Devo Technology
Devo delivers cloud-native security analytics replacing traditional SIEMs with real-time threat detection.
Devo is a cloud-native security data platform that provides real-time logging, SIEM, SOAR, and UEBA capabilities powered by AI. The platform ingests streaming data from applications, infrastructure, IoT devices, and logs, then correlates and analyzes it to accelerate threat detection and response. Devo's micro-indexing technology stores data in raw format with extended retention of up to 400 days, differentiating it from traditional legacy SIEM solutions. The platform serves large enterprises seeking to replace on-premise security infrastructure with cloud-first, AI-enhanced security operations.
Problem solved
Security operations centers lack real-time visibility into threats across distributed systems, resulting in slow detection and response times that increase organizational risk.
Target customer
Large enterprise security and operations teams (43% of Devo users), particularly those with complex infrastructure requiring extended data retention and real-time threat response.
Founders
P
Pedro Castillo
Co-Founder & Chief Technology Officer
Co-founder of Devo in 2011; led engineering and technical vision for the security data platform.
P
Pedro Palao
Co-Founder
Co-founder of Devo in 2011; contributed to platform development and early company strategy.
J
Juana Nunez Garcia
Co-Founder & Vice President of Engineering
Co-founder of Devo in 2011; leads engineering operations and technical strategy.
D
Daniel Garcia
Co-Founder & Vice President of Engineering
Co-founder of Devo in 2011; leads engineering operations and technical development.
K
Ken Naumann
Chief Executive Officer
Seasoned enterprise tech and cybersecurity leader; previously CEO of NetWitness, a threat detection and response specialist.
Funding history
Series A
$2.97M
November 2013
Led by Unknown
· Unknown
Series B
Unknown
September 2017
Led by Insight Partners
· Unknown
Series C
Unknown
January 2019
Led by Unknown
· Unknown
Series D
$60M
September 2020
Led by Georgian
· Bessemer Venture Partners, Insight Partners
Series E
$250M
October 2021
Led by TCV
· Eurazeo, General Atlantic, Bessemer Venture Partners, Georgian, Insight Partners, Kibo Ventures
Series F
$100M
June 2022
Led by Eurazeo
· Insight Partners, Georgian, TCV, General Atlantic, Bessemer Venture Partners, Kibo Ventures, ISAI Cap Venture
Total raised:
$500M
Industries
Pricing
Subscription-based model structured by data volume ingested, retention period, and selected features. Pricing varies by deployment (cloud or on-premises), with additional costs for advanced modules and integrations. Custom enterprise pricing available.
Notable customers
Corsica Technologies, Ulta, OneMain Financial, Bitkub, Ivy Tech Community College, Oklahoma University
Website
Competitors
Splunk
Splunk is a broader data analytics platform; Devo is specifically optimized for cloud-native security with real-time micro-indexing and extended retention.
Sumo Logic
Sumo Logic focuses on cloud monitoring and observability; Devo emphasizes integrated SIEM, SOAR, and UEBA with AI-driven threat detection.
Datadog
Datadog is a comprehensive monitoring platform for infrastructure and applications; Devo specializes in security-focused analytics with SIEM capabilities.
Elastic
Elastic offers open-source search and analytics; Devo provides a managed, cloud-native security platform with AI and advanced threat response.
Exabeam
Exabeam focuses on user and entity behavior analytics; Devo integrates UEBA with comprehensive SIEM and SOAR in a unified cloud platform.
Why this matters: Devo reached unicorn status in just 10 years (2021) and has raised $500M, reflecting strong enterprise demand for cloud-native SIEM replacement. With AI-powered threat detection, extended data retention, and integrated SOAR/UEBA, Devo represents the modernization of legacy security infrastructure that many enterprises desperately need.
Best for: Large enterprises requiring cloud-native SIEM replacement with real-time threat detection, extended data retention, and AI-powered security automation across distributed infrastructure.
Use cases
Real-Time Threat Detection
Security teams use Devo to ingest and correlate logs from thousands of sources in real-time, identifying sophisticated threats that traditional SIEMs miss. The platform's AI acceleration reduces detection time from hours to minutes, enabling faster containment of security incidents.
Compliance and Long-Term Forensics
Organizations maintain 400 days of hot, searchable log data for regulatory compliance and forensic investigations without the cost and complexity of cold storage. Analysts can quickly pivot between recent events and historical data to understand attack patterns and root causes.
Security Orchestration and Response
Through integrated SOAR capabilities, Devo automates manual response workflows—such as blocking malicious IPs, isolating compromised hosts, or notifying incident teams. This reduces mean time to respond (MTTR) and decreases burden on already-stretched security operations centers.
User and Entity Behavior Analytics
UEBA functionality identifies abnormal user activities and insider threats by establishing behavioral baselines and alerting when deviations occur. This is particularly valuable for detecting compromised accounts or malicious insiders before they cause damage.
Alternatives
Splunk
Choose Splunk if you need a broader data analytics platform beyond security, though Devo offers superior cloud-native architecture and extended hot retention.
Sumo Logic
Choose Sumo Logic if your primary need is general cloud monitoring and observability; select Devo if you require integrated SIEM, SOAR, and UEBA focused on security threats.
SolarWinds
Choose SolarWinds for hybrid IT operations monitoring; Devo is purpose-built for cloud-native security analytics with AI-driven threat response.
FAQ
What does Devo do? +
Devo is a cloud-native security data platform that collects real-time streaming data from applications, infrastructure, and logs, then uses AI to detect threats, correlate events, and automate responses. It replaces traditional on-premise SIEMs with an integrated suite of SIEM, SOAR, and UEBA capabilities.
How much does Devo cost? +
Devo uses subscription-based pricing based on data volume ingested, retention period, and features selected. Pricing varies for cloud vs. on-premises deployment, with additional costs for advanced modules. Custom pricing is available for enterprises.
What are alternatives to Devo? +
Top alternatives include Splunk (broader data analytics), Sumo Logic (cloud monitoring and observability), Datadog (infrastructure monitoring), Elastic (search and analytics), and Exabeam (user behavior analytics). Each has different strengths; Devo uniquely combines cloud-native SIEM, SOAR, and UEBA.
Who uses Devo? +
Large enterprises dominate Devo's user base (43% of users). Notable customers include Ulta, OneMain Financial, Corsica Technologies, and Bitkub. Geographically, the US accounts for 69% of log-management users, followed by India and UK.
How does Devo compare to Splunk? +
Devo is cloud-native by design with micro-indexing and 400-day hot retention, while Splunk remains heavily on-premises-focused. Devo's integrated SOAR and UEBA make it specifically optimized for security operations, whereas Splunk is a broader data analytics platform. Devo accelerates threat detection and response with AI-driven automation.
Tags
SIEM
cloud-native
security analytics
threat detection
SOAR
UEBA
log management
AI security
incident response
real-time analytics