Skip to main content
TrustRadius
IBM Security QRadar SIEM

IBM Security QRadar SIEM

Overview

What is IBM Security QRadar SIEM?

IBM Security QRadar is security information and event management (SIEM) Software.

Read more
Recent Reviews

QRadar review.

8 out of 10
March 31, 2024
Incentivized
We have used IBM Security QRadar SIEM to provide security to our costumers (B2B) and also for our own corporate security. IBM Securty …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 13 features
  • Rules-based and algorithmic detection thresholds (40)
    9.2
    92%
  • Correlation (60)
    8.9
    89%
  • Integration with Identity and Access Management Tools (56)
    8.4
    84%
  • Custom dashboards and workspaces (60)
    7.6
    76%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing
IBM Security QRadar SIEM

IBM Security QRadar SIEM

N/A
Unavailable

What is IBM Security QRadar SIEM?

IBM Security QRadar is security information and event management (SIEM) Software.

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.ibm.com/products/qradar…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

12 people also want pricing

Alternatives Pricing

Microsoft Sentinel

Microsoft Sentinel

$2.46
per GB ingested
What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.

Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

8.7
Avg 7.8
Return to navigation

Product Details

What is IBM Security QRadar SIEM?

IBM QRadar SIEM helps users to remediate threats faster by prioritizing high-fidelity alerts to help catch threats.

QRadar analytics monitor threat intel, network and user behavior anomalies to prioritize where immediate attention and remediation is needed. When threat actors trigger multiple detection analytics, move across the network or change their behaviors, QRadar SIEM will track each tactic and technique being used. More important, it will correlate, track and identify related activities throughout a kill chain, with a single high-fidelity case, automatically prioritized for the user.


https://ibm.biz/QRadar_SIEM_product_page



IBM Security QRadar SIEM Features

Security Information and Event Management (SIEM) Features

  • Supported: Correlation
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces
  • Supported: Behavioral analytics and baselining
  • Supported: Rules-based and algorithmic detection thresholds
  • Supported: Reporting and compliance management

Additional Features

  • Supported: Open architecture to deploy on premises, on cloud, or as a service.
  • Supported: Investigation speed faster with automated triage and contextual intelligence
  • Supported: Better visibility by removing silos and unifying input and shared insights
  • Supported: Integrates with existing tools to leave data where it is and leveraging current environment.

IBM Security QRadar SIEM Integrations

IBM Security QRadar SIEM Competitors

IBM Security QRadar SIEM Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

IBM Security QRadar is security information and event management (SIEM) Software.

Microsoft Sentinel, Splunk Enterprise Security (ES), and LogRhythm NextGen SIEM Platform are common alternatives for IBM Security QRadar SIEM.

Reviewers rate Centralized event and log data collection highest, with a score of 9.9.

The most common users of IBM Security QRadar SIEM are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(259)

Attribute Ratings

Reviews

(1-25 of 42)
Companies can't remove reviews or game the system. Here's why
April 10, 2024

Analysis and experience with QRadar SIEM

Saulo Prado | TrustRadius Reviewer
Saulo Prado
/security Specialist
BANCO DO BRASIL S/A (Banking, 10,001+ employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
I use the IBM QRadar SIEM since 2014 and I have had a good experience since then. We have a large number of security assets and QRadar SIEM helps us collect and correlate alerts, events, flows and incidents from multiple vendors. I am part of a SOC team at a financial institution with more than 90k employees, thousands of security devices, thousands of endpoints and without the help of QRadar SIEM it would be impossible to analyze threats, attacks and exploitations.
Pros and Cons
  • correlation events
  • search events timing
  • friendly managed rules
  • capability integration vendors
  • service support
  • Improvement in the process of consuming virtual machine resources
  • improvement in the process of analyzing errors and warnings generated by the system
Likelihood to Recommend
QRadar SIEM is a robust solution for collecting and correlating security events. I have had fantastic experience with use cases of attacks in Windows environments using sysmon logs and rules that contain the Miter techniques for each attack. Wincollect is the IBM agent that performs log collection in Windows environments and it does so with great performance. Perhaps QRadar SIEM is not suitable for creating a data lake and only for the purpose of storing logs, especially logs that do not have ready parsing
March 31, 2024

