integrations with the public cloud, but there are a lot of cloud SaaS systems that they still need to work with on integrations, such as Salesforce and other SaaS providers where we need to get access logs."
"We only use the core functionality and one of the reasons for this is that their security operation center needs improvement."
"The price is one problem with Devo."
"My opinion on the solution's technical support is not as great as it could be because of the issues I have faced regarding the service management element."
More Devo cons
"The console installation is an area with a shortcoming in the solution that needs improvement. If LogRhythm SIEM can offer a web console, it would be great."
"The product's stability needs improvement."
"I think there is room for improvement because the system is still running on the Windows Server platform. The problem with running on Windows is that it is not that good for scaling and providing for big deployment environments."
"NextGen SIEM has separate rules for AI, advanced intelligence, and MP rules - it would be better to have a centralized way to write the rules and create alarms."
"The web and on-premise console interface should be the same instead of having a separate engine for each."
"I would like to see APIs well-documented and public facing, so we can get to them all."
"We have run into problems with stability going through upgrade processes. Recently, we have been on the front edge of the upgrade path. When that happens we tend to run into issues either with certain functionality not working after the upgrades or stability issues because of the upgrades."
"Move it to Linux. I would like to see it get off the SQL Server."
More LogRhythm SIEM cons
 

Pricing and Cost Advice

"Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
"The way Devo prices things is based on the amount of data, and I wish the tiers had more granularity. Maybe at this point they do, but when we first negotiated with them, there were only three or four tiers."
"I rate the pricing a four on a scale of one to ten, where one is cheap, and ten is expensive."
"It's very competitive. That was also a primary draw for us. Some of the licensing models with solutions like Splunk and Sentinel were attractive upfront, but there were so many micro-charges and services we would've had to add on to make them what we wanted. We had to include things like SOAR and extended capabilities, whereas all those capabilities are completely included with the Devo platform. I haven't seen any additional fee."
"Our licensing fees are billed annually and per terabyte."
"I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."
"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."
"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
More Devo pricing and cost advice
"We did a five-year agreement. We pay close to a quarter of a million dollars for our solution."
"Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product."
"The setup and licensing for small and medium size businesses is straightforward, though when it comes to the enterprise it pays to keep in mind the possibility for complications given all the extras and add-ons that may be required."
"NextGen SIEM's pricing is moderate."
"I have seen a measurable decrease in the mean time to detect and respond to threats. We went from not detecting them to detecting them. We can actually pick up what is anomalous in our network now."
"The nice thing about LogRhythm is you can either use the agents, getting a certain number of agents with your license depending on how you want to go, and those agents do a lot of cool things, or you can use CIS Log host, then you have like an unlimited number of them."
"LogRhythm's licensing is based on MPS. There are some add-on features like advanced UEBA, the cloud component for advanced UEBA, and SIEM."
"LogRhythm's pricing and licensing is extremely competitive and it's one of the top three reasons we continue to invest in the platform."
More LogRhythm SIEM pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
824,053 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
13%
Government
9%
University
6%
Educational Organization
45%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Devo?
Devo has a really good website for creating custom configurations.
See all answers
What is your experience regarding pricing and costs for Devo?
Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.
See all answers
What needs improvement with Devo?
They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...
See all answers
What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
See all answers
What needs improvement with LogRhythm NextGen SIEM?
The integration is slightly difficult with other assets, like EDR technologies or firewalls. Also, the back end is not as user-friendly as other solutions like IBM QRadar. The technical support is ...
See all answers
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
See all answers
 

