CyberArk Privileged Access Management vs. IBM Security QRadar SIEM

The system is great for enterprise or larger IT departments or teams where temporary or full access may be given using privileged IDs. Requirements for needing local admin access is also eliminated which can help with specific Windows workstation related tasks. It can be very useful when working with remote teams or contractors who may need temporary access to a system when required.

Incentivized

I would only recommend IBM Security QRadar SIEM in a few situations. For one, it's very easy to setup and use if all your log sources are generic from known vendors. It's also significantly cheaper than Splunk, which is nice if you're trying to save money or be more efficient. I would not recommend IBM Security QRadar SIEM for environments with a lot of custom logs and complicated detection requirements.

Incentivized

• Automatically discover new servers on the network and take control of the local admin password by vaulting it and ensuring nobody knows the password. A different password on every server.
• Automatically roll the password in a configurable manner - after each use, after a certain period of time, etc.
• Track and govern sensitive account usage by ensuring only properly authorized users can access the vault and obtain the credentials and then monitor usage.

Incentivized

• Enables identification and prioritization of vulnerabilities in IT infrastructure for corrective action.
• Facilitates security incident investigation and forensic analysis.
• Provides a real-time view of security events, enabling immediate incident response.
• Can integrate with external threat intelligence sources to enrich data and improve threat detection.
• Enables the generation of detailed and customized reports.

Incentivized

• GUI - right now everything is on one page/dashboard. Some level of folder/Safe type view would be great
• More options when storing passwords - especially for network based passwords
• Better integrations with vendors like Cisco so that admins dont need to really get the password from the vault (think Last Pass type add on)

Incentivized

• Need to spend more time configuring the system to properly interpret and normalize different type of data collected from multiple resources.
• While Rule creation QRadar uses that rules to detect security threats and generate alerts, but to creating and managing rules is bit complex & tedious work to complete.
• IBM Security QRadar SIEM is excellent in handling large & complex systems that requires in-depth knowledge and extensive training to configure and maintain the system which includes upgrading, optimization of performance & issue troubleshooting.

Incentivized

QRadar is an established and stable product, we have been using it for many years and want to continue to focus on it. Anyone who has used the product and knows it knows how reliable it is and how it facilitates continuous monitoring of threats from outside and inside. it is an exceptional product that is very useful for us.

Incentivized

As a grade I give 8 as QRadar is not easy to learn. It requires some time to master it. It also needs a team of people actively working on the product. Once you learn to use it the software works very well and it is easy to correlate and understand detected threats. It only takes time to learn how to use it well and configure it properly.

Incentivized

Customer support and technical support have always been great when we require assistance. Especially when we come across issues that we're not familiar with.

Incentivized

Customer support is Good of IBM, While Using IBM QRadar its deployment is to slow and suddenly stop working and crashed we have contacted IBM Support and Rised a Ticket within a few minute we get call back from customer support and Query Resolved by them Fast And Rapid Support of Ibm

Incentivized

The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.

Incentivized

The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.

Incentivized

Initial patience is required to learn how to use the product, and it takes a dedicated team to use it. One person is not enough, and it's not enough to just set it up and check it once in a while. It has to be used daily and kept under control to be used effectively

Incentivized

It is known as one of the safest products in the market. It has good support and is also available as on-premise. You can run it virtually on VMWare (and probably on other hypervisors as well). You can have a second instance on bare metal and that makes it a very safe system.

Incentivized

IBM Qradar takes the best from its competitors. Reliable and stable but sometimes very expensive, the SIEM from IBM offers a wide range of scenarios in which the customers can suite and size their own infrastructures. IBM Qradar doesn't really needs to stack up againt its competitors because it already sets an example in the SIEM world.

Incentivized

• Decreased the probability of an external cyber attack to privileged accounts..
• Management can control privileged account life cycle management more effectively
• Recording privileged sessions allows our organization to play back exactly the point of a breach or malicious behavior
• Automated system to manage and verify passwords, as privileged accounts are constantly created and deleted
• Automatic PWD change functionality will substantially decrease probability of PWD theft or misuse.

Incentivized

• Offense investigation was really helped in tackling the incidents. It was accurate and brief
• The automation with IBM resilient (SOAR) was a milestone in elimination of user mistakes
• The X-Force threat intelligence supported us in getting the work done without any 3rd party enterprise OSINT database

Incentivized