IBM Security QRadar SIEM Review

Verified User
Analyst in Information Technology
Retail Company, 10,001+ employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
With IBM Security QRadar SIEM, my team can identify, respond and contain many threats in our environment, because the SIEM IBM QRADAR brings insights about our security. Is easy to looking for any indicators compromise and other kinds of the artifacts. Anyone can perform a search on the console web and use many filter to perform a custom filters.
Pros and Cons
  • Investigations is easy
  • Agents to collect infos is great
  • Stability is good
  • Some updates cause errors
  • Unsupport for high traffics on http receiver protocol
  • Need a big configuration of hardware
Likelihood to Recommend
IBM Security QRadar SIEM is great to collect, process and search events, but sometimes have some bugs and or incompatibilities with some tools in our organisation, because that, sometimes, we need open a case on support to investigate the root cause and in most times, the root cause is not identify by support team.
March 31, 2024

QRadar Pluxee Review

Verified User
Analyst in Information Technology
Consumer Services Company, 1001-5000 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use as a traditional SIEM, Logs correlation, User Behaviour, Threat Intel, and threat hunting are some examples of use cases.
Pros and Cons
  • Monitor IAM users activity
  • Correlate logs from different sources to detect security deviations
  • The search engine is very usefull to perform event deep analisys
  • Flexibility to create complex use cases in a easy and simple way
  • The report tool could be more flexible
  • Would be nice if IBM Security Qradar SIEM provided use case recommendations based on the received logs
  • Would be nice to have integrations with ITSM tools like Jira so offenses could turn in to incidents
Likelihood to Recommend
For OnPrem environment based on syslog it fits very well.
Cloud security posture insights could have Built In App
The REST API integration is complex to use.
January 24, 2024

IBM Security QRadar SIEM for Cybersecurity

Verified User
Engineer in Information Technology
Banking Company, 1001-5000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
The main goal of IBM Security QRadar SIEM is cybersecurity. We provide perimeter monitoring and active defense by blocking "bad" IPs. We monitor unusual user activity, password compromises, etc. We monitor malware activity in our organization using different IOCs from threat intelligence services and feeds. QRadar SIEM provides log storage for a definite period of time.
Pros and Cons
  • We are monitoring connections from/to the TOR Nodes to detect hidden malware.
  • We are monitoring users' password compromises by typing their password in the login box. Also, we send users notifications to change their passwords immediately.
  • We are monitoring bad HTTP(S) queries to our www sites from external agents and we are blocking bad IP addresses on our perimeter IPS Devices in real-time.
  • Improve the assets management tab as it has poor functionality.
  • Add more options and tests for creating rules and building blocks.
  • Add more options in the rules response tab to use multiple scripts and alerts.
Likelihood to Recommend
All the Built-in Rules coming out of the box are not good. Need to write their own correlation rules for each organization using their specifics. IBM Security QRadar SIEM is good as a base of SOC.
December 21, 2023

Comprehensive protection against cyber threats

Brandon Lowry | TrustRadius Reviewer
Brandon Lowry
Cyber Security Specialist
Beyond Finance (Financial Services, 201-500 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
IBM Security QRadar SIEM is a comprehensive, robust and effective platform that plays a critical role in our financial services organization to address cyber security challenges. This platform provides accurate and prioritized alerts that ensure a high level of cyber security, I have witnessed how this platform has enhanced our ability to quickly detect and respond to threats in real time, leading to greater protection of our critical assets and data.
Pros and Cons
  • Enables identification and prioritization of vulnerabilities in IT infrastructure for corrective action.
  • Facilitates security incident investigation and forensic analysis.
  • Provides a real-time view of security events, enabling immediate incident response.
  • Can integrate with external threat intelligence sources to enrich data and improve threat detection.
  • Enables the generation of detailed and customized reports.
  • It can be complex to use at first, requiring time and training to take full advantage of its capabilities.
  • Implementation requires significant hardware infrastructure and resources, which can be costly for some organizations.
Likelihood to Recommend
IBM Security QRadar SIEM has all the features to protect real-time threats and protect critical data effectively in a financial services company. It is highly suitable in scenarios where large volumes of data are handled and a fast and effective response to cyber threats is required. However, in smaller or resource-constrained environments.
November 28, 2023

