We performed a comparison between Devo and Palantir Foundry based on real PeerSpot user reviews.
Find out in this report how the two IT Operations Analytics solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."
"The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us."
"The strength of Devo is not only in that it is pretty intuitive, but it gives you the flexibility and creativity to merge feeds. The prime examples would be using the synthesis or union tables that give you phenomenal capabilities... The ability to use a synthesis or union table to combine all those feeds and make heads or tails of what's going on, and link it to go down a thread, is functionality that I hadn't seen before."
"Those 400 days of hot data mean that people can look for trends and at what happened in the past. And they can not only do so from a security point of view, but even for operational use cases. In the past, our operational norm was to keep live data for only 30 days. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. That's one reason that having 400 days of live data is pretty huge. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics."
"The most powerful feature is the way the data is stored and extracted. The data is always stored in its original format and you can normalize the data after it has been stored."
"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events."
"Devo has a really good website for creating custom configurations."
"Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data."
"The data lineage is great."
"The ease of use is my favorite feature. We're able to build different models and projects or combine different projects to build one use case."
"The virtualization tool is useful."
"Great features available in one tool."
"The security is also excellent. It's highly granular, so the admins have a high degree of control, and there are many levels of security. That worked well. You won't have an EDC unless you put everything onto the platform because it is its own isolated thing."
"It's scalable."
"Live video sessions enhance the available documentation and allow you to ask questions directly."
"The solution provides an end-to-end integrated tech stack that takes care of all utility/infrastructure topics for you."
"The price is one problem with Devo."
"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."
"I would like to have the ability to create more complex dashboards."
"There are some issues from an availability and functionality standpoint, meaning the tool is somewhat slow. There were some slow response periods over the past six to nine months, though it has yet to impact us terribly as we are a relatively small shop. We've noticed it, however, so Devo could improve the responsiveness."
"We only use the core functionality and one of the reasons for this is that their security operation center needs improvement."
"The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc."
"Technical support could be better."
"From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments."
"There is not a wide user base for the solution's online documentation so it is sometimes difficult to find answers."
"The solution could use more online documentation for new users."
"It requires a lot of manual work and is very time-consuming to get to a functional point."
"Cost of this solution is quite high."
"It would be helpful to build applications based on Azure functions or web apps in Palantir Foundry."
"If you want to create new models on specific data sets, computing that is quite costly."
"Compared to other hyperscalers, Palantir Foundry is complex and not so user-intuitive."
"Difficult to receive data from external sources."
Devo is ranked 3rd in IT Operations Analytics with 21 reviews while Palantir Foundry is ranked 5th in IT Operations Analytics with 13 reviews. Devo is rated 8.4, while Palantir Foundry is rated 7.6. The top reviewer of Devo writes "Keeps 400 days of hot data, covers our cloud products, and has a high ingestion rate and super easy log integrations". On the other hand, the top reviewer of Palantir Foundry writes "The data visualization is fantastic and the security is excellent". Devo is most compared with Splunk Enterprise Security, IBM Security QRadar, Microsoft Sentinel, LogRhythm SIEM and Wazuh, whereas Palantir Foundry is most compared with Azure Data Factory, Palantir Gotham, SAP Data Services, AWS Glue and Alteryx Designer. See our Devo vs. Palantir Foundry report.
See our list of best IT Operations Analytics vendors.
We monitor all IT Operations Analytics reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.