TrustRadius
IBM Security QRadar is security information and event management (SIEM) Software.Basic features of IBM QRadarIBM QRadar is an excellent security software. It was recommended to apply in the agribusiness companies that I advise, in order to protect the database of agrochemical products for sale. It is implemented throughout the company, especially in the sales department. IBM QRadar mainly installed itself in the agro-industry that I usually advise in order to protect against security risks or threats. Since it is based on cognitive computing solutions, this product is the only one able to cope with the growing sophistication and volume of threats to information security. Since it is characterized by providing present-time analysis of security alerts originating both in the hardware, as well as in the software that is being used in the company, IBM QRadar was installed in the company mainly to protect the database of listing data of the agrochemical products that are commercialized against virus threats that could alter the database.,All the databases and valuable information of the organizations are increasingly exposed to a great diversity of threats. The more and more expert attackers manage to make the brands of their actions practically inevitable, and QRadar detects in time any anomaly in order to protect companies from these actions. This is carried out through an exhaustive analysis of the information, which allows it to identify in advance those threats and suspicious actions that may affect the data and systems in general.,In terms of ease of use, QRadar has a somewhat complex architecture that makes it a software product that is not very detailed, as it offers a user interface and a fairly systematic deployment. You can send a denial of service. The Linux kernel used by QRadar is vulnerable to a denial of service due to an error in functionality.,10,The impact has been 100% positive, since QRadar is such a powerful platform, capable of offering attractive functionalities for each type of organization. It has reached all the security and protection objectives of the organizations' databases and storage.,,IBM Watson AnalyticsAssure great security with IBM QRadarIBM QRadar is one of the best SIEMs on the market. It is a SIEM solution that provides security, integrity, and resilience to logs collected from critical resources. QRadar provides customizable dashboards, compliance templates, and data archiving. The SIEM offers a full range of security intelligence capabilities for on-premise deployments and the possibility of automation to detect sources of security log data and new network flow traffic. In conclusion, QRadar is a great SIEM solution.,Good integration of log sources. Low level of false positive offenses. Collect logs from more than 400+ sources and millions of events per second. Intuitive dashboards.,The solution is a little bit too expensive. Create templates for logs from SWIFT. Make it more user-friendly.,10,Assure security (confidentiality, integrity, and availability) of logs. Assure compliance with international standards. Help to investigate incidents. Help to identify and analyze cyber attacks.,,Tenable SecurityCenter, SovLabs Microsoft Active Directory, Azure Active DirectorySimple, flexible architecture. Easy deployment. Out of the box rules, offenses and reportsWe have used IBM QRadar for more than 8 years. We collect and corelate events from Microsoft Servers, SQL, Oracle, Fortigate, Cisco ASA, Active Directory, Linux, Apache and from many other custom services. The out-of-the-box rules, offences, and reports, made SOC's lives easy and more comfortable. DSM Editor is simple and works with simple regex. Now, we integrate into IBM QRadar, Vulnerability Manager and Risk Manager from IBM. This integration helps us to view the problems with the IT infrastructure and resolve them fast. It's the solution for businesses who want to get rapid deployment and instant log visibility to meet security and compliance requirements.,Log Sources - QRadar has a lot of built-in log source types, more than 400. If you can't find THE source, you can create your own log source with DSM Editor. DSM Editor - This tool is great and can help you if you have own services and you want to parse the events like you want. Integration with Vulnerability Manager and Risk Manager - Installation is easy and intuitive Built-in Rules, Offences and Reports - for new users it's a great opportunity to learn how QRadar works and how to create new rules and offences.,Update procedure between versions, sometimes after update, something doesn't work and you need to contact support or work with command line SE Linux by default is disable Metric events can't be disabled,10,Increase Security Compliance with standards Built in All in One solution,McAfee Data Center Security Suite and Splunk Enterprise Security,McAfee Web Gateway, McAfee ePolicy Orchestrator, McAfee Complete Data ProtectionIBM Qradar is a great SIEM solutionIBM QRadar is a great SIEM solution. It gives us the ability to correlate data from our critical infrastructure in real-time. This solution helps improve the efficiency of our security team. It is very intuitive and easy to learn.,Great user interface. Easy to use and administer. The most comprehensive and powerful SIEM. Very stable.,Can't be integrated with TSM. Some searches are not very intuitive. It is not possible to export reports from the vulnerability manager add on.,10,Helps us to be in compliance with international standards. Prevent and detect intrusions. Prevent and detect incidents. Securely store important events from critical solutions.,,Microsoft 365 Business, Forcepoint Data Loss Protection, Fortinet FortiGateQRadar: great SIEM solutionQRadar is used by our Information Security Division. It helps collect logs from all our critical systems and detect important security events. Also, we have created offenses for our cases. Great solution, easy to use, and easy integration with other systems. It is a perfect solution for small and big companies. Integrity of logs is very important!!!,Easy to use Great integration Good price,Predefined parser for SWIFT logs,10,For us, there has been no impact or ROI.,,SovLabs Microsoft Active Directory, Windows Server, Tenable SecurityCenterQRADAR for Brazil.We use QRADAR in the business area and the IT area. We were looking to solve questions about logs systems that we weren’t monitoring. Now, we have information in real time and we can identify when an irregular operation happens. QRADAR sends information to our analyst and opens incidents. Another use case that we have is linked with the security team. We monitor external login systems (like webmail) and we can identify when brute force attacks happen. The action for this case is automatic and the offender is blocked.,Simple to use Fast Simple infrastructure System is stable Uses Linux as system operation Has a lot of connectors (log sources),Doesn't work well in Nutanix virtualization (Acropolis),9,The visibility that we have with QRADAR is amazing. For us, in Brazil, the price is expensive.,Splunk Enterprise,McAfee ePolicy OrchestratorSimply the best - QRadarIBM QRadar is being used to monitor the logs of the Cisco Firewall and several AIX Logs. Business problems addressed include detection of security risk and automation of response to aid in taking prompt action to detect sources of security using log data and new network traffic data, making investigations possible and prompt,Data visibility Only alerts when necessary. Detects threats, identifies and prioritizes potential incidents Automates response, contains threat,Machines require fairly high resources The process of setting what is considered an offense is a bit cumbersome. Variable login expiration would be appreciated,10,We are in a position to have peace knowing that we can find out about intrusions and identify access Ability to search old logs We can now focus on core business,IBM AIX, Red Hat Enterprise Linux (RHEL), DominoNeed Netflow for ??Our company provides a QRadar plugin that generates NetFlow data for the QRadar net flow dashboard from packet data to enhance network security, management, and analytics,Net flow dashboard provides clear and concise display of net flow data QRadar makes sure that the most important events are highlighted,Better working with technology partners for QRadar plugins Help promoter plugins to QRadar installed base,9,Just starting to evaluate,Splunk Enterprise,Fortinet FortiGate, Palo Alto Networks Threat ProtectionQRadar is the best IBM product...period!We began to use QRadar to identify threats within our organization. Being in the Industrial Construction Industry, it was slow to adopt the need to take threats seriously. As an industry, we began to take the threats more seriously when we realized we are very high up on the target list because of the sensitive information we actually have. QRadar has provided us with a very trusted product for our entire organization that is allowing our Executive Management team to sleep better at night!,It allows us to have visibility to potential problems both on premise and in the cloud which was key as we have become a hybrid consumer. It has automated monitoring which has allowed us to see threats faster and also allowed us to be proactive. By having over 20,000 employees, QRadar has also allowed us to be aware of internal threats that are brought into the company by unsuspecting employees.,We are too new with the product for me to actually have good feedback on this question,9,QRadar has helped us improve our rating when going through an IT audit. It has allowed us to answer some security related contract questions much more positively when going through contract negotiation. It helps us to protect our company and investors from Outside and Internal threats.,,IBM Cognos, IBM FileNet Content Manager, IBM Db2 Analytics AcceleratorQRadar is pretty goodQRadar is managed or administered by one department but through logging or alerts, emails are sent to multiple other departments.,Collect logs Correlate data Send alerts,Ease of use Emailed alerts that are easier to dissect,8,Real-time alerting of flags in particular logs Comprehensive log collecting,Splunk Enterprise,Red Hat Enterprise Linux (RHEL), AppDynamics, Veritas Enterprise VaultEnterprise-grade security with QRadarQRadar is being used as one of the platforms to support our security services to our enterprise customers both from a project-based approach and in our managed security services offerings for public, enterprise and mid-market customers, in several countries worldwide,Interface usability is very intuitive The depth and wide coverage of the technical analysis The integration with 3rd party platforms,Seamless integration with some of the cloud platforms,8,Not applicable,FortiSIEM, Arcsight Enterprise Security Manager (formerly HP Arcsight) and Cisco Security Services,Arcsight Enterprise Security Manager (formerly HP Arcsight)Get to the head of the QQRadar is being used for incident detection and escalation, as well as reporting of metrics of interest on top of some KPIs for response times.,Correlation Ease of use for data Customization for custom applications,Reporting configuration is still too convoluted Coalescing is too tied down. I recommend an ability to adjust, with an appropriate limit, the fields used: in general, by log source type, and/or by log source.,8,Immediate perceived ROI by leadership using reporting data.,Splunk Enterprise, LogRhythm, Arcsight Enterprise Security Manager (formerly HP Arcsight), RSA NetWitness Logs & Packets and Sumo Logic,Splunk EnterpriseQRadarWe currently use QRadar in a vast array of uses from simple searching to advanced correlation to extensive UBA monitoring,Correlation Vendor support Complex data searching,Customizable UI Advanced Reporting,10,Great flexibility to meet all needs,Splunk Enterprise, Splunk Cloud, Arcsight Enterprise Security Manager (formerly HP Arcsight), AlienVault OSSIM and LogRhythm,Splunk Enterprise, LogRhythm, AlienVault OSSIMQradar-SPine of Any SOCWe are using IBM Qradar for our many BFSI clients as a SIEM tool, and also for Security Operations Center (SOC) services offered to other clients.,Custom parser with excellent DSM editor Nice dashboard Customizable reports,In the dashboard, the widget size cannot be modified by stretching it in or out. AQL decoder,9,It's a good tool overall It's very scalable It's flexible enough to accommodate requirements from multiple customers,McAfee Enterprise Security Manager,McAfee Endpoint Security, McAfee Data Center Security SuiteQradar - Big League SIEM SolutionQradar is a premium SIEM solution for medium and large businesses. Used to correlate and triage security events across the entire landscape, security teams are able to quickly respond to threats. Often times, information security departments are so inundated with raw data that things certainly get lost in the shuffle. With Qradar, all of this data is combined and processed allowing a fast view into the important things.,Rule creation is intuitive and fast which helps during emergency situations. Platform maintenance is very light while the appliance has nearly flawless uptime. Report generation is very functional and efficient.,There is a steep learning curve compared to other platforms. Qradar is incredibly powerful but does require some homework. There is a glaring lack of threat feed utilization outside of STIXX/TAXII which remains very limited at this time. May require a considerable amount of tuning during deployment with very little "out of the box" offense information.,9,Faster response times Global scalability High cost of implementation,AlienVault USM and SplunkIBM QRadar - A go-to SIEM productIBM QRadar SIEM was the preferred choice for enterprise clients across all the business departments who wanted to get rapid deployment and instant log visibility to meet security and compliance requirements.,Simple, flexible architecture Easy deployment Out of the box content good enough to have quick wins,Event log parsing Correlation engine needs more dynamism and flexibility,7,Postive ROI Increased and instant visibility,HP Arcsight, Splunk Enterprise and LogRhythm
Unspecified
IBM QRadar
82 Ratings
Score 9.1 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

