IBM Security QRadar

IBM Security QRadar

Customer Verified
Top Rated
Score 8.2 out of 10
Top Rated
IBM Security QRadar

Overview

What is IBM Security QRadar?

IBM Security QRadar is security information and event management (SIEM) Software.
Read more

Recent Reviews

QRadar user review

9 out of 10
February 01, 2023
We use IBM QRadar for SIEM application which takes security events from multiple security products such as Web application firewall , bot …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of IBM Security QRadar, and make your voice heard!

Return to navigation

Pricing

View all pricing

Cloud

$800.00

Cloud
per month

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.ibm.com/qradar/security…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services
Return to navigation

Product Demos

IBM QRadar: The Intelligent SIEM
01:53
Return to navigation

Product Details

What is IBM Security QRadar?

IBM Security QRadar XDR is a threat detection and response solution that works to eliminate threats faster.

IBM Security QRadar helps security teams detect, understand and prioritize threats that matter most to the business. The solution ingests asset, cloud, network, endpoint, and user data, correlates it against vulnerability information and threat intelligence, and applies advanced analytics to identify and track the most serious threats as they progress through the kill chain.

Once a credible threat is identified, AI-powered investigations provide rapid, intelligent insights into the root cause and scope of the threat, with the goal of enabling organizations to support their first-line security analysts, accelerate security operations processes and reduce the impact of incidents. An open, connected approach helps organizations manage increasing number of cloud applications.

With QRadar, the user can integrate EDR, SIEM, NDR, SOAR and Threat Intelligence, while leaving data where it is for a complete XDR approach, connecting existing tools and automating SOC using IBM and open third-party integrations.

Threat intel is fed from the IBM X-Force Threat Intelligence platform, which enables sharing of research on security threats, aggregation of intelligence, and collaboration with peers.

The QRadar XDR is a suite of threat detection and response products that includes:

  • IBM QRadar XDR Connect, connects tools, automates your SOC and streamlines workflows.
  • IBM QRadar SIEM is intelligent security analytics for actionable insight into the most critical threats.
  • IBM QRadar NDR detects hidden threats on the network.
  • IBM QRadar SOAR responds to security incidents with confidence, consistency and collaboratively.

IBM Security QRadar Features

  • Supported: Open architecture to deploy on premises, on cloud, or as a service.
  • Supported: Investigation speed faster by 60x with automated triage and contextual intelligence
  • Supported: Better visibility by removing silos and unifying input and shared insights
  • Supported: Integrate with existing tools to leave data where it is and leveraging current environment.

IBM Security QRadar Video

See how IBM QRadar helps security teams accurately detect and prioritize threats across the enterprise. QRadar provides intelligent insights that enable teams to accelerate security operations processes to reduce the impact of incidents. Visit our web page to learn more or request a demo: https://ibm.co/2LeRvgY

IBM Security QRadar Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

IBM Security QRadar is security information and event management (SIEM) Software.

Microsoft Sentinel, Splunk Enterprise Security (ES), and LogRhythm NextGen SIEM Platform are common alternatives for IBM Security QRadar.

Reviewers rate Support Rating highest, with a score of 9.4.

The most common users of IBM Security QRadar are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

 (187)

Attribute Ratings

Reviews

(1-25 of 54)
Companies can't remove reviews or game the system. Here's why
Score 9 out of 10
Vetted Review
Verified User
This amazing software helps the company to incorporate a use case registry that allows us to get adaptive reports that connect with their respective standards. And it also helps me pre-characterize the framework rules by planning our custom standards for the strategies we require. It really is very useful and efficient to improve processes
  • The most important feature of QRadar is having a single view into your company.
  • The most significant part of the arrangement is the combination capacities on offer.
  • It adapts to any type of company. The models that IBM has, including QRadar, "can evolve from a small to medium partnership to a colossal partnership, and it gives you similar value."
  • The EPS is the primary test when using goods like IBM. You must just be present at the events every second since that is when the cost becomes a major problem.
  • More disentanglement of the custom standards would be gainful, or it ought to be feasible to utilize a language other than the one the arrangement is currently using.
It can have more joining. It ought to have more adaptable Serene APIs for incorporation with applications. These are the things that are generally sought after for any of the SIEM arrangements, not just for QRadar.
Case The board furnishes associations with the capacity to follow, make due, and resolve network protection episodes.And I love it because on their support page for help, open cases, survey support assets, procedures they have quick and effective responses.
February 01, 2023