In-depth Threat Intelligence and Incident Response Analysis

Abhishek Kumar | TrustRadius Reviewer
Abhishek Kumar
Assistant Manager
BAJAJ FINANCIAL SECURITIES LIMITED (Capital Markets, 501-1000 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
IBM Security Qradar help our Organization by real-time Monitoring of Logs and events to Provide a safe and secured Environment and Interface. we use multiple servers and router switches and end devices are connected to each others ,Qradar helps to monitor all logs and events of all intregated devices and gives update with customs rules engine. If any misbehavior happens in server or in any devices ,it was investigated with Qradar and Creates offenses and give us alert of unethical activity.
Pros and Cons
  • Log and Event Monitoring
  • open Architecture to integrate with other software's
  • Automate Report
  • Sometime its lag and slow Working
  • Deployment is slow
  • automatic Offences are not updated need to manual.
  • No alarm system for offences
Likelihood to Recommend
IIBM Security QRadar SIEM is one of the best tools for real-time monitoring of unethical activity or Occurrence on Qradar-connected servers or devices. We can easily find logs and activity by using the AQl and advanced search options. If any occurrence or unethical activity has been identified, the offenses will be automatically triggered using CRE.
November 13, 2023

IBM QRadar is the brain of the SOC

Kenhy Dalglish Suarez Jaimes | TrustRadius Reviewer
Kenhy Dalglish Suarez Jaimes
Senior
EY (Information Technology & Services, 10,001+ employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
At EY, the use of the QRadar SIEM has helped us provide services to clients for threat hunting and continuous monitoring 24 x 7.
Pros and Cons
  • Personalized and precise queries in investigations
  • Correlation of events and technologies
  • integration of multiple technological sources
  • cac
  • threat hunting
  • Integrations with some sources that are not native
  • simpler functions in the API
Likelihood to Recommend
IBM Security QRadar SIEM is a powerful and easy-to-learn tool for analysts and its administration is well documented. QRadar can support and be adapted to the client's needs according to their needs and sector
November 03, 2023

IBM Security QRadar SIEM Review

ME
Marcelo Erazo
Cyber Security Architect
Radical (Information Technology & Services, 11-50 employees)
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We are a SOC and a security that is a security operation center and a center of incident response. So we have a lot of clients. All of these clients have a lot of locks, a lot of information security, information security events, and security alarms. We use this product to put each client in a separate bucket and all its security logs in each bucket. So if any of our clients have an incident, an alarm of a cybersecurity threat, we can see it in a dashboard. So we use this tool to correlate all the information so we can alert our clients that they are under attack
Pros and Cons
  • It is really simple to integrate different technologies because we have to correlate it and if it is difficult to integrate sources, I won't be able to do my job. So one of the best things is the way it integrates with different vendors so it's easy for us to deploy.
  • This product can do better in a lot of things. First, better integrating machine learning and artificial intelligence so all the logs can be integrated and can show threats besides the threats that we program. If we don't program a threat, the tool is not going to show me anything. We have to program it. But there are new technologies like artificial intelligence that could make this for us so we can have more visibility of threats. Right now they don't have these capabilities and there are other products that are incorporating these capabilities.
Likelihood to Recommend
It's well suited If you have a complex big network when you need a simple but reliable platform. It is not suited for companies that want a tool that does everything because there are some tools that are less reliable, maybe smaller, but have a lot of features. So if you are looking for a lot of features, these might not be the tool, but if you are looking for a reliable platform that integrates well and you know that it is going to work, it is the tool for you.
October 06, 2023

One of the best SIEM solution for monitoring end points and network.

Piyush Mittal | TrustRadius Reviewer
Piyush Mittal
Senior Manager
VFS Global (Information Technology & Services, 501-1000 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
It is the best in industry Security information and event management software that we are using in our organisation to tackle cyber threats in real time. It provides us network and user behaviour analystics along with risk score so that analyst can respond to attacks. It basically helping us in securing our end points and network from external and internal attacks.
Pros and Cons
  • Provides alerts in real time with less false positives.
  • Prioritise the high severity alerts so that analyst can focus on severe ones.
  • Identify external as well as internal attacks and risky user behavior
  • Also comes as SAAS software
  • Collecting logs from windows is somewhat painful
  • Scope for improvement in user interface
  • It ia very costly product which could be reduced.
Likelihood to Recommend
It is well suited for large scale enterprises who are concerned about their data. It helps them in improving their security posture by giving them insights on possible attacks or can give them insights on risky user behaviour. With the help of its AI and ML technology, analysts can see the attack pattern and respond to them. It is not suited for startups and small scale enterprises because of its cost.
September 29, 2023

