TrustRadius
IBM Security QRadar is security information and event management (SIEM) Software.Basic features of IBM QRadarIBM QRadar is an excellent security software. It was recommended to apply in the agribusiness companies that I advise, in order to protect the database of agrochemical products for sale. It is implemented throughout the company, especially in the sales department. IBM QRadar mainly installed itself in the agro-industry that I usually advise in order to protect against security risks or threats. Since it is based on cognitive computing solutions, this product is the only one able to cope with the growing sophistication and volume of threats to information security. Since it is characterized by providing present-time analysis of security alerts originating both in the hardware, as well as in the software that is being used in the company, IBM QRadar was installed in the company mainly to protect the database of listing data of the agrochemical products that are commercialized, to protect it against virus threats that could alter the database.,All the databases and valuable information of the organizations are increasingly exposed to a great diversity of threats. The more and more expert attackers manage to make the brands of their actions practically inevitable, and QRadar detects in time any anomaly in order to protect companies from these actions. It’s carried out through an exhaustive analysis of the information, which allows it to identify in advance those threats and suspicious actions that may affect the data and systems in general. All the databases and valuable information of the organizations are increasingly exposed to a great diversity of threats, the more and more expert attackers manage to make the brands of their actions practically inevitable, and QRadar detects in time any anomaly for protect from these actions. Carried out through an exhaustive analysis of the information, which allows to identify in advance those threats and suspicious actions that may affect the data and systems in genera,In terms of ease of use, QRadar has a somewhat complex architecture that makes it a software product that is not very detailed, as it offers a user interface and a fairly systematic deployment. You can send a denial of service. The Linux kernel used by QRadar is vulnerable to a denial of service due to an error in functionality.,10,The impact has been 100% positive since QRadar is such a powerful platform, capable of offering attractive functionalities for each type of organization. It has reached all the security and protection objectives of the organizations' databases and storage.,,IBM Watson AnalyticsQRADAR for Brazil.We use QRADAR in the business area and the IT area. We were looking to solve questions about logs systems that we weren’t monitoring. Now, we have information in real time and we can identify when an irregular operation happens. QRADAR sends information to our analyst and opens incidents. Another use case that we have is linked with the security team. We monitor external logins systems (like webmail) and we can identify when brute force attacks happen. The action for this case is automatic and the offender is blocked.,Simple to use Fast Simple infrastructure System is stable Uses Linux as system operation Has a lot connectors (log sources),Doesn't work well in Nutanix virtualization (acropolis),9,The visibility that we have with QRADAR is amazing. For us, in Brazil, the price is expensive.,Splunk Enterprise,McAfee ePolicy OrchestratorSimply the best - QRadarIBM QRadar is being used to monitor the logs of the Cisco Firewall and several AIX Logs. Business problems addressed include detection of security risk and automation of response to aid in taking prompt action to detect sources of security using log data and new network traffic data, making investigations possible and prompt,Data visibility Only alerts when necessary. Detects threats, identifies and prioritizes potential incidents Automates response, contains threat,Machines require fairly high resources The process of setting what is considered an offence is a bit cumbersome. Variable login expiration would be appreciated,10,We are in a position to have peace knowing that we can find out about intrusions and identify access Ability to search old logs We can now focus on core business,IBM AIX, Red Hat Enterprise Linux (RHEL), DominoNeed Netflow for ??Our company provides aQradar plugin that generates NetFlow data for the qradar net flow dashboard from packet data to enhance network security, management, and analytics,Net flow dashboard provides clear and concise display of Netflow data Qradar makes sure that the most important events are highlighted,Better working with technology partners for QRadar plugins Help promoter plugins to Quadra installed base,9,Just starting to evaluate,Splunk Enterprise,Fortinet FortiGate, Palo Alto Networks Threat ProtectionQRadar is the best IBM product...period!We began to use QRadar to identify threats within our organization. Being in the Industrial Construction Industry, it was slow to adopt the need to take threats seriously. As an industry, we began to take the threats more seriously when we realized we are very high up on the target list because of the sensitive information we actually have. QRadar has provided us with a very trusted product for our entire organization that is allowing our Executive Management team to sleep better at nights!,It allows us to have visibility to potential problems both on premise and in the cloud which was key as we have become a hybrid consumer. It has automated monitoring which has allowed us to see threats faster and also allowed us to be proactive. By having over 20,000 employees, QRadar has also allowed us to be aware of internal threats that are brought into the company by unsuspecting employees.,We are too new with the product for me to actually have good feedback on this question,9,QRadar has helped us improve our rating when going through an IT audit. It has allowed us to answer some security related contract questions much more positively when going through contract negotiation. It helps us to protect our company and investors from Outside and Internal threats.,,IBM Cognos, IBM FileNet Content Manager, IBM Db2 Analytics Accelerator
Unspecified
IBM QRadar
71 Ratings
Score 8.4 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