IBM QRadar Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
IBM QRadar
82 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 9.1 out of 101

Do you work for this company? Manage this listing

TrustRadius Top Rated for 2019
Show Filters 
Hide Filters 
Filter 82 vetted IBM QRadar reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role

Reviews (1-16 of 16)

Do you use this product? Write a Review
Ruben Albornoz profile photo
February 21, 2019

Basic features of IBM QRadar

Score 10 out of 10
Vetted Review
Verified User
Review Source
IBM QRadar is an excellent security software. It was recommended to apply in the agribusiness companies that I advise, in order to protect the database of agrochemical products for sale. It is implemented throughout the company, especially in the sales department.

IBM QRadar mainly installed itself in the agro-industry that I usually advise in order to protect against security risks or threats.

Since it is based on cognitive computing solutions, this product is the only one able to cope with the growing sophistication and volume of threats to information security. Since it is characterized by providing present-time analysis of security alerts originating both in the hardware, as well as in the software that is being used in the company, IBM QRadar was installed in the company mainly to protect the database of listing data of the agrochemical products that are commercialized against virus threats that could alter the database.
  • All the databases and valuable information of the organizations are increasingly exposed to a great diversity of threats. The more and more expert attackers manage to make the brands of their actions practically inevitable, and QRadar detects in time any anomaly in order to protect companies from these actions. This is carried out through an exhaustive analysis of the information, which allows it to identify in advance those threats and suspicious actions that may affect the data and systems in general.
  • In terms of ease of use, QRadar has a somewhat complex architecture that makes it a software product that is not very detailed, as it offers a user interface and a fairly systematic deployment.
  • You can send a denial of service. The Linux kernel used by QRadar is vulnerable to a denial of service due to an error in functionality.
The use and application of IBM QRadar is very appropriate in organizations where it integrates features for the handling of incidents, vulnerability detection and generation of compliance reports. In the case of the agribusiness company where it was applied, it was used in order to detect possible virus threats in product database sales, under a Linux environment.