IBM Security QRadar SIEM - Best SIEM tool

NK
Nitin Khot
Network Architect
Jsw (Information Technology & Services, 10,001+ employees)
Score 8 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
IBM Security Qradar helps organization to store logs centrally. We can forward all Security devices, network devices, Servers, System etc.
towards the Event controllers. Further Event controller will send to Qradar Console.
Pros and Cons
  • We can forward all types of logs ex. events log, System log etc to QRADAR
  • We can customize Qradar console according to our requirement.
  • We can user Rsyslog protocol to forward logs.
  • We can download all customize report according to requirement.
  • Sometime passwordless communication getting failed from Qradar EC to Console.
  • Event processor is require to process logs which is again license base.
  • Save search option sometimes not working properly may be because of version bug.
Likelihood to Recommend
When you are having multiple branch location we need to buy more event processor and event collector to collect log and process.
If you are having few branches then you can forward it to centralized EC.
August 07, 2023

IBM Security QRadar SIEM Unraveling Security Mysteries

Mahmoud younis | TrustRadius Reviewer
Mahmoud younis
cybersecurity engineer
Vaporvm (Information Technology & Services, 201-500 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Our company are MSSP service provider, and most of our customers are integrated with our XDR ( SEIM & SOAR ) IBM Security QRadar SIEM resolved many issues with our customers, plus IBM Security QRadar SIEM has many add-ons and DSM for most endpoint and security controllers, and it's easy also to integrate it with threat intelligent platformswe have more than 300 Usecase for cloud .endpoind and firewalls
Pros and Cons
  • parsing
  • event correlation
  • Ease of searching and viewing payload and events
  • eps sizing
  • auto refresh on offenses page
  • develop use case manager add-one
Likelihood to Recommend
IBM Security QRadar SIEM is commonly used in Security Operations Centers to provide security analysts with a centralized console for monitoring, investigating, and responding to security events, For organizations with relatively small and straightforward IT infrastructures, the deployment and maintenance of IBM Security QRadar SIEM might be overly complex and costly compared to simpler SIEM solutions
August 04, 2023

The most complete and reliable SIEM

Verified User
Analyst in Information Technology
Information Technology & Services Company, 11-50 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
IBM QRadar is one of the best SIEM available. Year of experience, continous improvements and constant innovations makes this product one of the most stable and reliable Cybersecurity platforms in commerce. I use QRadar on a daily basis both on operational and administrative levels in order to address the cybersecurity issues in my company and other companies.
Pros and Cons
  • Event correlation
  • Rule Alerting and Response
  • Data parsing and normalization
  • Customizations
  • User interface
  • Cloud services integration
  • NDR Integration like QNI can improve a lot
Likelihood to Recommend
IBM QRadar is well suited for medium/large companies that needs to monitor their IT infrastructure on a trasversal level. Given that a SIEM is fundamental for a good cybersecurity environment, IBM QRadar is the rocksteady answer to all the needs that an IT Operation or SOC team may ask. Both on premise or in cloud, all-in-one or distributed, QRadar is scalable for any kind of scenario. This is a cutting edge product that needs to be followed constantly so it can be less appropriate for companies that doesn't have the required workforce to keep the product healty and up to date.
August 04, 2023

QRadar review

MM
Marco Mondelli
Senior Security Specialist
Accenture (Telecommunications, 1001-5000 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Use cases monitored 24x7 from SOC Team about traffic and user abnormal behaviour, EDR monitor and Cloud.
Pros and Cons
  • Dashboard
  • Log source integration portfolios support
  • Application
  • Extension on the Marketplace IBM
  • Query
  • Pre-made Use Case
  • INterconnection beetween application and log sources
  • Query Speed UP
  • Intuitive correlation
  • Report improvement
Likelihood to Recommend
A very good SIEM, needs to be undestood very well before to use it with it's full power.
August 04, 2023