IBM QRadar Reviews

IBM QRadar
71 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.4 out of 101
Show Filters 
Hide Filters 
Filter 71 vetted IBM QRadar reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role

Reviews (1-12 of 12)

  Vendors can't alter or remove reviews. Here's why.
Ruben Albornoz profile photo
February 21, 2019

User Review: "Basic features of IBM QRadar"

Score 10 out of 10
Vetted Review
Verified User
Review Source
IBM QRadar is an excellent security software. It was recommended to apply in the agribusiness companies that I advise, in order to protect the database of agrochemical products for sale. It is implemented throughout the company, especially in the sales department.

IBM QRadar mainly installed itself in the agro-industry that I usually advise in order to protect against security risks or threats.

Since it is based on cognitive computing solutions, this product is the only one able to cope with the growing sophistication and volume of threats to information security. Since it is characterized by providing present-time analysis of security alerts originating both in the hardware, as well as in the software that is being used in the company, IBM QRadar was installed in the company mainly to protect the database of listing data of the agrochemical products that are commercialized, to protect it against virus threats that could alter the database.
  • All the databases and valuable information of the organizations are increasingly exposed to a great diversity of threats. The more and more expert attackers manage to make the brands of their actions practically inevitable, and QRadar detects in time any anomaly in order to protect companies from these actions. It’s carried out through an exhaustive analysis of the information, which allows it to identify in advance those threats and suspicious actions that may affect the data and systems in general.
  • All the databases and valuable information of the organizations are increasingly exposed to a great diversity of threats, the more and more expert attackers manage to make the brands of their actions practically inevitable, and QRadar detects in time any anomaly for protect from these actions. Carried out through an exhaustive analysis of the information, which allows to identify in advance those threats and suspicious actions that may affect the data and systems in genera
  • In terms of ease of use, QRadar has a somewhat complex architecture that makes it a software product that is not very detailed, as it offers a user interface and a fairly systematic deployment.
  • You can send a denial of service. The Linux kernel used by QRadar is vulnerable to a denial of service due to an error in functionality.
The use and application of IBM QRadar is very appropriate in organizations where it integrates features for the handling of incidents, vulnerability detection and generation of compliance reports. In the case of the agribusiness company where it was applied; it was used in order to detect possible virus threats in product database sales, under a Linux environment.

QRadar defines risk management strategies, contributing to creating security policies adapted to the particular context, needs, and business activities; the goal is to build a robust and functional security system.
Read Ruben Albornoz's full review
Izidio Loyola Andolfato da Rosa profile photo
February 14, 2019

IBM QRadar Review: "QRADAR for Brazil."

Score 9 out of 10
Vetted Review
Verified User
Review Source
We use QRADAR in the business area and the IT area. We were looking to solve questions about logs systems that we weren’t monitoring. Now, we have information in real time and we can identify when an irregular operation happens. QRADAR sends information to our analyst and opens incidents.


