Skip to main content
TrustRadius
IBM Security QRadar SOAR

IBM Security QRadar SOAR

Overview

What is IBM Security QRadar SOAR?

IBM Security® QRadar® SOAR is designed to help your security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides your team in resolving incidents by codifying established incident response processes into dynamic playbooks.

Read more
Recent Reviews

Good SIEM

7 out of 10
September 27, 2023
Incentivized
We use IBM Security QRadar SOAR as our primary SIEM tool. We injust logs from various other system and tools to gather intelligence and …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is IBM Security QRadar SOAR?

IBM Security® QRadar® SOAR is designed to help your security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides your team in resolving incidents by codifying established incident response processes into dynamic playbooks.

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.ibm.com/products/qradar…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

22 people also want pricing

Alternatives Pricing

What is KnowBe4 PhishER?

PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security…

Return to navigation

Product Demos

Accelerating Response Time with IBM Security QRadar

mediacenter.ibm.com

IBM Security QRadar SOAR demo

mediacenter.ibm.com
Return to navigation

Product Details

What is IBM Security QRadar SOAR?

IBM Security® QRadar® SOAR is designed to improve SOC efficiency and ensure users' response processes are met with an intelligent automation and orchestration solution, which timestamps key actions, aides threat investigation, and helps users manage their response to 180+ international privacy and data breach regulations. It features prebuilt connectors for a broad ecosystem of connectors, while managing the organization's response.

  • Respond and Remediate Faster – using open standards ingest alerts from disparate data sources into a unified dashboard for improved investigation and response across the security, IT and other key stakeholders.
  • Customized Case Management – pre-built playbooks that adapt to any unique business processes using customizable layouts and tailored response. This facilitates getting started quicker, reduces complexity, and helps improve the incident response process.
  • Close the Skill Gap – create automations that bring together artifact correlation, threat enrichment, case investigation, and prioritization so analysts can process triaged cases faster. The playbook evolves as the investigation proceeds, with threat enrichment happening at each stage of the process.

IBM Security QRadar SOAR Features

  • Supported: Case management
  • Supported: Dynamic playbooks
  • Supported: Integrations out of the box
  • Supported: Deployment flexibility
  • Supported: Visual workflow
  • Supported: Privacy breach response
  • Supported: Automation

IBM Security QRadar SOAR Screenshots

Screenshot of the IBM Security QRadar SOAR Breach Response solution. The software helps customers manage more than 180 global privacy reporting regulations including GDPR.Screenshot of the Playbooks Landing page, that shows all active playbooks in a single view, including how many are actively running, disabled, or are in draft.Screenshot of IBM Security QRadar SOAR’s Playbook Designer canvas, designed to lower the barrier to entry necessary to build automations through a graphical interface.Screenshot of the Tasks view shows all response tasks, organized by phase, that have either completed or are set to be executed.Screenshot of Threat Investigator automatically correlates incident information, curating an incident timeline from start to finish, including related artifacts and MITRE ATT&CK mappings.

IBM Security QRadar SOAR Video

IBM Security QRadar SOAR Competitors

IBM Security QRadar SOAR Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsWindows, Linux, Mac
Mobile ApplicationNo

Frequently Asked Questions

IBM Security® QRadar® SOAR is designed to help your security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides your team in resolving incidents by codifying established incident response processes into dynamic playbooks.

Palo Alto Networks Cortex XSOAR, FortiSOAR, and Splunk SOAR are common alternatives for IBM Security QRadar SOAR.

The most common users of IBM Security QRadar SOAR are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(40)

Attribute Ratings

Reviews

(1-9 of 9)
Companies can't remove reviews or game the system. Here's why
Score 4 out of 10
Vetted Review
Verified User
Incentivized
  • Manual Incident Management.
  • Security mechanisms are at a high level.
  • Interface clarity.
  • You still have to generate reports manually. Reports are very limited and practically not useful.
  • The solution should not be SOAR class. Automations usually don't work. It's apparent that it's not designed for that.
  • Lack of flexibility.
  • Practically no support. The reported integration problems have not been resolved.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
  • Security Automation
  • Reducing mean time to respond (MTTR)
  • Integration with security tooling and controls
  • Lower false positive rate
  • Training and support
  • Onboarding security tools and applications directly on the portal
  • Total cost of ownership for the organization
Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • QRadar's ability to collect, analyze and normalize vast amount of security data from various sources is remarkable.
  • QRadar allows us to define and automate incident response playbooks which have been amazing for streamlining the response to security incidents.
  • It offers and extensive library of pre-built connectors and support for common security standards facilitating seamless integration with a wide range of security tools.
  • Although QRadar offers reporting capabilities, building custom reports can be challenging for non-technical users. A more user-friendly report builder with predefined templates could make this process more accessible.
September 27, 2023

Good SIEM

Score 7 out of 10
Vetted Review
Verified User
Incentivized
  • Lots of data sources able to injest
  • Customizable alerting
  • Threat hunting
  • Not great reports.
  • Context around some built in alerting
  • Slow interface
Score 7 out of 10
Vetted Review
Verified User
Incentivized
  • It uses AI to automate security responses with incredible consistency.
  • It sends timely notifications to the entire team
  • It has a malware analysis feature which is critical when the sandbox has been compromised.
  • You still have to generate reports manually, it would be much better if it was possible to automatically schedule them for exportation.
  • It takes time to successfully deploy integrations.
stephanie baker | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • It provides great monitoring capabilities that can easily detect hidden threats.
  • Prioritizes threats according to their gravity.
  • Assembles numerous logs.
  • Scanty DSM modules.
  • failed queries during searches making me resubmit them.
  • The engine for processing queries is not as authoritative as that of other SIEMs; slowing down query processing.
Gokul Karuppiah | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • Increasing the severity of incidents when threats or outages happened and informing the IT team/management to take action. Our application is a .net one which is a legacy with SQL server. The number of times it is more vulnerable to threats and the action to be taken was identified using this tool.
  • Prior to using this tool, we were informed of threats by IBM customer support and we took action in around 2 to 3 hours to prevent using NOC team support. However, after we deployed this tool we were able to respond quickly based on the action plan provided along with threat level and severities.
  • Prior to deploying this tool, our incidents were provided by IBM customer support with no necessary information on the same. After this tool was installed in our organization, we were able to get the security alerts instantly and take action with the severity level for threats/attacks.
  • Not anything so far since we are highly dependent on this tool. Probably reduce the number of small alerts we get.
Return to navigation