TrustRadius

IBM Security QRadar SIEM vs. IBM Security QRadar SOAR

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
IBM Security QRadar SIEM
Score 8.7 out of 10
N/A
IBM Security QRadar is security information and event management (SIEM) Software.N/A
IBM Security QRadar SOAR
Score 8.9 out of 10
N/A
IBM Security® QRadar® SOAR is designed to help your security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides your team in resolving incidents by codifying established incident response processes into dynamic playbooks.N/A
Pricing
IBM Security QRadar SIEMIBM Security QRadar SOAR
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
IBM Security QRadar SIEMIBM Security QRadar SOAR
Free Trial
YesNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional DetailsUsage-based pricing: This simple, scalable option allows starting small with an initial users and capabilities and scaling up as more users are added, as well as capabilities and data. Enterprise-wide pricing: This option is based on either the size of the enterprise-wide IT infrastructure or the size and type of data sources being secured.
More Pricing Information
Community Pulse
IBM Security QRadar SIEMIBM Security QRadar SOAR
Considered Both Products
IBM Security QRadar SIEM
Verified User
Analyst
Chose IBM Security QRadar SIEM
We select a IBM Security QRadar SIEM because is better to integrate a our SIEM QRADAR.
Marcos Vinícius Cunha | TrustRadius Reviewer
Marcos Vinícius Cunha
Information Security
Chose IBM Security QRadar SIEM
Due to its performance, it is a more practical way to analyze and respond to an incident. It is a graphic with good interaction and multiple integrated platforms.
Verified User
Consultant
Chose IBM Security QRadar SIEM
I still don't have experience with other SIEM solutions.
Janette Iris Contreras Reyes | TrustRadius Reviewer
Janette Iris Contreras Reyes
Gerente de Monitoreo y Respuesta a Incidentes
Chose IBM Security QRadar SIEM
friendly tool
With reasonable costs
with ease of integration
Muhammed Ali CETİN | TrustRadius Reviewer
Muhammed Ali CETİN
Information Technology Security Engineer
Chose IBM Security QRadar SIEM
IBM is more user-friendly if we compare it with ELK stack and ArcSight. Much reliable, and have better Support. Onboarding data, creating correlation searches, and easier to integrate with 3rd party solutions as well. LogOps projects and less time-consuming products. Qradar …
Muhannad Zarour | TrustRadius Reviewer
Muhannad Zarour
Senior Cybersecurity Consultant/Trainer
Chose IBM Security QRadar SIEM
Very close competition but IBM QRadar stands out; other IBM products support the cybersecurity monitoring and IR function.
LB
Larbi Belmiloud
cyber security Analyste
Chose IBM Security QRadar SIEM
There is a full integration between QRadar and Resilient. This two-way integration helps investigators to enhance and use the strongest version of QRadar, more so than the use of Xforce and other threat sources to investigate and get the IOC feeds. There are many applications …
IBM Security QRadar SOAR
Features
IBM Security QRadar SIEMIBM Security QRadar SOAR
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
IBM Security QRadar SIEM
8.6
69 Ratings
9% above category average
IBM Security QRadar SOAR
-
Ratings
Centralized event and log data collection9.927 Ratings00 Ratings
Correlation8.769 Ratings00 Ratings
Event and log normalization/management9.527 Ratings00 Ratings
Deployment flexibility7.827 Ratings00 Ratings
Integration with Identity and Access Management Tools8.865 Ratings00 Ratings
Custom dashboards and workspaces7.469 Ratings00 Ratings
Host and network-based intrusion detection9.725 Ratings00 Ratings
Data integration/API management9.07 Ratings00 Ratings
Behavioral analytics and baselining7.748 Ratings00 Ratings
Rules-based and algorithmic detection thresholds8.149 Ratings00 Ratings
Response orchestration and automation7.75 Ratings00 Ratings
Reporting and compliance management8.047 Ratings00 Ratings
Incident indexing/searching8.97 Ratings00 Ratings
Best Alternatives
IBM Security QRadar SIEMIBM Security QRadar SOAR
Small Businesses
LevelBlue USM Anywhere
LevelBlue USM Anywhere
Score 7.5 out of 10