QRadar defines risk management strategies, contributing to creating security policies adapted to the particular context, needs, and business activities; the goal is to build a robust and functional security system.
Read Ruben Albornoz's full review
No photo available
April 10, 2019

Assure great security with IBM QRadar

Score 10 out of 10
Vetted Review
Verified User
Review Source
IBM QRadar is one of the best SIEMs on the market. It is a SIEM solution that provides security, integrity, and resilience to logs collected from critical resources. QRadar provides customizable dashboards, compliance templates, and data archiving. The SIEM offers a full range of security intelligence capabilities for on-premise deployments and the possibility of automation to detect sources of security log data and new network flow traffic. In conclusion, QRadar is a great SIEM solution.
  • Good integration of log sources.
  • Low level of false positive offenses.
  • Collect logs from more than 400+ sources and millions of events per second.
  • Intuitive dashboards.
  • The solution is a little bit too expensive.
  • Create templates for logs from SWIFT.
  • Make it more user-friendly.
In my opinion, IBM QRadar SIEM is a fit great for big enterprises with more than 100 log sources. SIEM collects in secure mode logs from different sources. Great integration with different log sources. Easy to select and analyze logs. Good dashboards and graphics. QRadar offers incident forensics integration—very good functionality.
Read this authenticated review
No photo available
April 10, 2019

Simple, flexible architecture. Easy deployment. Out of the box rules, offenses and reports

Score 10 out of 10
Vetted Review
Verified User
Review Source
We have used IBM QRadar for more than 8 years. We collect and corelate events from Microsoft Servers, SQL, Oracle, Fortigate, Cisco ASA, Active Directory, Linux, Apache and from many other custom services. The out-of-the-box rules, offences, and reports, made SOC's lives easy and more comfortable. DSM Editor is simple and works with simple regex. Now, we integrate into IBM QRadar, Vulnerability Manager and Risk Manager from IBM. This integration helps us to view the problems with the IT infrastructure and resolve them fast. It's the solution for businesses who want to get rapid deployment and instant log visibility to meet security and compliance requirements.
  • Log Sources - QRadar has a lot of built-in log source types, more than 400. If you can't find THE source, you can create your own log source with DSM Editor.
  • DSM Editor - This tool is great and can help you if you have own services and you want to parse the events like you want.
  • Integration with Vulnerability Manager and Risk Manager - Installation is easy and intuitive
  • Built-in Rules, Offences and Reports - for new users it's a great opportunity to learn how QRadar works and how to create new rules and offences.
  • Update procedure between versions, sometimes after update, something doesn't work and you need to contact support or work with command line
  • SE Linux by default is disable
  • Metric events can't be disabled
IBM QRadar is perfect if you have Security Operation Center, also it's a great solution to keep logs integrity and safety. User behavior helps to identify some anomalies. Parsing, Rules, Offences, and Reports for Active Directory logs are very deep and granular. On the other hand, Network Activity disappointed me a little and the dashboard it's kind of poor compared to other solutions.
Read this authenticated review
No photo available
March 19, 2019

IBM Qradar is a great SIEM solution

Score 10 out of 10
Vetted Review
Verified User
Review Source
IBM QRadar is a great SIEM solution. It gives us the ability to correlate data from our critical infrastructure in real-time. This solution helps improve the efficiency of our security team. It is very intuitive and easy to learn.
  • Great user interface.
  • Easy to use and administer.
  • The most comprehensive and powerful SIEM.
  • Very stable.
  • Can't be integrated with TSM.
  • Some searches are not very intuitive.
  • It is not possible to export reports from the vulnerability manager add on.
This SIEM solution is perfect for collecting events from all of our critical sources (applications, databases, file server).
Read this authenticated review
No photo available
March 13, 2019

