TrustRadius

IBM Security QRadar SOAR vs. VMware Carbon Black EDR

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
IBM Security QRadar SOAR
Score 8.5 out of 10
N/A
IBM Security® QRadar® SOAR is designed to help your security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides your team in resolving incidents by codifying established incident response processes into dynamic playbooks.N/A
VMware Carbon Black EDR
Score 8.4 out of 10
N/A
VMware Carbon Black EDR (formerly Cb Response) is an incident response and threat hunting solution designed for security operations center (SOC) teams with offline environments or on-premises requirements. Carbon Black EDR records and stores endpoint activity data so that security professionals can hunt threats in real time and visualize the complete attack kill chain. It leverages the VMware Carbon Black Cloud’s aggregated threat intelligence, which is applied to the endpoint activity system of…N/A
Pricing
IBM Security QRadar SOARVMware Carbon Black EDR
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
IBM Security QRadar SOARVMware Carbon Black EDR
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional DetailsUsage-based pricing: This simple, scalable option allows starting small with an initial users and capabilities and scaling up as more users are added, as well as capabilities and data. Enterprise-wide pricing: This option is based on either the size of the enterprise-wide IT infrastructure or the size and type of data sources being secured.
More Pricing Information
Community Pulse
IBM Security QRadar SOARVMware Carbon Black EDR
Top Pros
Top Cons
Features
IBM Security QRadar SOARVMware Carbon Black EDR
Incident Response Platforms
Comparison of Incident Response Platforms features of Product A and Product B
IBM Security QRadar SOAR
-
Ratings
VMware Carbon Black EDR
8.3
2 Ratings
2% below category average
Company-wide Incident Reporting00 Ratings9.02 Ratings
Integration with Other Security Systems00 Ratings8.02 Ratings
Attack Chain Visualization00 Ratings9.02 Ratings
Centralized Dashboard00 Ratings9.02 Ratings
Machine Learning to Prevent Incidents00 Ratings7.02 Ratings
Live Response for Rapid Remediation00 Ratings8.02 Ratings
Best Alternatives
IBM Security QRadar SOARVMware Carbon Black EDR
Small Businesses

No answers on this topic

ThreatDown, powered by Malwarebytes
ThreatDown, powered by Malwarebytes
Score 8.7 out of 10
Medium-sized Companies
Splunk SOAR
Splunk SOAR
Score 8.3 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
Enterprises
Palo Alto Networks Cortex XSOAR
Palo Alto Networks Cortex XSOAR
Score 8.5 out of 10
Hoxhunt
Hoxhunt
Score 9.3 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
IBM Security QRadar SOARVMware Carbon Black EDR
Likelihood to Recommend
8.5
(13 ratings)
8.0
(2 ratings)
Likelihood to Renew
8.0
(1 ratings)
-
(0 ratings)
Usability
8.0
(1 ratings)
-
(0 ratings)
Support Rating
6.0
(1 ratings)
-
(0 ratings)
User Testimonials
IBM Security QRadar SOARVMware Carbon Black EDR
Likelihood to Recommend
IBM
IBM Security QRadar SOAR is versatile. All the major players in SOAR field require the administrator to have coding experience but with IBM it is different. IBM's solution is a full-fledged automation solution, and not some threat-based or limited one. Meaning whatever comes to your mind, if you can write the code, you can do it. This goes from daily tasks from SOC to daily tasks of your network or security administrator or any other administrator. You can manage your ITSM solution if you want to, IBM is a playground and there is much to discover in its capabilities. If you do not have the knowledge or if you want a SOC/Threat Based SOAR solution, meaning you want automation but you want it to be limited to an area and out-of-box, you may choose other alternatives.
Verified User
Anonymous
Read full review
VMware by Broadcom
We are able to check if any phishing link was visited by the user or not. To check for the whether any file is executed on the machine or not. To check on which port connections are being made by the machine. To create custom watchlist for alert to be investigated by an analyst. To check every process executed in the machine for a specified range.
Verified User
Anonymous
Read full review
Pros
IBM
  • QRadar's ability to collect, analyze and normalize vast amount of security data from various sources is remarkable.
  • QRadar allows us to define and automate incident response playbooks which have been amazing for streamlining the response to security incidents.
  • It offers and extensive library of pre-built connectors and support for common security standards facilitating seamless integration with a wide range of security tools.
SJ
Sarah Jones
CMO (Chief Marketing Officer)
Read full review
VMware by Broadcom
  • Process tree view of endpoint activity
  • Ability to pull files from host
  • Threat Intelligence integration
  • Isolate a host
Verified User
Anonymous
Read full review
Cons
IBM
  • You still have to generate reports manually. Reports are very limited and practically not useful.
  • The solution should not be SOAR class. Automations usually don't work. It's apparent that it's not designed for that.
  • Lack of flexibility.
  • Practically no support. The reported integration problems have not been resolved.
DS
Dominik Siekierski
Applications Engineer
Read full review
VMware by Broadcom
  • Number of false positive which are triggered due to threat feeds are sometimes more needs to be fine tuned by the client.
  • In very rare scenarios processes are not captured properly.
Verified User
Anonymous
Read full review
Likelihood to Renew
IBM
It is beneficial to have a program that can run independently and be used without the supervision of a devoted employee
JS
june smith
Legal Secretary
Read full review
VMware by Broadcom
No answers on this topic
Usability
IBM
It is very easy to navigate and run the parts that we have needed
JS
june smith
Legal Secretary
Read full review
VMware by Broadcom
No answers on this topic
Support Rating
IBM
I have never had to contact support
JS
june smith
Legal Secretary
Read full review
VMware by Broadcom
No answers on this topic
Alternatives Considered
IBM
Overall, IBM Security QRadar SOAR offered the same set of functionality that was needed by the organization as offered by Splunk SOAR, but the former is less expensive and solves all the purpose within budget. In addition, integration with other IBM products was easier and made implementation of a SOAR solution much faster.
Verified User
Anonymous
Read full review
VMware by Broadcom
CB Response allows for a better view of what happened on the endpoint and provides more functionality out of the box then the FireEye Endpoint Security Product. CB Response allows you to basically have a remote connection into the CLI of an endpoint. This allows you to view the file system, run programs/scripts on the host, etc. FireEye Endpoint Security does not have this functionality.
Verified User
Anonymous
Read full review
Return on Investment
IBM
  • It provides comprehensive MTTD and MTTR metrics and we are aware of how secure our systems are at any given moment.
  • We use linux 7.7, therefore the integrations are smooth.
  • We've been able run our online shops securely for so long.
Verified User
Anonymous
Read full review
VMware by Broadcom
  • It is helping to protect us from potential loss of revenue that would be caused by malware or a compromised account.
  • It took some time in deploying in the environment , but that time is much worth it because of the results we are getting now.
  • It helps in hunting, which help us check and protect our environment from any cyber attacks.
Verified User
Anonymous
Read full review
ScreenShots

IBM Security QRadar SOAR Screenshots

Screenshot of the IBM Security QRadar SOAR Breach Response solution. The software helps customers manage more than 180 global privacy reporting regulations including GDPR.Screenshot of the Playbooks Landing page, that shows all active playbooks in a single view, including how many are actively running, disabled, or are in draft.Screenshot of IBM Security QRadar SOAR’s Playbook Designer canvas, designed to lower the barrier to entry necessary to build automations through a graphical interface.Screenshot of the Tasks view shows all response tasks, organized by phase, that have either completed or are set to be executed.Screenshot of Threat Investigator automatically correlates incident information, curating an incident timeline from start to finish, including related artifacts and MITRE ATT&CK mappings.