No answers on this topic

Medium-sized Companies
Sumo Logic
Sumo Logic
Score 8.8 out of 10
Splunk SOAR
Splunk SOAR
Score 8.4 out of 10
Enterprises
Sumo Logic
Sumo Logic
Score 8.8 out of 10
Palo Alto Networks Cortex XSOAR
Palo Alto Networks Cortex XSOAR
Score 7.1 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
IBM Security QRadar SIEMIBM Security QRadar SOAR
Likelihood to Recommend
8.4
(89 ratings)
8.8
(18 ratings)
Likelihood to Renew
8.4
(5 ratings)
8.0
(1 ratings)
Usability
8.1
(2 ratings)
5.7
(3 ratings)
Availability
9.0
(1 ratings)
-
(0 ratings)
Performance
9.0
(1 ratings)
-
(0 ratings)
Support Rating
8.1
(62 ratings)
6.0
(1 ratings)
In-Person Training
9.0
(1 ratings)
-
(0 ratings)
Online Training
9.0
(1 ratings)
-
(0 ratings)
Implementation Rating
8.0
(1 ratings)
-
(0 ratings)
Configurability
8.0
(1 ratings)
-
(0 ratings)
Contract Terms and Pricing Model
9.0
(1 ratings)
-
(0 ratings)
Ease of integration
8.0
(58 ratings)
-
(0 ratings)
Product Scalability
8.0
(1 ratings)
-
(0 ratings)
Professional Services
10.0
(1 ratings)
-
(0 ratings)
Vendor post-sale
9.0
(1 ratings)
7.3
(1 ratings)
Vendor pre-sale
9.0
(1 ratings)
8.2
(1 ratings)
User Testimonials
IBM Security QRadar SIEMIBM Security QRadar SOAR
Likelihood to Recommend
IBM
I would only recommend IBM Security QRadar SIEM in a few situations. For one, it's very easy to setup and use if all your log sources are generic from known vendors. It's also significantly cheaper than Splunk, which is nice if you're trying to save money or be more efficient. I would not recommend IBM Security QRadar SIEM for environments with a lot of custom logs and complicated detection requirements.
Verified User
Anonymous
Read full review
IBM
IBM Security QRadar SOAR is versatile. All the major players in SOAR field require the administrator to have coding experience but with IBM it is different. IBM's solution is a full-fledged automation solution, and not some threat-based or limited one. Meaning whatever comes to your mind, if you can write the code, you can do it. This goes from daily tasks from SOC to daily tasks of your network or security administrator or any other administrator. You can manage your ITSM solution if you want to, IBM is a playground and there is much to discover in its capabilities. If you do not have the knowledge or if you want a SOC/Threat Based SOAR solution, meaning you want automation but you want it to be limited to an area and out-of-box, you may choose other alternatives.
Verified User
Anonymous
Read full review
Pros
IBM
  • Enables identification and prioritization of vulnerabilities in IT infrastructure for corrective action.
  • Facilitates security incident investigation and forensic analysis.
  • Provides a real-time view of security events, enabling immediate incident response.
  • Can integrate with external threat intelligence sources to enrich data and improve threat detection.
  • Enables the generation of detailed and customized reports.
Brandon Lowry | TrustRadius Reviewer
Brandon Lowry
Cyber Security Specialist
Read full review
IBM
  • QRadar's ability to collect, analyze and normalize vast amount of security data from various sources is remarkable.
  • QRadar allows us to define and automate incident response playbooks which have been amazing for streamlining the response to security incidents.
  • It offers and extensive library of pre-built connectors and support for common security standards facilitating seamless integration with a wide range of security tools.
SJ
Sarah Jones
CMO (Chief Marketing Officer)
Read full review
Cons
IBM
  • Need to spend more time configuring the system to properly interpret and normalize different type of data collected from multiple resources.
  • While Rule creation QRadar uses that rules to detect security threats and generate alerts, but to creating and managing rules is bit complex & tedious work to complete.
  • IBM Security QRadar SIEM is excellent in handling large & complex systems that requires in-depth knowledge and extensive training to configure and maintain the system which includes upgrading, optimization of performance & issue troubleshooting.
NP
Neel Patel
Sr Cloud Architect
Read full review
IBM
  • You still have to generate reports manually. Reports are very limited and practically not useful.
  • The solution should not be SOAR class. Automations usually don't work. It's apparent that it's not designed for that.
  • Lack of flexibility.
  • Practically no support. The reported integration problems have not been resolved.
DS
Dominik Siekierski
Applications Engineer
Read full review
Likelihood to Renew
IBM
QRadar is an established and stable product, we have been using it for many years and want to continue to focus on it. Anyone who has used the product and knows it knows how reliable it is and how it facilitates continuous monitoring of threats from outside and inside. it is an exceptional product that is very useful for us.
Verified User
Anonymous
Read full review
IBM
I'd rate my likelihood of renewing the use of IBM Security QRadar SOAR as an 8 out of 10. Its strong automation, customization, and integration capabilities make it highly valuable for incident response and cybersecurity research. However, occasional complexity and the need for more streamlined usability prevent it from being a perfect score.
Verified User
Anonymous
Read full review
Usability
IBM
As a grade I give 8 as QRadar is not easy to learn. It requires some time to master it. It also needs a team of people actively working on the product. Once you learn to use it the software works very well and it is easy to correlate and understand detected threats. It only takes time to learn how to use it well and configure it properly.
Verified User
Anonymous
Read full review
IBM