QRadar: great SIEM solution

Score 10 out of 10
Vetted Review
Verified User
Review Source
QRadar is used by our Information Security Division. It helps collect logs from all our critical systems and detect important security events. Also, we have created offenses for our cases. Great solution, easy to use, and easy integration with other systems. It is a perfect solution for small and big companies. Integrity of logs is very important!!!
  • Easy to use
  • Great integration
  • Good price
  • Predefined parser for SWIFT logs
Great SIEM solution. I strongly recommend. You can integrate IBM QRadar SIEM to collect logs from active directories, Exchange, SWIFT, core-banking, internet banking, DLP, proxy, and firewalls. It's easy to assure the integrity of logs and create offenses to monitor important and critical events from all critical systems, services, and devices from your organisation.
Read this authenticated review
Izidio Loyola Andolfato da Rosa profile photo
February 14, 2019

QRADAR for Brazil.

Score 9 out of 10
Vetted Review
Verified User
Review Source
We use QRADAR in the business area and the IT area. We were looking to solve questions about logs systems that we weren’t monitoring. Now, we have information in real time and we can identify when an irregular operation happens. QRADAR sends information to our analyst and opens incidents.


Another use case that we have is linked with the security team. We monitor external login systems (like webmail) and we can identify when brute force attacks happen. The action for this case is automatic and the offender is blocked.
  • Simple to use
  • Fast
  • Simple infrastructure
  • System is stable
  • Uses Linux as system operation
  • Has a lot of connectors (log sources)
  • Doesn't work well in Nutanix virtualization (Acropolis)
It is very appropriate for using collection logs from infrastructure, security systems and S.O.
Read Izidio Loyola Andolfato da Rosa's full review
David Bories profile photo
February 14, 2019

Simply the best - QRadar

Score 10 out of 10
Vetted Review
Reseller
Review Source

IBM QRadar is being used to monitor the logs of the Cisco Firewall and several AIX Logs.

Business problems addressed include detection of security risk and automation of response to aid in taking prompt action to detect sources of security using log data and new network traffic data, making investigations possible and prompt

  • Data visibility
  • Only alerts when necessary. Detects threats, identifies and prioritizes potential incidents
  • Automates response, contains threat
  • Machines require fairly high resources
  • The process of setting what is considered an offense is a bit cumbersome.
  • Variable login expiration would be appreciated

1. IBM QRadar is suited for a scenario where there is limited administrative support.

2. Where there are multiple log sources

3. Where there are multiple clients accessing from several locations

4. Highly secure sites / Sites where security is very important

5. Can't think of any scenario where it is less appropriate - maybe a single home system

Read David Bories's full review
Bruce Perlmutter profile photo
February 15, 2019

Need Netflow for ??

Score 9 out of 10
Vetted Review
Verified User
Review Source
Our company provides a QRadar plugin that generates NetFlow data for the QRadar net flow dashboard from packet data to enhance network security, management, and analytics
  • Net flow dashboard provides clear and concise display of net flow data
  • QRadar makes sure that the most important events are highlighted
  • Better working with technology partners for QRadar plugins
  • Help promoter plugins to QRadar installed base
Where concise clear display of events and net flow is required
Read Bruce Perlmutter's full review
No photo available
February 14, 2019

QRadar is the best IBM product...period!

Score 9 out of 10
Vetted Review
Verified User
Review Source
We began to use QRadar to identify threats within our organization. Being in the Industrial Construction Industry, it was slow to adopt the need to take threats seriously. As an industry, we began to take the threats more seriously when we realized we are very high up on the target list because of the sensitive information we actually have. QRadar has provided us with a very trusted product for our entire organization that is allowing our Executive Management team to sleep better at night!
  • It allows us to have visibility to potential problems both on premise and in the cloud which was key as we have become a hybrid consumer.
  • It has automated monitoring which has allowed us to see threats faster and also allowed us to be proactive.
  • By having over 20,000 employees, QRadar has also allowed us to be aware of internal threats that are brought into the company by unsuspecting employees.
  • We are too new with the product for me to actually have good feedback on this question
QRadar has been very good at helping to detect threats within the infrastructure of our organization. It does not however handle client threats as well and that was my biggest misconception when we were going through acquiring the product.
Read this authenticated review
No photo available
February 18, 2019

QRadar is pretty good

Score 8 out of 10
Vetted Review
Verified User
Review Source
QRadar is managed or administered by one department but through logging or alerts, emails are sent to multiple other departments.
  • Collect logs
  • Correlate data
  • Send alerts
  • Ease of use
  • Emailed alerts that are easier to dissect
QRadar is very good at collecting logs and providing integrations with other security products.
Read this authenticated review
No photo available
February 14, 2019

