Pros and Cons of IBM Security QRadar SIEM 2024

Q: What are IBM Security QRadar SIEM's top competitors?

Microsoft Sentinel , Splunk Enterprise Security (ES) , and LogRhythm NextGen SIEM Platform are common alternatives for IBM Security QRadar SIEM.

Overview

What is IBM Security QRadar SIEM?

IBM Security QRadar is security information and event management (SIEM) Software.

Recent Reviews

Review SIEM Qradar Cibanco

9 out of 10

April 12, 2024

Incentivized

It is used to monitor all the organization's security tools and infrastructure centrally and in this way detect incidents quickly, it …

Analysis and experience with QRadar SIEM

10 out of 10

April 10, 2024

Incentivized

I use the IBM QRadar SIEM since 2014 and I have had a good experience since then. We have a large number of security assets and QRadar …

QRADAR IBM REVIEW

10 out of 10

April 05, 2024

QRadar is a robust monitoring tool, friendly to the implementation process, based on various cybersecurity methodologies. It currently …

IBM Security QRadar SIEM Review

9 out of 10

March 31, 2024

Incentivized

With IBM Security QRadar SIEM, my team can identify, respond and contain many threats in our environment, because the SIEM IBM QRADAR …

QRadar Pluxee Review

8 out of 10

March 31, 2024

Incentivized

We use as a traditional SIEM, Logs correlation, User Behaviour, Threat Intel, and threat hunting are some examples of use cases.

QRadar review.

8 out of 10

March 31, 2024

Incentivized

We have used IBM Security QRadar SIEM to provide security to our costumers (B2B) and also for our own corporate security. IBM Securty …

IBM Security QRadar SIEM

9 out of 10

March 14, 2024

Incentivized

We use IBM Security QRadar SIEM to help us quickly analyze and respond to potential security incidents. Today it is an indispensable …

Good solution, wide visibility

9 out of 10

February 29, 2024

Incentivized

I make the use case based on needs of the bank, based on requests to the entity.

IBM Security QRadar SIEM for Cybersecurity

9 out of 10

January 24, 2024

Incentivized

The main goal of IBM Security QRadar SIEM is cybersecurity. We provide perimeter monitoring and active defense by blocking "bad" IPs. We …

IBM Qradar Review

8 out of 10

January 03, 2024

Incentivized

In our organization we use Qradar for network monitoring been in the SOC Team We monitor logs evets and offences triggered. investigate …

Comprehensive protection against cyber threats

9 out of 10

December 21, 2023

Incentivized

IBM Security QRadar SIEM is a comprehensive, robust and effective platform that plays a critical role in our financial services …

Qradar the best for soc monitorings

10 out of 10

December 21, 2023

Incentivized

We used for security information and event management, helping organizations detect and respond to security threats. Its scope includes …

Security and total integration with different tools for your company.

10 out of 10

December 19, 2023

Incentivized

This tool is of great help in taking full control of the different IBM options that we are using in the company; it is highly compatible …

A high level software and very easy to integrate data.

10 out of 10

December 14, 2023

Incentivized

Working with total confidence is our goal and with this IBM Security QRadar has come to the organization. A tool that helps to be free of …

In-depth Threat Intelligence and Incident Response Analysis

8 out of 10

November 28, 2023

Incentivized

IBM Security Qradar help our Organization by real-time Monitoring of Logs and events to Provide a safe and secured Environment and …

Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 13 features

Rules-based and algorithmic detection thresholds (40)
9.2
92%
Correlation (60)
8.9
89%
Integration with Identity and Access Management Tools (56)
8.4
84%
Custom dashboards and workspaces (60)
7.6
76%

Reviewer Pros & Cons

View all pros & cons

Group the different events that generated it in the name of the offense
Better breadth in the editing of reports

Denise Munive

Computers Systems Engineer

CIBANCO (Banking, 1001-5000 employees)

capability integration vendors
improvement in the process of analyzing errors and warnings generated by the system

Saulo Prado

/security Specialist

BANCO DO BRASIL S/A (Banking, 10,001+ employees)

Return to navigation

Pricing

View all pricing

IBM Security QRadar SIEM

N/A

Unavailable

What is IBM Security QRadar SIEM?

IBM Security QRadar is security information and event management (SIEM) Software.

Entry-level set up fee?

No setup fee

For the latest information on pricing, visithttps://www.ibm.com/products/qradar…

Offerings

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

11 people also want pricing

Alternatives Pricing

Microsoft Sentinel

$2.46

per GB ingested

What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.

Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

8.7

Avg 7.8

9.9
Centralized event and log data collection
(27) Ratings
Effectiveness of real-time centralized event and log data collection
8.9
Correlation
(60) Ratings
Correlation of logs and events to pinpoint significant threats
9.5
Event and log normalization/management
(27) Ratings
Ability to normalize event syntax so that logs can be compared and are machine-understandable
7.9
Deployment flexibility
(27) Ratings
Ability to tune system to maximize threat detection and minimize false positives
8.4
Integration with Identity and Access Management Tools
(56) Ratings
Integration with access control tools like Active Directory and LDAP
7.6
Custom dashboards and workspaces
(60) Ratings
dashboards that can be customized to meet the needs of specific groups
9.6
Host and network-based intrusion detection
(25) Ratings
Ability to detect both endpoint intrusion and network ingress detection
9
Data integration/API management
(7) Ratings
Ease and quality of data integrations between SIEM and other systems
8.3
Behavioral analytics and baselining
(39) Ratings
How effectively activity and behavior baselines are established and maintained
9.2
Rules-based and algorithmic detection thresholds
(40) Ratings
Effectiveness of manually-established rules and algorithmically-determined detection thresholds
7.7
Response orchestration and automation
(5) Ratings
Quality of built-in response orchestration and automation in Next-Gen SIEM
7.8
Reporting and compliance management
(38) Ratings
Ease and quality of reporting and compliance functions
8.9
Incident indexing/searching
(7) Ratings
Effectiveness of searching across structured and unstructured events and incidents within SIEM

Return to navigation

Product Details

About
Integrations
Competitors
Tech Details
FAQs

What is IBM Security QRadar SIEM?

IBM QRadar SIEM helps users to remediate threats faster by prioritizing high-fidelity alerts to help catch threats.

QRadar analytics monitor threat intel, network and user behavior anomalies to prioritize where immediate attention and remediation is needed. When threat actors trigger multiple detection analytics, move across the network or change their behaviors, QRadar SIEM will track each tactic and technique being used. More important, it will correlate, track and identify related activities throughout a kill chain, with a single high-fidelity case, automatically prioritized for the user.

https://ibm.biz/QRadar_SIEM_product_page

IBM Security QRadar SIEM Features

Show Unsupported Features

Security Information and Event Management (SIEM) Features

Supported: Correlation
Supported: Integration with Identity and Access Management Tools
Supported: Custom dashboards and workspaces
Supported: Behavioral analytics and baselining
Supported: Rules-based and algorithmic detection thresholds
Supported: Reporting and compliance management

Additional Features

Supported: Open architecture to deploy on premises, on cloud, or as a service.
Supported: Investigation speed faster with automated triage and contextual intelligence
Supported: Better visibility by removing silos and unifying input and shared insights
Supported: Integrates with existing tools to leave data where it is and leveraging current environment.

IBM Security QRadar SIEM Integrations

IBM Security QRadar SIEM Competitors

IBM Security QRadar SIEM Technical Details

Deployment Types	Software as a Service (SaaS), Cloud, or Web-Based
Operating Systems	Unspecified
Mobile Application	No

Frequently Asked Questions

IBM Security QRadar is security information and event management (SIEM) Software.

Microsoft Sentinel, Splunk Enterprise Security (ES), and LogRhythm NextGen SIEM Platform are common alternatives for IBM Security QRadar SIEM.

Reviewers rate Centralized event and log data collection highest, with a score of 9.9.

The most common users of IBM Security QRadar SIEM are from Enterprises (1,001+ employees).

Return to navigation

Comparisons

View all alternatives

Compare with

Reviews and Ratings

(258)

Attribute Ratings

Reviews

(1-25 of 81)

Sort By *

Companies can't remove reviews or game the system. Here's why

April 12, 2024

Review SIEM Qradar Cibanco

Denise Munive

Computers Systems Engineer

CIBANCO (Banking, 1001-5000 employees)

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

Group the different events that generated it in the name of the offense
Receive email alerts
Always report errors on the main page
Have an easy to understand interface for creating rules

Have the parsing of all sources
Frequent updating of log source parsing
Better breadth in the editing of reports

April 10, 2024

Analysis and experience with QRadar SIEM

Saulo Prado

/security Specialist

BANCO DO BRASIL S/A (Banking, 10,001+ employees)

Score 10 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

correlation events
search events timing
friendly managed rules
capability integration vendors
service support