Another use case that we have is linked with the security team. We monitor external logins systems (like webmail) and we can identify when brute force attacks happen. The action for this case is automatic and the offender is blocked.
  • Simple to use
  • Fast
  • Simple infrastructure
  • System is stable
  • Uses Linux as system operation
  • Has a lot connectors (log sources)
  • Doesn't work well in Nutanix virtualization (acropolis)
It is very appropriate for using collection logs from infrastructure, security systems and S.O.
Read Izidio Loyola Andolfato da Rosa's full review
David Bories profile photo
February 14, 2019

IBM QRadar Review: "Simply the best - QRadar"

Score 10 out of 10
Vetted Review
Reseller
Review Source

IBM QRadar is being used to monitor the logs of the Cisco Firewall and several AIX Logs.

Business problems addressed include detection of security risk and automation of response to aid in taking prompt action to detect sources of security using log data and new network traffic data, making investigations possible and prompt

  • Data visibility
  • Only alerts when necessary. Detects threats, identifies and prioritizes potential incidents
  • Automates response, contains threat
  • Machines require fairly high resources
  • The process of setting what is considered an offence is a bit cumbersome.
  • Variable login expiration would be appreciated

1, IBM QRadar is suited for a scenario where there is limited administrative support.

2. Where there are multiple log sources

3. Where there are multiple clients accessing from several locations

4. Highly secure sites / Sites where security is very important

5. Can't think of any scenario where it is less appropriate - maybe a single home system

Read David Bories's full review
Bruce Perlmutter profile photo
February 15, 2019

IBM QRadar Review: "Need Netflow for ??"

Score 9 out of 10
Vetted Review
Verified User
Review Source
Our company provides aQradar plugin that generates NetFlow data for the qradar net flow dashboard from packet data to enhance network security, management, and analytics
  • Net flow dashboard provides clear and concise display of Netflow data
  • Qradar makes sure that the most important events are highlighted
  • Better working with technology partners for QRadar plugins
  • Help promoter plugins to Quadra installed base
Where concise clear display of events and net flow is required
Read Bruce Perlmutter's full review
No photo available
February 14, 2019

IBM QRadar Review: "QRadar is the best IBM product...period!"

Score 9 out of 10
Vetted Review
Verified User
Review Source
We began to use QRadar to identify threats within our organization. Being in the Industrial Construction Industry, it was slow to adopt the need to take threats seriously. As an industry, we began to take the threats more seriously when we realized we are very high up on the target list because of the sensitive information we actually have. QRadar has provided us with a very trusted product for our entire organization that is allowing our Executive Management team to sleep better at nights!
  • It allows us to have visibility to potential problems both on premise and in the cloud which was key as we have become a hybrid consumer.
  • It has automated monitoring which has allowed us to see threats faster and also allowed us to be proactive.
  • By having over 20,000 employees, QRadar has also allowed us to be aware of internal threats that are brought into the company by unsuspecting employees.
  • We are too new with the product for me to actually have good feedback on this question
QRadar has been very good at helping to detect threats within the infrastructure of our organization. It does not however handle client threats as well and that was my biggest misconception when we were going through acquiring the product.
Read this authenticated review
No photo available
February 18, 2019

IBM QRadar Review: "QRadar is pretty good"

Score 8 out of 10
Vetted Review
Verified User
Review Source
QRadar is managed or administered by one department but through logging or alerts, emails are sent to multiple other departments.
  • Collect logs
  • Correlate data
  • Send alerts
  • Ease of use
  • N/A
  • Emailed alerts that are easier to dissect
QRadar is very good at collecting logs and providing integrations with other security products.
Read this authenticated review
No photo available
February 14, 2019

IBM QRadar Review: "Enterprise-grade security with QRadar"

Score 8 out of 10
Vetted Review
Reseller
Review Source
QRadar is being used as one of the platforms to support our security services to our enterprise customers both in from a project-based approach and in our managed security services offerings for public, enterprise and mid-market customers, in several countries worldwide
  • Interface usability is very intuitive
  • The depth and wide coverage of the technical analysis
  • The integration with 3rd party platforms
  • Seamless integration with some of the cloud platforms
QRadar is an excellent enterprise-grade security platform
Read this authenticated review
No photo available
February 14, 2019

IBM QRadar Review: "Get to the head of the Q"

Score 8 out of 10
Vetted Review
Reseller
Review Source
QRadar is being used for incident detection and escalation, as well as reporting of metrics of interest on top of some KPIs for response times.
  • Correlation
  • Ease of use for data
  • Customization for custom applications
  • Reporting configuration is still too convoluted
  • Coalescing is too tied down. I recommend an ability to adjust, with an appropriate limit, the fields used: in general, by log source type, and/or by log source.
Bad for payload searching across multiple months.

