IBM QRadar Reviews

87 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.0 out of 100

Do you work for this company? Manage this listing

TrustRadius Top Rated for 2019

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Filtered By:

Reviews (1-20 of 20)

Larbi Belmiloud | TrustRadius Reviewer
December 23, 2019

The force of IBM Qradar

Score 9 out of 10
Vetted Review
Reseller
Review Source

Likelihood to Recommend

Some use cases for QRadar include:
  1. Detect advanced attacks with upgraded functionality systems when activating systems and auditing advanced logs on owers server to detect hidden infections.
  2. Detecting and monitoring the behavior of Active directory users to know the possibility of malicious infection.
  3. Analysing third-party applications, and writing parsers quickly.
  4. Investigate threats and write new rules for detecting new and correlated unknown attacks.
Read Larbi Belmiloud's full review
Douglas Concepcion | TrustRadius Reviewer
November 13, 2019

IBM QRadar Review

Score 7 out of 10
Vetted Review
Reseller
Review Source

Likelihood to Recommend

QRadar is well suited for any SOC and it would always be my first recommendation for this kind of deployment.
The biggest issue it has is cost, for small to midsize companies looking to deploy it. It very quickly becomes cost-prohibitive. Another issue it and every SIEM that I'm aware of needs to address is east to west traffic visibility. Flows by default only give you at most sixty data points, which is not enough in today's world.
Read Douglas Concepcion's full review
Samuel Hadid | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source

Likelihood to Recommend

IBM QRadar is great for large-scale architectures or implementation, not a very good option for short-scale architecture in small companies. This product offers a great capacity for both monitoring and enforcement. All devices' logs of the security implementation can be integrated with QRadar to have further control of security devices.
Read Samuel Hadid's full review
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source

Likelihood to Recommend

If you have a small-to-large company looking for a SIEM solution that "does the job" and is easy to deploy/use, QRadar is your tool. If you're looking for a complex solution that supports integration with data-mining solutions (e.g. ELK), then you may need a different solution. Overall, QRadar fits the needs of 99% of the companies. It is one of the easiest SIEM solutions to deploy and use.
Read this authenticated review
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source

Likelihood to Recommend

In my opinion, IBM QRadar SIEM is a fit great for big enterprises with more than 100 log sources. SIEM collects in secure mode logs from different sources. Great integration with different log sources. Easy to select and analyze logs. Good dashboards and graphics. QRadar offers incident forensics integration—very good functionality.
Read this authenticated review
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source

Likelihood to Recommend

IBM QRadar is perfect if you have Security Operation Center, also it's a great solution to keep logs integrity and safety. User behavior helps to identify some anomalies. Parsing, Rules, Offences, and Reports for Active Directory logs are very deep and granular. On the other hand, Network Activity disappointed me a little and the dashboard it's kind of poor compared to other solutions.
Read this authenticated review
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source

Likelihood to Recommend

Great SIEM solution. I strongly recommend. You can integrate IBM QRadar SIEM to collect logs from active directories, Exchange, SWIFT, core-banking, internet banking, DLP, proxy, and firewalls. It's easy to assure the integrity of logs and create offenses to monitor important and critical events from all critical systems, services, and devices from your organisation.
Read this authenticated review
Ruben Albornoz | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source

Likelihood to Recommend

The use and application of IBM QRadar is very appropriate in organizations where it integrates features for the handling of incidents, vulnerability detection and generation of compliance reports. In the case of the agribusiness company where it was applied, it was used in order to detect possible virus threats in product database sales, under a Linux environment.

QRadar defines risk management strategies, contributing to creating security policies adapted to the particular context, needs, and business activities; the goal is to build a robust and functional security system.
Read Ruben Albornoz's full review
David Bories | TrustRadius Reviewer
February 14, 2019

Simply the best - QRadar

Score 10 out of 10
Vetted Review
Reseller
Review Source

Likelihood to Recommend

1. IBM QRadar is suited for a scenario where there is limited administrative support.

2. Where there are multiple log sources

3. Where there are multiple clients accessing from several locations

4. Highly secure sites / Sites where security is very important

5. Can't think of any scenario where it is less appropriate - maybe a single home system

Read David Bories's full review
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source

Likelihood to Recommend

QRadar has been very good at helping to detect threats within the infrastructure of our organization. It does not however handle client threats as well and that was my biggest misconception when we were going through acquiring the product.
Read this authenticated review
Anonymous | TrustRadius Reviewer
February 18, 2019

QRadar is pretty good

Score 8 out of 10
Vetted Review
Verified User
Review Source

Likelihood to Recommend

QRadar is very good at collecting logs and providing integrations with other security products.
Read this authenticated review
Anonymous | TrustRadius Reviewer
February 14, 2019

QRadar

Score 10 out of 10
Vetted Review
Reseller
Review Source

Likelihood to Recommend

Large scale correlation and real time monitoring are QRadar strengths
Read this authenticated review
Anonymous | TrustRadius Reviewer
February 13, 2019

Qradar-SPine of Any SOC

Score 9 out of 10
Vetted Review
Verified User
Review Source

Likelihood to Recommend

  • Well suited to Banking, Financial Services, and Insurance (BFSI) industry
  • End user interface is not friendly or intuitive
Read this authenticated review
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source

Likelihood to Recommend

Due to the strength, robustness, and cost of a solution like this, I believe it is best suited for large businesses and enterprises. While a medium sized business would find value for sure, this system is not for the faint of heart or pocketbook. Qradar is well suited for environments with a lot of incoming data where manual analysis might not be an option.
Read this authenticated review

Feature Scorecard Summary

Centralized event and log data collection (20)
9.5
Correlation (20)
9.9
Event and log normalization (20)
9.5
Deployment flexibility (20)
9.0
Integration with Identity and Access Management Tools (19)
8.7
Custom dashboards and views (20)
9.1
Host and network-based intrusion detection (18)
8.8

About IBM QRadar

IBM Security QRadar is security information and event management (SIEM) Software.

IBM QRadar Technical Details

Operating Systems: Unspecified
Mobile Application:No