SIEM THAT IS EASY TO USE AND GIVES VALUE TO MONEY

Verified User
Engineer in Engineering
Hospital & Health Care Company, 10,001+ employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
I am using it in our day today operations and for security monitoring it is helping us to achive log monitoring and SOC alerts.
Pros and Cons
  • Security Monitoring
  • Log Collection
  • Compliance
  • Need to add more integrations
  • Should for more customization to exclude few details from the logs
Likelihood to Recommend
It's less suited for environment where you have more out of scope integrations or where you are doing big data.
July 27, 2023

A successful enterprise solution for log management and correlation

IB
ısa baser
Security Engineer
BGA Cyber Security (Computer & Network Security, 51-200 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
As we are a partner company for IBM Security QRadar SIEM, technical support is provided to customers.
Pros and Cons
  • log search capabilities
  • rule correlation
  • stability
  • architecture flexbility
  • dashboard view
  • offenses page
  • more visuals in the report
Likelihood to Recommend
QRadar SIEM is in good standing compared to many companies at the local support point. correlation capabilities are more capable than their competitors. UBA works well. It has been in the leader group for years by companies such as Gartner and Forrester. Historical Correlation works well. Although it is a comprehensive SIEM product, it has a user-friendly management.
July 27, 2023

Good correlation and slow improvements

SM
Serkan Merd
Sr. Security Engineer
BGA Security (Information Technology & Services, 51-200 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We are a consulting company and support locally to other companies. Most of the criticits are about offense management, uncertain notifications. For instance, CPU High Utilization offense is generated but the root cause of that situation is uncertain. Which process or extension result in this alert we don't know. there are same issues for notifications. Another point is old fashioned dashboard.
Pros and Cons
  • Correlation rule capabilities
  • Search capabilities
  • UBA
  • Offenses page is sometimes incomprehensible. Offense timeline is unclear for some of rules. Graphical explanation will be better
  • Old-fashined web UI
  • Manual parser is not very hard but it needs be made automatic
Likelihood to Recommend
QRadar is a security tool and despite its old-fashioned design it is one of the most successful SIEM tool. The focus must be on correlation side and QRadar is very good at this point and ROI. Searching capabilities are very high level and it is improving on new UI. Also, IBM doesn't say we are one of the leader we don't do any improvement. They are trying to improve many negative sides of the solution like new UI components like Log Source Management, New Offense page, Use case manager... QRadar is good at price-performance.
July 18, 2023

Good Correlation Rule Capabilities with Legacy Dashboard.

Verified User
Consultant in Information Technology
Information Technology & Services Company, 51-200 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Qradar is a leader SIEM solution and we are consulting companies for installation, technical issues, correlation rules etc. Most of the problem is about the legacy dashboard. Many companies want to see like splunk view and usage but less than Qradar price. Qradar is trying to improve this side like Users, log source management tabs but it is relatively slow. However, the solution mostly stable for working. Another issue is related to upgrades. When we uppgrade the solution, many issues are solved but many problems are coming together. Sometimes, finding the suitable version can be hard. Another issue, IBM support. It is better than many other products' support but it is not enough. Escalation period is relatively long and they can reject your escalation request. Finally, when you find some notification or error logg about an issue. However there is no solution for these issues in troubleshooting guide.
Pros and Cons
  • Mostly stable.
  • Strong Threat Intelligence.
  • Correlation Rules.
  • Log collection and auto-parser.
  • Support
  • Documentation
Likelihood to Recommend
I added some logs and screenshots to support portal but the analyst wants the same things again without any questions or suggestions. Also, log parser can be time consuming. As some of the other SIEM solutions, Qradar need to be improve itself. Offenses page is very legacy and case process can be visualized. Annotation part must be grafically for better understanding.
July 18, 2023

From the real world.

Verified User
Engineer in Information Technology
Information Technology & Services Company, 10,001+ employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Full monitoring of the IT environment, analyzing logs and flows to detect security issues.
Pros and Cons
  • Logsource integration.
  • Rule tuning.
  • Out-of-the-box rules and use cases.
  • Horizontal scalability.
  • Reporting.
  • Dashboards.
  • Alerting.
Likelihood to Recommend
Perfect for medium and large enterprises if the required expertise is available. Also perfect for MSSP models, so it is quite easy to build a product using this for smaller companies where dedicated SIEM is not an option.
January 19, 2023

Exceptional Tool for Security Analysis!

