9 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 6.9 out of 100
90 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.8 out of 100

Likelihood to Recommend

Cisco Secure Network Analytics (Stealthwatch)

Cisco StealthWatch is well suited when you need to deal with big amounts of traffic. For example, big enterprises, data centers, [and] banks. [In] other words, it does a good job in cases when you have a lot of users with different access levels from different departments and maybe in different regions. So you need to have a clear vision of what [is] happening in your network right now.
Oleksandr Tsapenko | TrustRadius Reviewer

IBM QRadar

If you have a small-to-large company looking for a SIEM solution that "does the job" and is easy to deploy/use, QRadar is your tool. If you're looking for a complex solution that supports integration with data-mining solutions (e.g. ELK), then you may need a different solution. Overall, QRadar fits the needs of 99% of the companies. It is one of the easiest SIEM solutions to deploy and use.
Anonymous | TrustRadius Reviewer

Feature Rating Comparison

Security Information and Event Management (SIEM)

Cisco Secure Network Analytics (Stealthwatch)
IBM QRadar
8.4
Centralized event and log data collection
Cisco Secure Network Analytics (Stealthwatch)
IBM QRadar
9.1
Correlation
Cisco Secure Network Analytics (Stealthwatch)
IBM QRadar
9.0
Event and log normalization/management
Cisco Secure Network Analytics (Stealthwatch)
IBM QRadar
9.4
Deployment flexibility
Cisco Secure Network Analytics (Stealthwatch)
IBM QRadar
7.9
Integration with Identity and Access Management Tools
Cisco Secure Network Analytics (Stealthwatch)
IBM QRadar
7.7
Custom dashboards and workspaces
Cisco Secure Network Analytics (Stealthwatch)
IBM QRadar
8.1
Host and network-based intrusion detection
Cisco Secure Network Analytics (Stealthwatch)
IBM QRadar
8.0
Data integration/API management
Cisco Secure Network Analytics (Stealthwatch)
IBM QRadar
9.0
Behavioral analytics and baselining
Cisco Secure Network Analytics (Stealthwatch)
IBM QRadar
5.0
Rules-based and algorithmic detection thresholds
Cisco Secure Network Analytics (Stealthwatch)
IBM QRadar
10.0
Incident indexing/searching
Cisco Secure Network Analytics (Stealthwatch)
IBM QRadar
9.0

Pros

Cisco Secure Network Analytics (Stealthwatch)

  • Breaks down network data into categories like Recon, exploit, etc,
  • Good data around usage (categorized as Data Hoarding)
  • Alarms broken out by TTP
Anonymous | TrustRadius Reviewer

IBM QRadar

  • It allows us to have visibility to potential problems both on premise and in the cloud which was key as we have become a hybrid consumer.
  • It has automated monitoring which has allowed us to see threats faster and also allowed us to be proactive.
  • By having over 20,000 employees, QRadar has also allowed us to be aware of internal threats that are brought into the company by unsuspecting employees.
Anonymous | TrustRadius Reviewer

Cons

Cisco Secure Network Analytics (Stealthwatch)

  • As with new technologies, learning curves are a given. On this one, there is a slight curve before you fully grasp it.
  • User interface can be improved to better user experience.
Ericson Aragoza | TrustRadius Reviewer

IBM QRadar

  • There is a steep learning curve compared to other platforms. Qradar is incredibly powerful but does require some homework.
  • There is a glaring lack of threat feed utilization outside of STIXX/TAXII which remains very limited at this time.
  • May require a considerable amount of tuning during deployment with very little "out of the box" offense information.
Anonymous | TrustRadius Reviewer

Usability

Cisco Secure Network Analytics (Stealthwatch)

Cisco Secure Network Analytics (Stealthwatch) 7.3
Based on 1 answer
Strong and complete tool which gives comprehensive methods to discover cyber security incidents and prevent data leakage. In case of common use of Cisco StealthWatch and Cisco ISE, you will receive [the] ability [to] not just discover cyber security incidents but also dynamically respond to them. This makes StealthWatch one of most valuable products through[out] [the] whole Cisco Security product portfolio.
Oleksandr Tsapenko | TrustRadius Reviewer

IBM QRadar

No score
No answers yet
No answers on this topic

Support Rating

Cisco Secure Network Analytics (Stealthwatch)

Cisco Secure Network Analytics (Stealthwatch) 7.9
Based on 3 answers
Overall winner because it exceeds our expectations by answering all our requirements and at the same time empowers our operations thru other built-in capabilities it has. Visibility is a key to security operations and Cisco StealthWatch really gives us a magnifying glass to check all logs in the network for threat intelligence and threat hunting.
John Patrick Duro | TrustRadius Reviewer

IBM QRadar

IBM QRadar 8.5
Based on 4 answers
I've had many issues with QRadar, and the support would hear and respond to my question all the time (more so than in the case of IBM Resilient support). They were very quick to respond, were helpful, and provided remote access.
larbi belmiloud | TrustRadius Reviewer

Alternatives Considered

Cisco Secure Network Analytics (Stealthwatch)

NTOP is the only thing out there, in my opinion, that provides similar type of visibility. But StealthWatch is the product all vendors should strive to emulate. It is easy to install; it is easy to configure; it works as advertised (and then some). I do recommend the three-day work shop they occasionally run - or some onsite training. The product is feature rich and the training will help you get the most out of it.
Matthew Frederickson | TrustRadius Reviewer

IBM QRadar

I previously used AlienVault OSSIM in my former job and I can really tell that QRadar is a much more powerful SIEM as compared to AlienVault OSSIM. In QRadar, you can perform advanced queries that make use of AQL. This makes my investigation a lot easier. One of the things I truly adore in QRadar is that you can perform queries to see all the events for an offense or multiple offenses. You can also see which of the events were seen on an offense in the Log activity view. I think the only thing I liked in AlienVault is their UI, QRadar may need to up its game on that but overall a really great SIEM solution.
Anonymous | TrustRadius Reviewer

Return on Investment

Cisco Secure Network Analytics (Stealthwatch)

  • StealthWatch helps other departments make decisions quickly based on NetFlow data.
  • StealthWatch can bring a lot of reporting to the table that can be used to advance project necessities and prove data necessities to management.
Anonymous | TrustRadius Reviewer

IBM QRadar

  • ROI is a very tough calculation to achieve when it comes to cyber events. The reason is that how do you rate damage to the brand e.g. Target. Loss of confidence in a brand can easily lead to a company going bankrupt - how, do you measure that?
  • QRadar is in line with most other SIEM's in its category in TCO.
  • QRadar will lower the TCO and ROI of a security team's cost, due to the ability to perform most of the investigation and remediation recommendation.
Douglas Concepcion | TrustRadius Reviewer

Pricing Details

Cisco Secure Network Analytics (Stealthwatch)

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Cisco Secure Network Analytics (Stealthwatch) Editions & Modules

Additional Pricing Details

IBM QRadar

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

IBM QRadar Editions & Modules

Edition
Cloud$800.001
  1. Per Month
Additional Pricing Details

Rating Summary

Likelihood to Recommend

Cisco Secure Network Analytics (Stealthwatch)
6.9
IBM QRadar
8.8

Usability

Cisco Secure Network Analytics (Stealthwatch)
7.3
IBM QRadar

Support Rating

Cisco Secure Network Analytics (Stealthwatch)
7.9
IBM QRadar
8.5

Add comparison