259 Reviews and Ratings
53 Reviews and Ratings
QRadar is very well suited on environments where there are not multiple tenants or domains, we do have success on this kind of scenario. IBM Security QRadar SIEM is less appropriate for environments with multiple tenants, specially when each tenant represent a different End Costumer (such as for MSSP companies), those environments require a high amount of rules and building blocks replications, since each tenant will have its own "BB definitions", servers, rules exception, etc. Also, some information, such as EPS count or EPS dropped are generated by QRadar's own log sources, which takes place on default domain, therefore users associated with different domain can not have access to those logs, even when the information is related to other domain's environment. For example, even if Event Collector 1 is associated to Domain A, the log informing its dropped EPS is generated by System notification, log source that must be associated to Default domain.Incentivized
On its own, it's a solid choice for an SMB or Mid-size Enterprise if you're price sensitive and looking primarily for core functionality. SolarWinds has a large family of products that can also be leveraged in conjunction with SWNDM. Turning the product loose on a very large environment for discovery and mapping should be done with care and concern for a number of reasons but including the performance of the product for this task. If you're looking for an all-in-one product with some presumed supporting features built in (config manager, etc.) you'll need to look elsewhere.Incentivized
Enables identification and prioritization of vulnerabilities in IT infrastructure for corrective action.Facilitates security incident investigation and forensic analysis.Provides a real-time view of security events, enabling immediate incident response.Can integrate with external threat intelligence sources to enrich data and improve threat detection.Enables the generation of detailed and customized reports.Incentivized
Monitor for and record network device configuration changes.Allow for the creation, or modification, of hardening standards for multiple vendors' network devices.Automate the creation of alerts that can be sent to owners for correction of compliance violations.Allow you to organize a visualization of your network devices.Incentivized
Need to spend more time configuring the system to properly interpret and normalize different type of data collected from multiple resources.While Rule creation QRadar uses that rules to detect security threats and generate alerts, but to creating and managing rules is bit complex & tedious work to complete.IBM Security QRadar SIEM is excellent in handling large & complex systems that requires in-depth knowledge and extensive training to configure and maintain the system which includes upgrading, optimization of performance & issue troubleshooting.Incentivized
More security put into the product, the Orion hack was not good news.More frequent releases to address small bugs rather than big releases that are rare.More IPv6 related features to make it easier for people familiar with IPv4 to learn IPv6.Ability to edit dashboards using JSON or another similar language.Incentivized
With the arrival of IBM Security QRadar SIEM at our company, we have a better vision of all the security needs that may arise, it is a very safe software to use that prevents threats from damaging our IT environment, it is impossible to change it for another software.Incentivized
A very special system to use without problems, the process is very genuine and does not require complicated procedures.Incentivized
Customer support is Good of IBM, While Using IBM QRadar its deployment is to slow and suddenly stop working and crashed we have contacted IBM Support and Rised a Ticket within a few minute we get call back from customer support and Query Resolved by them Fast And Rapid Support of IbmIncentivized
IBM Qradar takes the best from its competitors. Reliable and stable but sometimes very expensive, the SIEM from IBM offers a wide range of scenarios in which the customers can suite and size their own infrastructures. IBM Qradar doesn't really needs to stack up againt its competitors because it already sets an example in the SIEM world.Incentivized
MS is meant for windows monitoring and up/down for mostly everything else. Moved away from MS System Center. Now we have better visibility and management can get reports. The other teams have added Linux to Solarwinds and also see improvements in monitoring. Whether you use snmp (v3), wmi or some other credentials to connect to you system, Solarwinds will more than likely be able to manage and monitor it.Incentivized
Offense investigation was really helped in tackling the incidents. It was accurate and briefThe automation with IBM resilient (SOAR) was a milestone in elimination of user mistakesThe X-Force threat intelligence supported us in getting the work done without any 3rd party enterprise OSINT databaseIncentivized
Reduced site visits and recurring issues by 25 to 35%Enables proactive warning, thereby reducing downtime caused by unforeseen issuesProvides a central panel for monitoring the entire network at a glanceAllows for SLA management thereby increasing accountability by 50%Reduced time to repair by 35% as techs are more informed of root causeIncentivized