QRadar user review

Score 9 out of 10
Vetted Review
Verified User
We use IBM QRadar for SIEM application which takes security events from multiple security products such as Web application firewall , bot manager and vulnerability management tools such as Qualys and logs them. It can be integrated with a ticketing tool such as Service now or sales force for management of a secured event.
  • Event correlation
  • Ticketing compatibility
  • Ease of implementation with various products
  • Better documentation
  • Faster UI
  • Custom automatic reports for higher management
We use QRadar with our WAF product which is connected to a ticketing tool service now. Whenever there is a security breach such as a DoS or DDoS attack or any application attack then WAF notifies QRadar which then auto created the ticket so that it is handled by the right teams. It also generated logs to trace back the events for review purpose
The support received from IBM is top notch, the team that’s present to solve any sort of issues with QRadar is really polite and have great expertise in the product. They have helped us to fix issues within hours and the we had multiple follow ups as well so that issue does not occur again
Score 9 out of 10
Vetted Review
Verified User
IBM Security QRadar has been a very user friendly programs that aids analytics in developing a fundamental understanding of the SIEM concepts. I have been using it more than 2 years. IBM Security QRadar makes it very simple to grasp it's push pull methods, logs, source agent, configuration, log management and putting queris to locate incident actions.
  • Threat Intelligence is a powerful Tool
  • Great GUI Interface
  • Qradar is reasonably priced
  • It performs really well.
  • Dashboard is quite challenging
  • Regularly problems occured
  • It required spelling handling search logs
For easier analysis, IBM Security QRadar offers user friendly interfaces with a simple search machenism and returns the search result in both logs and graphic form. It offers a distributed and stand alone design and is simple to implement at any organizational scale. My favourite aspect of IBM Security QRadar is how seamlessly it integrates with SOAR to provide automate response.
SIEM takes time and good to be implemented. It is said that we have had a fair amount with IBM Security QRadar implementation. The deployment went really well and it took very less time, and we have seen great results. The deployment and establishment is very challenging task that requires consent monitoring and evolution.
Score 7 out of 10
Vetted Review
Verified User
For the last four years, it has been an extremely user-friendly application that helped in understanding the SIEM model of architecture. In both the architecture distributed or alone, it easily lets us understand the push-pull mechanism, log management, and log source agent. The GUI of the tool is well constructed for the analyst.
  • It helps analyst narrow down the search by using given filter option.
  • its user interface for report customization and managing the log source is easy.
  • Threat intelligence is good and powerful tool.
  • when it comes for utilization of UEBA module it is way behind.
  • One cannot put OR condition in manual filter and is a tool limitation.
  • While transitioning the excel data base to the Qradar data base option is not possible to import the whole matrix and map the same against the MITR framework.
In radar rule creation and building block use case manager is quite difficult to understand; creating a dashboard is also a tedious job, and during upgrades, it requires expertise. While on the other hand, this SOC tool comes with a lot of useful handy features and creative functionalities at a very reasonable cost.
Local or international support is easily available reachable, and approachable; whenever you are in a need of support, they provide it on time. The team ensures to prioritize the issue and get it resolved as soon as possible. Because every case can be solved remotely, ticket responses from support are always satisfied.
Daniela Carrasco | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
The SIEM plans help us in social occasion logs from various gadgets utilized all through the connection and performing related examination on them to search for any odd or wrathful way of behaving. Research is directed along these lines to move us from any principal invalidations. It is undeniably a merged log locater for every single security.
  • Screen all of the alerts delivered
  • Consequently signals gadgets and frameworks that are undermined by different sources over the organization.
  • They can make the UI more instinctive
  • Item move up to another a variant is an extended and an intense undertaking.
It tends to be effortlessly coordinated with all the necessary programming that we are presently utilizing at our association.
However I have not been straightforwardly engaged with help, I have been educated that client care is prepared empowered to help us.
Score 9 out of 10
Vetted Review
Verified User
Highly powerful and well-equipped tool for security monitoring and also providing an analysis. Pulse and the use case manager features are very user-friendly and easy to manage. We set up security rules, specific use cases, and alerts applicable to specific scenarios. All the security information is collected centrally and thus giving us the best usage of the tool. If you analyze the dashboard, all the need-to-know information is readily available at a glance. We monitor the network activity and log activity in real-time with ease via QRadar.
  • Automatically flags devices and systems that are compromised by multiple sources over the network.
  • A simple search method and the ability to view search results in both logs and graphical views for better analysis.
  • Integration of almost all types of devices.
  • Helps in threat detection and response, helping to remediate the threat.
  • Product upgrade to a new a version is a lengthy and a tough task.
  • Search query sometimes fail when loading logs.
In this modern day and age, security is a crucial subject. IBM QRadar addresses this hectic concern in a very convenient manner. The very friendly user interface and the included dashboard of the product make it very smooth to handle this product. Compared to alternatives in the market, QRadar has a lot of potentials. This a very smart product and can make very time-worthy suggestions based on its observations. Given that you stick to specific rules and regulations, QRadar will make your life much easier.