Enterprise-grade security with QRadar

Score 8 out of 10
Vetted Review
Reseller
Review Source
QRadar is being used as one of the platforms to support our security services to our enterprise customers both from a project-based approach and in our managed security services offerings for public, enterprise and mid-market customers, in several countries worldwide
  • Interface usability is very intuitive
  • The depth and wide coverage of the technical analysis
  • The integration with 3rd party platforms
  • Seamless integration with some of the cloud platforms
QRadar is an excellent enterprise-grade security platform
Read this authenticated review
No photo available
February 14, 2019

Get to the head of the Q

Score 8 out of 10
Vetted Review
Reseller
Review Source
QRadar is being used for incident detection and escalation, as well as reporting of metrics of interest on top of some KPIs for response times.
  • Correlation
  • Ease of use for data
  • Customization for custom applications
  • Reporting configuration is still too convoluted
  • Coalescing is too tied down. I recommend an ability to adjust, with an appropriate limit, the fields used: in general, by log source type, and/or by log source.
Bad for payload searching across multiple months.

Great for correlation.
Read this authenticated review
No photo available
February 14, 2019

QRadar

Score 10 out of 10
Vetted Review
Reseller
Review Source
We currently use QRadar in a vast array of uses from simple searching to advanced correlation to extensive UBA monitoring
  • Correlation
  • Vendor support
  • Complex data searching
  • Customizable UI
  • Advanced Reporting
Large scale correlation and real time monitoring are QRadar strengths
Read this authenticated review
No photo available
February 13, 2019

Qradar-SPine of Any SOC

Score 9 out of 10
Vetted Review
Verified User
Review Source
We are using IBM Qradar for our many BFSI clients as a SIEM tool, and also for Security Operations Center (SOC) services offered to other clients.
  • Custom parser with excellent DSM editor
  • Nice dashboard
  • Customizable reports
  • In the dashboard, the widget size cannot be modified by stretching it in or out.
  • AQL decoder
  • Well suited to Banking, Financial Services, and Insurance (BFSI) industry
  • End user interface is not friendly or intuitive
Read this authenticated review
No photo available
April 04, 2017

Qradar - Big League SIEM Solution

Score 9 out of 10
Vetted Review
Verified User
Review Source
Qradar is a premium SIEM solution for medium and large businesses. Used to correlate and triage security events across the entire landscape, security teams are able to quickly respond to threats. Often times, information security departments are so inundated with raw data that things certainly get lost in the shuffle. With Qradar, all of this data is combined and processed allowing a fast view into the important things.
  • Rule creation is intuitive and fast which helps during emergency situations.
  • Platform maintenance is very light while the appliance has nearly flawless uptime.
  • Report generation is very functional and efficient.
  • There is a steep learning curve compared to other platforms. Qradar is incredibly powerful but does require some homework.
  • There is a glaring lack of threat feed utilization outside of STIXX/TAXII which remains very limited at this time.
  • May require a considerable amount of tuning during deployment with very little "out of the box" offense information.
Due to the strength, robustness, and cost of a solution like this, I believe it is best suited for large businesses and enterprises. While a medium sized business would find value for sure, this system is not for the faint of heart or pocketbook. Qradar is well suited for environments with a lot of incoming data where manual analysis might not be an option.
Read this authenticated review
No photo available
June 21, 2017

IBM QRadar - A go-to SIEM product

Score 7 out of 10
Vetted Review
Verified User
Review Source
IBM QRadar SIEM was the preferred choice for enterprise clients across all the business departments who wanted to get rapid deployment and instant log visibility to meet security and compliance requirements.
  • Simple, flexible architecture
  • Easy deployment
  • Out of the box content good enough to have quick wins
  • Event log parsing
  • Correlation engine needs more dynamism and flexibility
Best suited for a unified architecture for small to medium enterprises.
Read this authenticated review

IBM QRadar Scorecard Summary

Feature Scorecard Summary

Centralized event and log data collection (16)
9.9
Correlation (16)
9.9
Event and log normalization (16)
9.9
Deployment flexibility (16)
9.9
Integration with Identity and Access Management Tools (15)
9.9
Custom dashboards and views (16)
9.7
Host and network-based intrusion detection (15)
9.9

About IBM QRadar

IBM Security QRadar is security information and event management (SIEM) Software.

IBM QRadar Technical Details

Operating Systems: Unspecified
Mobile Application:No