Improvement in the process of consuming virtual machine resources
improvement in the process of analyzing errors and warnings generated by the system

April 05, 2024

QRADAR IBM REVIEW

Janette Iris Contreras Reyes

Gerente de Monitoreo y Respuesta a Incidentes

Altan Redes (Telecommunications, 501-1000 employees)

Score 10 out of 10

Vetted Review

Verified User

Pros and Cons

Monitoreo de patrones de ataque
Event Correlation
easy integration with different technologies

easy integration with different technologies

March 31, 2024

IBM Security QRadar SIEM Review

Verified User

Analyst in Information Technology

Retail Company, 10,001+ employees

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

Investigations is easy
Agents to collect infos is great
Stability is good

Some updates cause errors
Unsupport for high traffics on http receiver protocol
Need a big configuration of hardware

March 31, 2024

QRadar Pluxee Review

Verified User

Analyst in Information Technology

Consumer Services Company, 1001-5000 employees

Score 8 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

Monitor IAM users activity
Correlate logs from different sources to detect security deviations
The search engine is very usefull to perform event deep analisys
Flexibility to create complex use cases in a easy and simple way

The report tool could be more flexible
Would be nice if IBM Security Qradar SIEM provided use case recommendations based on the received logs
Would be nice to have integrations with ITSM tools like Jira so offenses could turn in to incidents

March 31, 2024

QRadar review.

Verified User

Administrator in Information Technology

Information Technology & Services Company, 5001-10,000 employees

Score 8 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

Correlation rules
Events Parsing
Reports
Integrated apps
Customizations (Rules, reports, parsed fields, DSM...)

Multi-Tenancy
SaaS performance and availability
More data on automatic reports
More DSMs (Some new technologies misses DSM, such as Senhasegura for example)
Dashboards improvement (through QRadar itself or Pulse)
More API customization options

March 14, 2024

IBM Security QRadar SIEM

Verified User

Consultant in Information Technology

Mechanical Or Industrial Engineering Company, 5001-10,000 employees

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

The interface in general is clean and complete.
There is a satisfactory number of plugins approved for integrations with other vendors. Through DSM Universal, we have the possibility of integrating with any other solution that has these resources (information collection through API).
With the UBA feature, we get an excellent behavioral view of the end user.

A greater number of DSMs available.
The frequency of available updates, I know that in some cases this is good, but when we have a large environment, IBM Security QRadar SIEM upgrades take hours to complete and I see that we always have unnecessary bugs in each version. Not that this interrupts the service, but it is somewhat annoying.
Support for third-party applications, IBM is not responsible for the third-party applications that run in its environment, so when we have a problem, we need to contact the suppliers. This is something that I believe should improve, since IBM approves all applications and makes it available in its store, so this "between manufacturers" contact should be more direct between those responsible and not depend on customers.

February 29, 2024

Good solution, wide visibility

Laura Guerrero

ESPECIALISTA CIBERINTELIGENCIA

Banregio (Banking, 5001-10,000 employees)

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

Visibility to different log source types
Manipulation of use cases to make them conform to the need
Long time data correlation in real time

Visibility of custom searches in the profiles created for the reach of all users
Integration to cloud services

January 24, 2024

IBM Security QRadar SIEM for Cybersecurity

Verified User

Engineer in Information Technology

Banking Company, 1001-5000 employees

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

We are monitoring connections from/to the TOR Nodes to detect hidden malware.
We are monitoring users' password compromises by typing their password in the login box. Also, we send users notifications to change their passwords immediately.
We are monitoring bad HTTP(S) queries to our www sites from external agents and we are blocking bad IP addresses on our perimeter IPS Devices in real-time.

Improve the assets management tab as it has poor functionality.
Add more options and tests for creating rules and building blocks.
Add more options in the rules response tab to use multiple scripts and alerts.

January 03, 2024

IBM Qradar Review

Umair Javed

soc

MCB Islamic Bank (Banking, 51-200 employees)

Score 8 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

payload done great job to understand the events
the extension integrated in SIEM helps alot
offence investigation in siem much easier

things where i am facing issue is regex langue.
making rules and under standing logic also a difficult task
integration of any log source need to done in much easier way

December 21, 2023

Comprehensive protection against cyber threats

Brandon Lowry

Cyber Security Specialist

Beyond Finance (Financial Services, 201-500 employees)

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

Enables identification and prioritization of vulnerabilities in IT infrastructure for corrective action.
Facilitates security incident investigation and forensic analysis.
Provides a real-time view of security events, enabling immediate incident response.
Can integrate with external threat intelligence sources to enrich data and improve threat detection.
Enables the generation of detailed and customized reports.