Though I have not been directly involved with support, I have been informed that customer support is ready enabled to assist us. And also, the forums help out the users massively to overcome any issues.
Score 8 out of 10
Vetted Review
Verified User
The SIEM arrangements assist us with social event logs from different device utilized across the association and perform correlated analysis on them to check for any unusual or pernicious way of behaving. It likewise actively investigate to keep us away from any critical contraventions. It is certainly an incorporated log gatherer of each and every security.
  • Making rules is extremely simple
  • Screen every one of the cautions produced
  • Behavioral examination is gives reasonable feedback from user that prone risk
  • They can make the User Interface more intuitive
  • Simplifying the search query language as it is very complex to understand
  • It will better if they provide simplified manual after every upgrade
I absolutely like its capacity to design custom log gatherers as well as use HTTP recipients to use integrated mixes with 3rd party instruments.
The machine learning function of User and entity behavior analytics doesn't work properly and there are lots of issues around this that is required to be fixed.
The support need improvement on some levels because in some scenarios we need speedy response.
Yassir Sahnoun | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Great SIEM solution, deploying the solution was very easy having done this for a client. Integration of Flows is to me what makes it stand out most. Integrating with third apps is nice advantage as well. The conventional dashboards aren't the most appealing, yet there is a newer dashboard named Pusle that gives nice visibility, so there's definitely work on this end.
  • Improve business process outcomes
  • Create internal/operational efficiencies
  • The dashboards and UI in general could be more appealing
  • Faster & easier to access support
IBM Security QRadar is most suitable for those with an existing vision in place as far as deployment architecture goes. The integrations are also a must-use, as they really make it very seamless and therefore the investment into IBM Security QRadar is more rewarding.
The support won't be very needed thanks to the good documentation and resources available, it is however very helpful and accessible. Particularly so when setting up the product initially.
Score 9 out of 10
Vetted Review
Verified User
We have been using IBM Security QRadar to detect and respond to malicious activities. With IBM Security QRadar, We have built custom rules and searches to identify suspicious activity that could indicate potential ransomware attacks. The tool is key in ensuring security across our networks as it monitors all activities and and sends alerts incase of any issues in real time.
  • Instantaneous threat detection and real-time monitoring. The tool analyzes large a wide range of data in real time, helping us to quickly identify and respond to potential threats as they occur.
  • Integration with third party security tools is smooth.
  • IBM Security QRadar has advanced data analytics capabilities helpful for identifying trends in our data security.
  • Even though IBM Security QRadar integrates with several tools, the integration process is complex.
  • It needs a lot of resources to operate.
IBM Security QRadar is well suitable for monitoring your network and systems for suspicious activity. It analyzes log data from the servers and systems, allowing us to Identify threats and their root causes faster. We have also integrated it with different threat intelligence tools to help optimize our security level.
I believe that IBM Security QRadar has an overall good support team. The support team has been very responsive and helpful whenever I reached out to them. They have been able to answer my questions and provide guidance on how to use IBM Security QRadar and deal with troubleshooting issues effectively.
Priyansh Kothari | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
I use IBM Security QRadar to help protect my business from cyber threats and vulnerabilities. IBM Security QRadar helps me detect and respond to security breaches and other threats in real-time by collecting, analyzing, and correlating data from various sources. One of the main business problems that it addresses for me is the need to detect and respond to security breaches quickly. I can monitor my network and systems for unusual activity or potential threats and take appropriate action to prevent or mitigate any potential damage. This helps me to protect my business and my customers' data from being compromised. In terms of the scope of my use case, I use it to monitor and protect all aspects of my online business, including my website, servers, and databases. I also use it to help ensure compliance with any relevant regulatory requirements, such as the General Data Protection Regulation (GDPR). Overall, it has been an invaluable tool for helping me to keep my business secure and protected from cyber threats.
  • Real-time threat detection and response: It is particularly effective at detecting and responding to security threats in real-time. It uses machine learning and analytics to continuously monitor network and system activity and identify unusual or suspicious activity that may indicate a potential threat. When a threat is detected, IBM Security QRadar can alert the appropriate personnel and provide them with the information they need to take appropriate action to prevent or mitigate the threat.
  • Vulnerability management: Also a powerful tool for helping organizations identify and mitigate vulnerabilities in their networks and systems. It can scan for known vulnerabilities and provide alerts when it detects any, allowing organizations to take action to fix the vulnerabilities before they can be exploited by attackers.
  • Compliance management: It can help organizations ensure compliance with various regulatory requirements, such as the General Data Protection Regulation (GDPR) and the Payment Card Industry Data Security Standard (PCI DSS). It can monitor for and alert on any activity that may be in violation of these requirements, helping organizations to avoid fines and other penalties.
