TrustRadius

IBM Security QRadar SOAR vs. Palo Alto Networks Cortex XDR

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
IBM Security QRadar SOAR
Score 8.5 out of 10
N/A
IBM Security® QRadar® SOAR is designed to help your security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides your team in resolving incidents by codifying established incident response processes into dynamic playbooks.N/A
Palo Alto Networks Cortex XDR
Score 8.7 out of 10
N/A
Traps replaces traditional antivirus with multi-method prevention, a proprietary combination of malware and exploit prevention methods that protect users and endpoints from known and unknown threats.N/A
Pricing
IBM Security QRadar SOARPalo Alto Networks Cortex XDR
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
IBM Security QRadar SOARPalo Alto Networks Cortex XDR
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional DetailsUsage-based pricing: This simple, scalable option allows starting small with an initial users and capabilities and scaling up as more users are added, as well as capabilities and data. Enterprise-wide pricing: This option is based on either the size of the enterprise-wide IT infrastructure or the size and type of data sources being secured.
More Pricing Information
Community Pulse
IBM Security QRadar SOARPalo Alto Networks Cortex XDR
Top Pros
Top Cons
Best Alternatives
IBM Security QRadar SOARPalo Alto Networks Cortex XDR
Small Businesses

No answers on this topic

SentinelOne Singularity
SentinelOne Singularity
Score 9.1 out of 10
Medium-sized Companies
Splunk SOAR
Splunk SOAR
Score 8.3 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
Enterprises
Palo Alto Networks Cortex XSOAR
Palo Alto Networks Cortex XSOAR
Score 8.5 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
IBM Security QRadar SOARPalo Alto Networks Cortex XDR
Likelihood to Recommend
8.5
(13 ratings)
8.8
(12 ratings)
Likelihood to Renew
8.0
(1 ratings)
-
(0 ratings)
Usability
8.0
(1 ratings)
2.0
(1 ratings)
Support Rating
6.0
(1 ratings)
10.0
(3 ratings)
User Testimonials
IBM Security QRadar SOARPalo Alto Networks Cortex XDR
Likelihood to Recommend
IBM
IBM Security QRadar SOAR is versatile. All the major players in SOAR field require the administrator to have coding experience but with IBM it is different. IBM's solution is a full-fledged automation solution, and not some threat-based or limited one. Meaning whatever comes to your mind, if you can write the code, you can do it. This goes from daily tasks from SOC to daily tasks of your network or security administrator or any other administrator. You can manage your ITSM solution if you want to, IBM is a playground and there is much to discover in its capabilities. If you do not have the knowledge or if you want a SOC/Threat Based SOAR solution, meaning you want automation but you want it to be limited to an area and out-of-box, you may choose other alternatives.
Verified User
Anonymous
Read full review
Palo Alto Networks
Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.
Mst Rahima Khatun | TrustRadius Reviewer
Mst Rahima Khatun
Marketing Product Management
Read full review
Pros
IBM
  • QRadar's ability to collect, analyze and normalize vast amount of security data from various sources is remarkable.
  • QRadar allows us to define and automate incident response playbooks which have been amazing for streamlining the response to security incidents.
  • It offers and extensive library of pre-built connectors and support for common security standards facilitating seamless integration with a wide range of security tools.
SJ
Sarah Jones
CMO (Chief Marketing Officer)
Read full review
Palo Alto Networks
  • Direct Access to devices via Live Terminal which provides operations with scripting, triage, and preservation of artifacts.
  • Behavioral Indicators of Compromise which provides alerts on events regarding groups of hosts and their signatures.
  • Querying complex data sets involving a variety of devices for network connections, hashes, DNS, etc.
Verified User
Anonymous
Read full review
Cons
IBM
  • You still have to generate reports manually. Reports are very limited and practically not useful.
  • The solution should not be SOAR class. Automations usually don't work. It's apparent that it's not designed for that.
  • Lack of flexibility.
  • Practically no support. The reported integration problems have not been resolved.
DS
Dominik Siekierski
Applications Engineer
Read full review
Palo Alto Networks
  • Traps doesn't seem to function as a traditional A/V very well, so it's better as another layer to your endpoint protection
  • Traps can cause issues with some legacy or custom programs, so exceptions may have to be made
  • Traps falsely identifies things as malicious at times, this is not often though
Verified User
Anonymous
Read full review
Likelihood to Renew
IBM
It is beneficial to have a program that can run independently and be used without the supervision of a devoted employee
JS
june smith
Legal Secretary
Read full review
Palo Alto Networks
No answers on this topic
Usability
IBM
It is very easy to navigate and run the parts that we have needed
JS
june smith
Legal Secretary
Read full review
Palo Alto Networks
Day to day, Cortex is easy to use when you have no alerts and when an agent upgrade doesn't go south. Alerts are far too "clicky", there's too many steps to drilling down to what actually happened to trigger an alert. Investigating alerts in Cortex takes about 5x longer than it should.
Jeff Nichols | TrustRadius Reviewer
Jeff Nichols
Information Security Manager
Read full review
Support Rating
IBM
I have never had to contact support
JS
june smith
Legal Secretary
Read full review
Palo Alto Networks
The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.
Verified User
Anonymous
Read full review
Alternatives Considered
IBM
Overall, IBM Security QRadar SOAR offered the same set of functionality that was needed by the organization as offered by Splunk SOAR, but the former is less expensive and solves all the purpose within budget. In addition, integration with other IBM products was easier and made implementation of a SOAR solution much faster.
Verified User
Anonymous
Read full review
Palo Alto Networks
Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps. McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.
DeForge, Peter | TrustRadius Reviewer
DeForge, Peter
Systems Support Analyst
Read full review
Return on Investment
IBM
  • It provides comprehensive MTTD and MTTR metrics and we are aware of how secure our systems are at any given moment.
  • We use linux 7.7, therefore the integrations are smooth.
  • We've been able run our online shops securely for so long.
Verified User
Anonymous
Read full review
Palo Alto Networks
  • After putting Palo Alto Networks Cortex XDR on a user's system, users came back with a positive response that there are no performance issues now.
  • We are able to track and control granular suspicious and malicious activities.
  • Web controls are missing, which if they would have been there would have been very helpful.
DS
Read full review
ScreenShots

IBM Security QRadar SOAR Screenshots

Screenshot of the IBM Security QRadar SOAR Breach Response solution. The software helps customers manage more than 180 global privacy reporting regulations including GDPR.Screenshot of the Playbooks Landing page, that shows all active playbooks in a single view, including how many are actively running, disabled, or are in draft.Screenshot of IBM Security QRadar SOAR’s Playbook Designer canvas, designed to lower the barrier to entry necessary to build automations through a graphical interface.Screenshot of the Tasks view shows all response tasks, organized by phase, that have either completed or are set to be executed.Screenshot of Threat Investigator automatically correlates incident information, curating an incident timeline from start to finish, including related artifacts and MITRE ATT&CK mappings.