Adlumin is a security operations command center that simplifies complexity and keeps organizations of all sizes secure. Its technology and integrations create a platform that obtains security telemetry from across an organization to provide greater insights into security alerts and streamline workflows.
N/A
IBM Security QRadar SIEM
Score 8.8 out of 10
N/A
IBM Security QRadar is security information and event management (SIEM) Software.
If you don't already have a system in place for anomoly detection, log monitoring, and alerting, you're doing your company a disservice. Whether Adlumin is the best choice for you depends on your budget and technology stack, but overall, Adlumin has been one of the best security purchases made by our company in the last few years, and has paid for itself by automatically preventing and protecting against specific attacks that were non-attacks due to Adlumin stopping them before they could start.
I would only recommend IBM Security QRadar SIEM in a few situations. For one, it's very easy to setup and use if all your log sources are generic from known vendors. It's also significantly cheaper than Splunk, which is nice if you're trying to save money or be more efficient. I would not recommend IBM Security QRadar SIEM for environments with a lot of custom logs and complicated detection requirements.
After an alert has been "Cleared" by internal IT, there should be no further action taken by the SOC team or the AI agent.
When there is an active internal incident or problem with Adlumin, there should be a notice in the incident or on the platform's active issues board about issues that may affect Adlumin agents. This would save people who have to respond a lot of time.
Have not been able to get one forwarder to function properly, despite documentation from a technician and the platform documentation. This is frustrating when a Windows collector option is available but doesn't work at all.
I have noticed some SentinelOne detections do not warrant responses or actions from the Adlumin team. These are usually repeated flags that do not require action, but some do, and some do not. I can't figure out what we reference specifically to determine a response from SOC or AI.
Need to spend more time configuring the system to properly interpret and normalize different type of data collected from multiple resources.
While Rule creation QRadar uses that rules to detect security threats and generate alerts, but to creating and managing rules is bit complex & tedious work to complete.
IBM Security QRadar SIEM is excellent in handling large & complex systems that requires in-depth knowledge and extensive training to configure and maintain the system which includes upgrading, optimization of performance & issue troubleshooting.
QRadar is an established and stable product, we have been using it for many years and want to continue to focus on it. Anyone who has used the product and knows it knows how reliable it is and how it facilitates continuous monitoring of threats from outside and inside. it is an exceptional product that is very useful for us.
A number of integrations were simple to set up and well documented, but a few things were difficult or undocumented yet. Some sections feel over-complicated and others feel way too vague during the setup process. Once the onboarding is finished though, the product is very simple, but there is a learning curve at the beginning.
As a grade I give 8 as QRadar is not easy to learn. It requires some time to master it. It also needs a team of people actively working on the product. Once you learn to use it the software works very well and it is easy to correlate and understand detected threats. It only takes time to learn how to use it well and configure it properly.
Customer support is Good of IBM, While Using IBM QRadar its deployment is to slow and suddenly stop working and crashed we have contacted IBM Support and Rised a Ticket within a few minute we get call back from customer support and Query Resolved by them Fast And Rapid Support of Ibm
The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.
The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.
Initial patience is required to learn how to use the product, and it takes a dedicated team to use it. One person is not enough, and it's not enough to just set it up and check it once in a while. It has to be used daily and kept under control to be used effectively
ArcticWolf has been a great product that we have used, but the ability that Adlumin has is extremely comparable for a fraction of the price. There are no hardware requirements with Adlumin, but it still has all of the abilities as ArcticWolf without the overheard. Again, the SOAR actions are a game changer when it comes to automation and immediate action.
IBM Qradar takes the best from its competitors. Reliable and stable but sometimes very expensive, the SIEM from IBM offers a wide range of scenarios in which the customers can suite and size their own infrastructures. IBM Qradar doesn't really needs to stack up againt its competitors because it already sets an example in the SIEM world.
We used to be with an MSP before I was hired, and the company spent over 20K per year for that service. With N-Able, we have reduced the cost by over half.
I spend minimal time now patching computers because this is all automated. I sometimes have to patch a couple of machines because I missed a patch, but it has saved me a great deal of time.
I save a great deal of time with Board Reports because they are automatically generated for me each month.