It can be complex to use at first, requiring time and training to take full advantage of its capabilities.
Implementation requires significant hardware infrastructure and resources, which can be costly for some organizations.

December 21, 2023

Qradar the best for soc monitorings

Verified User

Engineer in Information Technology

Banking Company, 5001-10,000 employees

Score 10 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

Monitor
Parsing logs
User friendly interface
Easy managing
Less down time outages

More automation features

December 19, 2023

Security and total integration with different tools for your company.

Paige Jenkins

Senior Telecommunications Specialist

GE (Machinery, 10,001+ employees)

Score 10 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

Automation capability and control.
Supply of information in real time.
Server attacks are protected.
Excellence technical support.
Easy to run.

The capacity of tables and graphs should be improved to keep all job environments safe, so those graphs are somewhat uncomfortable for newbies.

December 14, 2023

A high level software and very easy to integrate data.

Verified User

Team Lead in Information Technology

Information Technology & Services Company, 10,001+ employees

Score 10 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

Excellent user interface.
Threat-specific reports.
It was characterized by being customizable.
Integration with IBM log data.

It keeps track of the system to achieve the best security, always with the best tools.
Data analysis from other software is quick and easy.

November 28, 2023

In-depth Threat Intelligence and Incident Response Analysis

Abhishek Kumar

Assistant Manager

BAJAJ FINANCIAL SECURITIES LIMITED (Capital Markets, 501-1000 employees)

Score 8 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

Log and Event Monitoring
open Architecture to integrate with other software's
Automate Report

Sometime its lag and slow Working
Deployment is slow
automatic Offences are not updated need to manual.
No alarm system for offences

November 27, 2023

IBM Security QRadar SIEM: Unleashing Advanced Analytics for Comprehensive Threat Intelligence and Incident Response.

NILESH KUMAR

SOC Analyst

Fencesense Technlogy (Computer & Network Security, 11-50 employees)

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

Custom rules Engine.
Offences
Report
Parsing Normalization.

UI might be improve better.
Lag some time.
Offence not refresh automatically.

November 13, 2023

IBM QRadar is the brain of the SOC

Kenhy Dalglish Suarez Jaimes

Senior

EY (Information Technology & Services, 10,001+ employees)

Score 10 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

Personalized and precise queries in investigations
Correlation of events and technologies
integration of multiple technological sources
cac
threat hunting

Integrations with some sources that are not native
simpler functions in the API

November 03, 2023

IBM Security QRadar SIEM Review

Marcelo Erazo

Cyber Security Architect

Radical (Information Technology & Services, 11-50 employees)

Score 7 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

It is really simple to integrate different technologies because we have to correlate it and if it is difficult to integrate sources, I won't be able to do my job. So one of the best things is the way it integrates with different vendors so it's easy for us to deploy.

This product can do better in a lot of things. First, better integrating machine learning and artificial intelligence so all the logs can be integrated and can show threats besides the threats that we program. If we don't program a threat, the tool is not going to show me anything. We have to program it. But there are new technologies like artificial intelligence that could make this for us so we can have more visibility of threats. Right now they don't have these capabilities and there are other products that are incorporating these capabilities.

October 06, 2023

One of the best SIEM solution for monitoring end points and network.

Piyush Mittal

Senior Manager

VFS Global (Information Technology & Services, 501-1000 employees)

Score 10 out of 10

Vetted Review

Verified User

Incentivized

Pros and Cons

Provides alerts in real time with less false positives.
Prioritise the high severity alerts so that analyst can focus on severe ones.
Identify external as well as internal attacks and risky user behavior
Also comes as SAAS software

Collecting logs from windows is somewhat painful
Scope for improvement in user interface
It ia very costly product which could be reduced.

September 29, 2023

IBM Security QRadar SIEM - Best SIEM tool

Nitin Khot

Network Architect

Jsw (Information Technology & Services, 10,001+ employees)

Score 8 out of 10

Vetted Review

Verified User

Pros and Cons

We can forward all types of logs ex. events log, System log etc to QRADAR
We can customize Qradar console according to our requirement.
We can user Rsyslog protocol to forward logs.
We can download all customize report according to requirement.

Sometime passwordless communication getting failed from Qradar EC to Console.
Event processor is require to process logs which is again license base.
Save search option sometimes not working properly may be because of version bug.