Great for correlation.
Read this authenticated review
No photo available
February 14, 2019

IBM QRadar Review: "QRadar"

Score 10 out of 10
Vetted Review
Reseller
Review Source
We currently use QRadar in a vast array of uses from simple searching to advanced correlation to extensive UBA monitoring
  • Correlation
  • Vendor support
  • Complex data searching
  • Customizable UI
  • Advanced Reporting
Large scale correlation and real time monitoring are QRadar strengths
Read this authenticated review
No photo available
February 13, 2019

IBM QRadar Review: "Qradar-SPine of Any SOC"

Score 9 out of 10
Vetted Review
Verified User
Review Source
We are using IBM Qradar for our many BFSI clients as a SIEM tool, and also for Security Operations Center (SOC) services offered to other clients.
  • Custom parser with excellent DSM editor
  • Nice dashboard
  • Customizable reports
  • In the dashboard, the widget size cannot be modified by stretching it in or out.
  • AQL decoder
  • Well suited to Banking, Financial Services, and Insurance (BFSI) industry
  • End user interface is not friendly or intuitive
Read this authenticated review
No photo available
April 04, 2017

IBM QRadar Review: "Qradar - Big League SIEM Solution"

Score 9 out of 10
Vetted Review
Verified User
Review Source
Qradar is a premium SIEM solution for medium and large businesses. Used to correlate and triage security events across the entire landscape, security teams are able to quickly respond to threats. Often times, information security departments are so inundated with raw data that things certainly get lost in the shuffle. With Qradar, all of this data is combined and processed allowing a fast view into the important things.
  • Rule creation is intuitive and fast which helps during emergency situations.
  • Platform maintenance is very light while the appliance has nearly flawless uptime.
  • Report generation is very functional and efficient.
  • There is a steep learning curve compared to other platforms. Qradar is incredibly powerful but does require some homework.
  • There is a glaring lack of threat feed utilization outside of STIXX/TAXII which remains very limited at this time.
  • May require a considerable amount of tuning during deployment with very little "out of the box" offense information.
Due to the strength, robustness, and cost of a solution like this, I believe it is best suited for large businesses and enterprises. While a medium sized business would find value for sure, this system is not for the faint of heart or pocketbook. Qradar is well suited for environments with a lot of incoming data where manual analysis might not be an option.
Read this authenticated review
No photo available
June 21, 2017

User Review: "IBM QRadar - A go-to SIEM product"

Score 7 out of 10
Vetted Review
Verified User
Review Source
IBM QRadar SIEM was the preferred choice for enterprise clients across all the business departments who wanted to get rapid deployment and instant log visibility to meet security and compliance requirements.
  • Simple, flexible architecture
  • Easy deployment
  • Out of the box content good enough to have quick wins
  • Event log parsing
  • Correlation engine needs more dynamism and flexibility
Best suited for a unified architecture for small to medium enterprises.
Read this authenticated review

IBM QRadar Scorecard Summary

Feature Scorecard Summary

Centralized event and log data collection (12)
8.4
Correlation (12)
8.2
Event and log normalization (12)
8.2
Deployment flexibility (12)
7.2
Integration with Identity and Access Management Tools (11)
7.5
Custom dashboards and views (12)
7.8
Host and network-based intrusion detection (11)
8.0

About IBM QRadar

IBM Security QRadar is security information and event management (SIEM) Software.

IBM QRadar Technical Details

Operating Systems: Unspecified
Mobile Application:No