  • Complexity: One area where it has room for improvement is in terms of its complexity. The platform is designed to handle a wide range of security tasks and can be configured to meet the specific needs of an organization, which can make it challenging for users to navigate and understand all of its features and functionality. Some users may find it difficult to get up and running with it or to configure it to meet their specific needs.
  • Customization: Another area where it could be improved is in terms of customization. While the platform does allow users to customize certain aspects of its behavior, some users may find that they are unable to fully customize it to meet their specific needs. For example, they may be unable to create custom rules or modify the way that alerts are generated.
  • User experience: A third area where it could be improved is in terms of the user experience. Some users may find the interface difficult to navigate or may have difficulty understanding how to use certain features. Improving the user experience could make it easier for users to get up and running and to make the most of its capabilities.
Some specific scenarios where it may be well suited include large organizations with complex networks as it is designed to handle a wide range of security tasks and can be configured to meet the specific needs of an organization. This makes it well suited for large organizations with complex networks that need to monitor and protect a large number of assets. For organizations with strict compliance requirements, it can help organizations ensure compliance with various regulatory requirements, such as the General Data Protection Regulation (GDPR) and the Payment Card Industry Data Security Standard (PCI DSS). This makes it well suited for organizations that are subject to strict compliance requirements. Organizations with a high volume of security events can use it to handle a high volume of security events and can provide real-time alerts when a threat is detected. This makes it well suited for organizations that experience a high volume of security events and need to respond to them quickly. On the other hand, it may be less appropriate for smaller organizations with less complex networks or lower security needs. It may also be less suitable for organizations that do not have strict compliance requirements or do not experience a high volume of security events. In these cases, a simpler or less expensive security solution may be more appropriate.
In terms of the overall support for IBM Security QRadar, I would rate it as an 8 out of 10. I have found the support provided by them to be satisfactory overall. The platform offers a range of support options, including online resources, community forums, and technical support from IBM security experts, which I have found helpful in addressing any issues or questions I have had. I have also had access to additional support options, such as premium support or on-site support, as needed. Overall, I have had a positive experience with the platform. It has been an invaluable tool for helping me to keep my business secure and protected from cyber threats.
Paige Jenkins | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
This tool is of great help in taking full control of the different IBM options that we are using in the company; it is highly compatible with any other software that is available. Security Qradar will maintain total security in each of the departments of your organization, providing confidence in everything elaborated, so any threat or attack that may exist and damage any result is immediately visualized, so it is constantly analyzed and efficient.
  • Automation capability and control.
  • Supply of information in real time.
  • Server attacks are protected.
  • Excellence technical support.
  • Easy to run.
  • The capacity of tables and graphs should be improved to keep all job environments safe, so those graphs are somewhat uncomfortable for newbies.
It works for any department of the business organization, be it small, medium, or large, as long as you want the entire system to run smoothly and safely. It has, in an integral way, the artificial intelligence processes and above all the essential detection of any threat in real and constant time. It has a very capable technical service and is always willing to help whenever necessary, which is why this tool is necessary for your company.
It is very important to note that this technical support does manage to establish direct contact with the administrator of this software in a relatively short time, but considering my role in this software, I think that a good option may be to be active in the different discussions with its user community. That always uploads new updates of new technologies so that you are aware of new trends and functions.
Score 10 out of 10
Vetted Review
Verified User
Working with total confidence is our goal and with this IBM Security QRadar has come to the organization. A tool that helps to be free of internal threats in our system, analyzes and executes strategies to get rid of all possible threats. It's powerful and feature-rich, which is what we were looking for, with the ability to customize it. QRadar has had the best time in detecting the threats having an immediate response, in addition to giving a report with all the details of what happened.
  • Excellent user interface.
  • Threat-specific reports.
  • It was characterized by being customizable.
  • Integration with IBM log data.
  • It keeps track of the system to achieve the best security, always with the best tools.
  • Data analysis from other software is quick and easy.
It has adequate and specific functions to have an improved system, such as analysis, threat alerts, monitoring, integration with various platforms, among several other features. QRadar has managed to significantly improve our organization, it is a much freer system to work comfortably. It has the ability to eliminate threats in a short time, always with an ideal alert system to be aware of what is happening instantly. QRadar is the perfect solution to avoid bad times with threats to our system, with perfect detection and elimination of threats.
The response time may vary according to the number of complexity of the problems to be solved, in simple situations such as to solve some integration of all IBM modules or to manage and analyze data from other sources or products, it may be achieved in less than an hour, but if your problem is much more complicated, it may take a few days to solve your problems.
December 14, 2022