I would rate IBM Security QRadar SOAR's overall usability a 7 out of 10. The interface is quite functional and offers a wide range of features, but it can be somewhat complex and intimidating for beginners. Additionally, the configuration and customization can require a significant learning curve, especially for those without prior experience with security orchestration and automation platforms.
Verified User
Anonymous
Read full review
Reliability and Availability
IBM
No answers on this topic
IBM
I would rate IBM Security QRadar SOAR's availability as 9 out of 10. The platform is highly reliable, with minimal unplanned outages or application errors, ensuring it’s available when needed. However, occasional minor maintenance periods or rare connectivity issues prevent it from achieving a perfect score in terms of availability.
Verified User
Anonymous
Read full review
Performance
IBM
No answers on this topic
IBM
I would rate IBM Security QRadar SOAR's performance as 8 out of 10. Pages generally load quickly, and reports complete in a reasonable time frame, even for complex data. While integration with other systems is smooth, there can be occasional slowdowns when handling very large datasets or during peak usage, which affects the perfect score.
Verified User
Anonymous
Read full review
Support Rating
IBM
Customer support is Good of IBM, While Using IBM QRadar its deployment is to slow and suddenly stop working and crashed we have contacted IBM Support and Rised a Ticket within a few minute we get call back from customer support and Query Resolved by them Fast And Rapid Support of Ibm
Abhishek Kumar | TrustRadius Reviewer
Abhishek Kumar
Assistant Manager
Read full review
IBM
I would rate IBM Security QRadar SOAR's support an 8 out of 10. The support team is knowledgeable, responsive, and generally provides helpful solutions. However, there can be occasional delays when addressing more complex issues, which prevents it from being a perfect score. Overall, the support experience has been positive.
Verified User
Anonymous
Read full review
In-Person Training
IBM
The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.
Verified User
Anonymous
Read full review
IBM
No answers on this topic
Online Training
IBM
The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.
Verified User
Anonymous
Read full review
IBM
No answers on this topic
Implementation Rating
IBM
Initial patience is required to learn how to use the product, and it takes a dedicated team to use it. One person is not enough, and it's not enough to just set it up and check it once in a while. It has to be used daily and kept under control to be used effectively
Verified User
Anonymous
Read full review
IBM
I would rate my satisfaction with the implementation of IBM Security QRadar SOAR as 7 out of 10. The process was generally straightforward, supported by helpful documentation and responsive support. However, certain advanced configurations proved more challenging and required more technical effort than anticipated, making the overall experience less seamless.
Verified User
Anonymous
Read full review
Alternatives Considered
IBM
IBM Qradar takes the best from its competitors. Reliable and stable but sometimes very expensive, the SIEM from IBM offers a wide range of scenarios in which the customers can suite and size their own infrastructures. IBM Qradar doesn't really needs to stack up againt its competitors because it already sets an example in the SIEM world.
Verified User
Anonymous
Read full review
IBM
Overall, IBM Security QRadar SOAR offered the same set of functionality that was needed by the organization as offered by Splunk SOAR, but the former is less expensive and solves all the purpose within budget. In addition, integration with other IBM products was easier and made implementation of a SOAR solution much faster.
Verified User
Anonymous
Read full review
Scalability
IBM
No answers on this topic
IBM
I would rate IBM Security QRadar SOAR's overall scalability as 9 out of 10. It effectively scales to handle large volumes of incidents and can be deployed across multiple departments or sites. Its architecture supports growing data and integration needs, but advanced configuration for larger deployments may require more effort, preventing a perfect score.
Verified User
Anonymous
Read full review
Return on Investment
IBM
  • Offense investigation was really helped in tackling the incidents. It was accurate and brief
  • The automation with IBM resilient (SOAR) was a milestone in elimination of user mistakes
  • The X-Force threat intelligence supported us in getting the work done without any 3rd party enterprise OSINT database
Verified User
Anonymous
Read full review
IBM
  • It provides comprehensive MTTD and MTTR metrics and we are aware of how secure our systems are at any given moment.
  • We use linux 7.7, therefore the integrations are smooth.
  • We've been able run our online shops securely for so long.
Verified User
Anonymous
Read full review
ScreenShots

IBM Security QRadar SIEM Screenshots

Screenshot of QRadar SIEM Cloud native- Threat intelligence preview

IBM Security QRadar SOAR Screenshots

Screenshot of the IBM Security QRadar SOAR Breach Response solution. The software helps customers manage more than 180 global privacy reporting regulations including GDPR.Screenshot of the Playbooks Landing page, that shows all active playbooks in a single view, including how many are actively running, disabled, or are in draft.Screenshot of IBM Security QRadar SOAR’s Playbook Designer canvas, designed to lower the barrier to entry necessary to build automations through a graphical interface.Screenshot of the Tasks view shows all response tasks, organized by phase, that have either completed or are set to be executed.Screenshot of Threat Investigator automatically correlates incident information, curating an incident timeline from start to finish, including related artifacts and MITRE ATT&CK mappings.