Comparisons

Splunk Enterprise Security vs Devo Logo
Splunk Enterprise Security vs Devo
Compared 22% of the time
IBM Security QRadar vs Devo Logo
IBM Security QRadar vs Devo
Compared 19% of the time
Microsoft Sentinel vs Devo Logo
Microsoft Sentinel vs Devo
Compared 15% of the time
Wazuh vs Devo Logo
Wazuh vs Devo
Compared 7% of the time
New Relic vs Devo Logo
New Relic vs Devo
Compared 7% of the time
More Devo Competitors
IBM Security QRadar vs LogRhythm SIEM Logo
IBM Security QRadar vs LogRhythm SIEM
Compared 14% of the time
Splunk Enterprise Security vs LogRhythm SIEM Logo
Splunk Enterprise Security vs LogRhythm SIEM
Compared 13% of the time
Wazuh vs LogRhythm SIEM Logo
Wazuh vs LogRhythm SIEM
Compared 7% of the time
LogRhythm Axon vs LogRhythm SIEM Logo
LogRhythm Axon vs LogRhythm SIEM
Compared 6% of the time
Fortinet FortiSIEM vs LogRhythm SIEM Logo
Fortinet FortiSIEM vs LogRhythm SIEM
Compared 5% of the time
More LogRhythm SIEM Competitors
 

Product Reports

Buyer's Guide
Devo
December 2024
Devo reportDownload Devo product report
Buyer's Guide
LogRhythm SIEM
December 2024
LogRhythm SIEM reportDownload LogRhythm SIEM product report
 

Also Known As

No data available
LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
 

Learn More

Devo
LogRhythm
 

Overview

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:

● Streamlined workflow

● Secure data access

● Real-time visibility

● A unified user experience

● Management customization

Security information and event management (SIEM) solutions have been evolving for over a decade; their core functionality still acts as the most effective foundation for any organization’s technology stack. A SIEM solution enables an organization to centrally collect data across its entire network environment to gain real-time visibility into activity that may pose a risk to the organization. SIEM technology addresses threats before they become significant financial risks while simultaneously helping better manage an organization’s assets.

LogRhythm SIEM has many key features and capabilities, including:

High-Performance Log Management: LogRhythm SIEM offers structured and unstructured search capabilities which allows users to swiftly search across an organization’s vast data to easily find answers, identify IT and security issues, and troubleshoot issues. Users can efficiently process and index terabytes of log data daily.

Network and Endpoint Monitoring: Forensic sensors allow users to gain deep visibility into endpoint and network activity. Users can see behavioral anomalies and better respond to incidents.

SmartResponse™ Automation: LogRhythm SIEM allows users to centrally execute pre-staged actions that automate incident investigatory tasks and responses.

Automated Machine Analytics: LogRhythm SIEM's AI Engine continuously analyzes all collected security incidents and forensic data. Security teams are delivered precise, real-time intelligence about risk-prioritized threats.

Case and Security Incident Management: LogRhythm SIEM offers an integrated workflow so that threats don’t slip through the cracks. Collaboration tools help centrally manage and track investigations.

User and entity behavior analytics (UEBA): Embedded deterministic UEBA monitoring helps protect against insider threats.

Security orchestration, automation, and response (SOAR): LogRhythm SIEM includes our embedded SOAR solution to increase efficiency and higher-quality incident response with low mean time to response (MTTR).

Benefits to Using LogRhythm SIEM

The platform offers great value to security and IT operations. Users have the ability to map their security and IT operations to existing frameworks such as NIST and MITRE ATT&CK.

● The platform offers broad integration across security and IT vendors: Users benefit from support for integration with hundreds of security and IT solutions. In turn, this further extends SIEM capabilities and data collection.

● The platform provides compliance adherence, enforcement, and reporting: The prebuilt compliance modules automatically detect violations as they occur and remove the burden of manually reviewing audit logs.

Reviews from Real Users

LogRhythm SIEM stands out among its competitors for a number of reasons. Two major ones are its ability to be customized and its quick performance of queries.

Jason G., a senior cybersecurity engineer, writes, "I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."

Andy W., principal consultant at ITSEC Asia, notes, “LogRhythm SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions.”

 

Sample Customers

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Buyer's Guide
Devo vs. LogRhythm SIEM
December 2024
Free Report: Devo vs. LogRhythm SIEM
Find out what your peers are saying about Devo vs. LogRhythm SIEM and other solutions. Updated: December 2024.
DOWNLOAD NOW
824,053 professionals have used our research since 2012.
See our Devo vs. LogRhythm SIEM report.
See our list of best Security Information and Event Management (SIEM) vendors and best Log Management vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.