Awesome security tool

Score 9 out of 10
Vetted Review
Verified User
It provides complete tool for threat detection and threat elimination tool for our organization that help to work freely. It's threat detection is very accurate. it's solution ingests asset, cloud, network, endpoint, and user data, correlates it against vulnerability information and threat intelligence. AQL helps to find the logs easily.
  • threat detection
  • analysis
  • threat removal
  • improve the reporting
  • more customizatoion
  • problem in TAXXI Feed
This is very powerful Artificial intelligence tool available in market to detect threat and remove those. AQL helps to find the logs easily. It has very good graphical user interface. I like the app's pulse. The threat intel feeds integrated with QRadar is excellent and very insightful.It works at a very optimum level in case of MSSP environment.
Many times the search queries get failed while fetching logs even for one week. Then we need to fetch logs by segregating the search for 3-3 days. That takes more time. We use customer services some it works very good but sometimes it does not work at all. It need some improvement while solving problems that are new.
Tobin Mathew | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
First of all, this is the one and all SIEM Solution used in my 7 years Career. IBM Security QRadar is the product that changed my life from a Cyber Security Analyst to an Admin.

We have more than 10+ Clients already and are onboarding new clients in a couple of months.
IBM Security QRadar is one of the top leaders compared to other Solutions in the market.
I had experience with Splunk, LogR, etc... but IBM Security QRadar is the Very user-friendly SIEM ever seen.

