IBM Security QRadar is security information and event management (SIEM) Software.
N/A
ReliaQuest GreyMatter
Score 10.0 out of 10
N/A
ReliaQuest offers Open XDR-as-a-Service via ReliaQuest GreyMatter, a cloud-native Open XDR platform that brings together telemetry from any security and business solution—on-premises, in one or multiple clouds--to unify detection, investigation, response and resilience. ReliaQuest combines technology and 24/7/365 security expertise to give organizations the visibility and coverage they require to make their cybersecurity program more effective. ReliaQuest, headquartered in Tampa, boasts hundreds…
N/A
Pricing
IBM Security QRadar SIEM
ReliaQuest GreyMatter
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
IBM Security QRadar SIEM
ReliaQuest GreyMatter
Free Trial
Yes
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
IBM Security QRadar SIEM
ReliaQuest GreyMatter
Features
IBM Security QRadar SIEM
ReliaQuest GreyMatter
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
IBM Security QRadar SIEM
8.6
69 Ratings
8% above category average
ReliaQuest GreyMatter
-
Ratings
Centralized event and log data collection
9.927 Ratings
00 Ratings
Correlation
8.769 Ratings
00 Ratings
Event and log normalization/management
9.527 Ratings
00 Ratings
Deployment flexibility
7.827 Ratings
00 Ratings
Integration with Identity and Access Management Tools
I would only recommend IBM Security QRadar SIEM in a few situations. For one, it's very easy to setup and use if all your log sources are generic from known vendors. It's also significantly cheaper than Splunk, which is nice if you're trying to save money or be more efficient. I would not recommend IBM Security QRadar SIEM for environments with a lot of custom logs and complicated detection requirements.
Our company generates more than a terrabyte of log a day and it can easily go above 2 TB a day. We were using out of the box SOC Solution from splunk to manage our SOC. We lacked the know how of using splunk and also lacked the staff to keep the product up to date to help us tackle the latest threats. We outsourced our SIEM/SOAR service to RQ and they helped us with creating new use cases which addressed the latest threat to our organization. RQ has people who research the latest threats and helps us keep up to date on the day-to-day security operations. RQ also helps with data onboarding if required. So we would recommend RQ to customers who are short-staffed and who lack personnel who could research security threats to keep your organization safe from threat actors.
Need to spend more time configuring the system to properly interpret and normalize different type of data collected from multiple resources.
While Rule creation QRadar uses that rules to detect security threats and generate alerts, but to creating and managing rules is bit complex & tedious work to complete.
IBM Security QRadar SIEM is excellent in handling large & complex systems that requires in-depth knowledge and extensive training to configure and maintain the system which includes upgrading, optimization of performance & issue troubleshooting.
Some Analysts are relatively fresh to SOC. They sometimes get put into supporting large infrastructures.
RQ has a ton of correlation searches that they use to provide end-to-end visibility. Most of them can be restructured to get the same results and this can reduce the number of correlation searches.
QRadar is an established and stable product, we have been using it for many years and want to continue to focus on it. Anyone who has used the product and knows it knows how reliable it is and how it facilitates continuous monitoring of threats from outside and inside. it is an exceptional product that is very useful for us.
As a grade I give 8 as QRadar is not easy to learn. It requires some time to master it. It also needs a team of people actively working on the product. Once you learn to use it the software works very well and it is easy to correlate and understand detected threats. It only takes time to learn how to use it well and configure it properly.
Customer support is Good of IBM, While Using IBM QRadar its deployment is to slow and suddenly stop working and crashed we have contacted IBM Support and Rised a Ticket within a few minute we get call back from customer support and Query Resolved by them Fast And Rapid Support of Ibm
The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.
The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.
Initial patience is required to learn how to use the product, and it takes a dedicated team to use it. One person is not enough, and it's not enough to just set it up and check it once in a while. It has to be used daily and kept under control to be used effectively
IBM Qradar takes the best from its competitors. Reliable and stable but sometimes very expensive, the SIEM from IBM offers a wide range of scenarios in which the customers can suite and size their own infrastructures. IBM Qradar doesn't really needs to stack up againt its competitors because it already sets an example in the SIEM world.
Reliaquest is vendor agnostic. They have a lot of correlation searches that they use to provide security for your organizations. Compared to other products we have tried we felt that they are the only company that is doing proper market research on the latest and greatest threat to our vertical and coming out with the latest methods to keep up to date. RQ also has a good leadership structure that we could rely on if we run into any escalations. Compared to other products that we tried they try to work with you holding hands trying to resolve your problems.
RQ's Greymatter content has enriched our SOC experience because we always felt Splunk's out-of-the-box use cases were not sufficient enough to provide end-to-end coverage.
RQ specializes in a lot of big data solutions so that we can rely on them to help us troubleshoot tasks and also make sure our security solutions are working accurately.
