TrustRadius: an HG Insights company

IBM Security QRadar SIEM

Score8.8 out of 10

292 Reviews and Ratings

Get a Demo

Contact about IBM Security QRadar SIEM

Please fill out the form below to get in touch.

IBM

Connect with IBM

What are you interested in?

Already have an account?

You hereby consent to have TrustRadius share the information supplied on this form with IBM so that IBM and TrustRadius may contact you in regard to the information requested.

Features

Top Performing Features

  • Centralized event and log data collection

    Effectiveness of real-time centralized event and log data collection

    Category average: 8.4

  • Host and network-based intrusion detection

    Ability to detect both endpoint intrusion and network ingress detection

    Category average: 8

  • Event and log normalization/management

    Ability to normalize event syntax so that logs can be compared and are machine-understandable

    Category average: 8.5

  • Data integration/API management

    Ease and quality of data integrations between SIEM and other systems

    Category average: 8

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

  • Centralized event and log data collection

    Effectiveness of real-time centralized event and log data collection

    Category average: 8.4

  • Correlation

    Correlation of logs and events to pinpoint significant threats

    Category average: 8.4

  • Event and log normalization/management

    Ability to normalize event syntax so that logs can be compared and are machine-understandable

    Category average: 8.5

  • Deployment flexibility

    Ability to tune system to maximize threat detection and minimize false positives

    Category average: 7.7

  • Integration with Identity and Access Management Tools

    Integration with access control tools like Active Directory and LDAP

    Category average: 8.4

  • Custom dashboards and workspaces

    dashboards that can be customized to meet the needs of specific groups

    Category average: 8.6

  • Host and network-based intrusion detection

    Ability to detect both endpoint intrusion and network ingress detection

    Category average: 8

  • Data integration/API management

    Ease and quality of data integrations between SIEM and other systems

    Category average: 8

  • Behavioral analytics and baselining

    How effectively activity and behavior baselines are established and maintained

    Category average: 8.2

  • Rules-based and algorithmic detection thresholds

    Effectiveness of manually-established rules and algorithmically-determined detection thresholds

    Category average: 8

  • Response orchestration and automation

    Quality of built-in response orchestration and automation in Next-Gen SIEM

    Category average: 7.9

  • Reporting and compliance management

    Ease and quality of reporting and compliance functions

    Category average: 8.5

  • Incident indexing/searching

    Effectiveness of searching across structured and unstructured events and incidents within SIEM

    Category average: 8.2