I will surely recommend this to my colleagues and new clients
  • Offense Monitoring
  • Use case development
  • Third-party Application Integration from Xchange
  • Custom Log Source Integration
  • Auto-Scaling of Disk when it's in a critical condition-Manual intervention is needed to fix the issue when there is a disk space issue
  • Data Node Improvement in processing capabilities
  • Custom Script usage in the system is not allowed
Well suited for me - Very user-friendly and more custom application has to integrate to explore more.
For Case management, most of them use third-party ticketing solutions for better SLA monitoring. There is no mechanism to find the SLA currently.
Pritam Saha | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
It's an all in one solution for organization of internal and external security. IBM Q Radar is the best for web application software Security Information Management for any kind of big & small type organizations. Q Radar event management system supports the ecosystem of information security it manages everything of client based information systems. IBM Q Radar have the best incident response integration it reports everything about client and accounting based system
  • SIEM
  • Incident Management
  • Information Security
  • Data collection system needs some improvements
IBM Security QRadar is well suited for Threat Intelligence and Threat Analysis. I fall in love with their multiple deployment features It has the most powerful AI for secure and protect organization very confidential and important data. Big or Small organizations analyze & reviews their intelligence information data. Finally their hybrid cloud system it stores every confidential threat about the system client used.
Their support team is very fast they solved problems within the time. TIME SAVER
Score 8 out of 10
Vetted Review
Verified User
It is true that getting insight across multiple security environments can be tough. However, with IBM Qradar, we see all the events related to a particular threat in a single place and eliminate the manual tasks so that analysis can focus on response and investigation.
  • The tool scans the process and network vulnerability data to identify the security risks in the network.
  • The tool performs in-depth network forensics and replays full network sessions.
  • Gives a threat score and category to each identified IP address or URL, which helps us prioritize threats and offer better analysis.
  • Bulky user interface.
  • Cloning of tasks is lacking.
  • Slows down server startup.
Integrating IBM Qradar into your system would definitely help you to secure all the data channels. The tool is one of the best security solutions today.
Their team of experts provides timely support.
Score 9 out of 10
Vetted Review
Verified User
QRadar was selected to address a gap with the current security incident and event management tool that we could not address with that platform. Through the evaluation of QRadar we were able to identify how we could simplify our deployment, integrate with additional tools and improve our overall workflow with regards to Security Operations.
  • Alerting and reporting.
  • Integrations with other tools and partners.
  • Ease of use/deployment.
  • Licensing models - move away from the consumption based models.
The development of a security operations center's incident response process is where QRadar shines. The platform allows the analyst to review, react and respond to the possible issue within the same tool. This cuts down the dwell time of threat actors and the overall delay in response to possible incidents significantly.

Very little interaction with support but what we have seen has been very good.
Muhammed Ali CETİN | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
IBM Qradar's been used as compliance in our company and also trying to overcome all the security related problems. briefly, onboarding any security-related data, consolidating, and creating detection rules on top of that. We also integrated with QNI for flow data to unleash grey part which is not visible enough with legacy data sources. IBM Qradar is user-friendly and easy to deploy and with auto-discover data management is never been so easy as that. any LogOps project steps can easily run on Qradar.
  • Autodiscover for data sources
  • Data onboarding
  • Creating detection rules
  • API integration
  • Should onboard any type of data.
  • Dashboarding and advanced queries like statistical analysis and ML features.
  • Parsing and filter out.
  • License model.
  • Instead of java, could be written C to get more efficient and faster environment.
  • Enrichment of data on data pipeline.
  • Replication and loadbalancing on Datanodes and EventProcesssors.
- Log management is never been easy, with auto-discover and DSM features, adding log sources is so easy and user-friendly.
- UI is so simple and user-friendly, if you haven't experienced it yet you still can understand it within a second and create searches.
- Deployment of architecture. well structured.
- Alerting and correlation rules are well suited as well.
One of the best support that I've seen in vendors. they are well equipped and knowledgeable about security and their product. If you go with a problem, %100 sure that they will get back to you in several minutes. What's more, if IBM is located in the Country, support and customer success much much better.
Score 10 out of 10
Vetted Review
Verified User
IBM Security QRadar enables me to unfold known and unknown threats on endpoints, users, and cloud assets.
  • Has built-in analytics which detect threats automatically.
  • Support external STIX which makes it easy and effective to integrate external apps.
  • Automate threat detection through AI.
  • I have nothing that I encounter as a flaw when using this platform.
IBM Security QRadar fits threat investigation, detection, and remediation procedures without involving manual processes. I highly endorse this tool to all prospects looking to investigate logs and network flows for known and unknown threats.
Support at IBM is five-star and barely requires a second alert since they respond rapidly to opened cases.
Score 10 out of 10
Vetted Review
Verified User
We adopted this technology due to its capability of defending our critical data from novel, rapidly evolving cyber threats and inside threats, whether malicious or non-malicious. This self-learning technology is able to detect and report ransomware actively attacking our network from within, which none of our security tools were able to spot. Genuinely anomalous activity is reported to the IT security team, allowing us to carry out further investigation and mitigate any risk posed.
  • Improved understanding of user and device behavior.
  • Alerts to threats as they occur, allowing efficient risk mitigation.
  • Complete, 24/7 network visibility.
  • Staff must be extremely familiar with networking to continually tune the software for false positives.
This technology is capable of real-time threat detection because it quickly learns the network's pattern by modeling the behaviors of each user and device as well as the network as a whole. The IT security team will be more confident in the knowledge that potential threats from inside and even the unknown won't go unnoticed.
Provides resources for technical help, case policies, and other information for customer assistance on their support page. Their support is a global team and I can even upload diagnostics files and screen captures when opening a case with the Support Team.
Alesia Lunsford | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Threats are the worst enemy in any business. IBM Security QRadar enables us to rapidly investigate, detect and remediate threats on cloud and on-premises platforms.
  • Automates threat detection and remediation.
  • Has clean UI.
  • Cost effective.
  • Offers comprehensive tutorials.
  • No mobile app and on-premise versions.
IBM Security QRadar has advanced analytics and threat intelligence capabilities that automate the search, detection, and remediation of threats on all corporate services.
How my ticket is rapidly responded to advances my trust towards IBM services. Their support is exceptional!.
Score 10 out of 10
Vetted Review
Verified User
A Complete tool that includes the Zero Trust cybersecurity model, in addition to being incorporated with many products on the market as well as its easy handling and the components that can be incorporated. This tool has a high level of analysis of the offenses with the use of X-Force and Watson, also the generation of the graphical relationships of these offenses are very structured and allows a greater vision of each event.
  • Full payload inspection and correlation using the QNI feature
  • Robust HA capabilities
  • Scalable and modular (e.g., distributed architecture)
  • Licensing model complexity
  • QVM enhancement many organizations prefer other third-party scanners
In my last 3-4 years of exposure to QRadar as SIEM, I would say it is the best. We are able to see all traffic detailed on a single pane of glass. The only thing is like any other SIEM you need to know what to do with all information, otherwise, it could be useless so definitely training is needed.
EVERY TIME WE NEED SUPPORT, WE ARE PROMPTLY ATTENDED TO! QUALITY GETS A LOT OF ATTENTION AND IS SOMETHING YOU DON'T SEE
Samuel Stratemeyer | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
There’s nothing challenging and can lead to losses like working in an environment prone to threats in line of business. IBM Security QRadar in my current firm is used nearly close to all business units. It analyzes company assets, endpoints, networks, and users to investigate, monitor, and detect known and unknown threats.
  • Has a simple to use search filter that streamlines procedures when looking for deeper files.
  • Enhances continuous monitoring across on-premise and cloud environments.
  • Onboards custom logs rapidly from all ETL services.
  • It has room for additional integration with other threat intelligence platforms.
  • There should be more enterprise-grade cloud services built-in on IBM Security QRadar to accelerate implementation and reduce operational costs.
To all sorts of corporations from small, mid-sized, and large to global enterprises, IBM Security QRadar is a remarkable tool that is worth incorporating into their system. It allows us to keep track of every trend and activity on company servers and hosts to maintain risk-free working areas.
On my end, I give IBM support 10 out of 10 since they resolve issues with high IQ be it technical or technical they have support agents that suit all our issues upon request or contact.
Rehan Allahwala | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Enhancing safe working environments isn’t an option rather but a priority. IBM Security QRadar helps us analyze networks, endpoints corporate users, and assets in real-time to detect and resolve threats automatically.
  • Enables integration with other threat intelligence tools via STIX.
  • Onboards custom logs from external data sets for real-time data monitoring.
  • Enhances intelligent insights across multi-cloud and on-promise repositories.
  • Graphics and charts UI is a bit confusing for beginners due to lack of enough tutorials.
IBM Security QRadar is employed across all company units to gain insights into logs by collecting data with REST API across all cloud services. Infused threat intelligence and advanced analytics help detect threats by investigating logs in real-time.
I haven’t interacted with IBM support team, but the success team at IBM responded rapidly to my ticket when I was facing an issue with 2021 version.
April 08, 2022

IBM Qradar Review

Score 9 out of 10
Vetted Review
Verified User
Qradar helps me and our clients get reliable and well-performing SIEM functionalities. We have created a broad spectrum of use-cases to cover the detection of various security threats with ease. The support team was always helpful if we had questions about the product and we could resolve all issues that came up so far really fast.
  • SIEM functionalities.
  • Offense rule creation.
  • Log searching.
  • Possibility to edit multiple rules at once is missing.
  • There should be more build-in notifications options than just E-Mail and local notifications.
IBM Qradar is best suited for medium to large businesses that want to have a singular platform to gain insight into what all of their hosts and servers are doing exactly at the moment. They can also create complex rules to get alerts („offenses“) based on various log parameters for security or observability use cases.
Return to navigation