Verified User
Manager in Research & Development
Financial Services Company, 1001-5000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Highly powerful and well-equipped tool for security monitoring and also providing an analysis. Pulse and the use case manager features are very user-friendly and easy to manage. We set up security rules, specific use cases, and alerts applicable to specific scenarios. All the security information is collected centrally and thus giving us the best usage of the tool. If you analyze the dashboard, all the need-to-know information is readily available at a glance. We monitor the network activity and log activity in real-time with ease via QRadar.
Pros and Cons
  • Automatically flags devices and systems that are compromised by multiple sources over the network.
  • A simple search method and the ability to view search results in both logs and graphical views for better analysis.
  • Integration of almost all types of devices.
  • Helps in threat detection and response, helping to remediate the threat.
  • Product upgrade to a new a version is a lengthy and a tough task.
  • Search query sometimes fail when loading logs.
Likelihood to Recommend
In this modern day and age, security is a crucial subject. IBM QRadar addresses this hectic concern in a very convenient manner. The very friendly user interface and the included dashboard make it very smooth to handle. Compared to alternatives in the market, QRadar has a lot of potentials. This a very smart product and can make very time-worthy suggestions based on its observations. Given that you stick to specific rules and regulations, QRadar will make your life much easier.
December 14, 2022

Awesome security tool

AG
Aman Gupta
Senior Software Engineer
L&T Infotech (Information Technology & Services, 10,001+ employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
It provides complete tool for threat detection and threat elimination tool for our organization that help to work freely. It's threat detection is very accurate. it's solution ingests asset, cloud, network, endpoint, and user data, correlates it against vulnerability information and threat intelligence. AQL helps to find the logs easily.
Pros and Cons
  • threat detection
  • analysis
  • threat removal
  • improve the reporting
  • more customizatoion
  • problem in TAXXI Feed
Likelihood to Recommend
This is very powerful Artificial intelligence tool available in market to detect threat and remove those. AQL helps to find the logs easily. It has very good graphical user interface. I like the app's pulse. The threat intel feeds integrated with QRadar is excellent and very insightful.It works at a very optimum level in case of MSSP environment.
November 27, 2022

The Best User-friendly SIEM in Market

Tobin Mathew | TrustRadius Reviewer
Tobin Mathew
SIEM Admin
CyberProof (Information Technology & Services, 10,001+ employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
First of all, this is the one and all SIEM Solution used in my 7 years Career. IBM Security QRadar is the product that changed my life from a Cyber Security Analyst to an Admin.

We have more than 10+ Clients already and are onboarding new clients in a couple of months.
IBM Security QRadar is one of the top leaders compared to other Solutions in the market.
I had experience with Splunk, LogR, etc... but IBM Security QRadar is the Very user-friendly SIEM ever seen.

I will surely recommend this to my colleagues and new clients
Pros and Cons
  • Offense Monitoring
  • Use case development
  • Third-party Application Integration from Xchange
  • Custom Log Source Integration
  • Auto-Scaling of Disk when it's in a critical condition-Manual intervention is needed to fix the issue when there is a disk space issue
  • Data Node Improvement in processing capabilities
  • Custom Script usage in the system is not allowed
Likelihood to Recommend
Well suited for me - Very user-friendly and more custom application has to integrate to explore more.
August 23, 2022

Very dependable tool in terms of threat detection.

HS
Hardip Shetty
Director of Security and IT
Interwest Consulting Group (Government Administration, 201-500 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
It is true that getting insight across multiple security environments can be tough. However, with IBM Qradar, we see all the events related to a particular threat in a single place and eliminate the manual tasks so that analysis can focus on response and investigation.
Pros and Cons
  • The tool scans the process and network vulnerability data to identify the security risks in the network.
  • The tool performs in-depth network forensics and replays full network sessions.
  • Gives a threat score and category to each identified IP address or URL, which helps us prioritize threats and offer better analysis.
  • Bulky user interface.
  • Cloning of tasks is lacking.
  • Slows down server startup.
Likelihood to Recommend
Integrating IBM Qradar into your system would definitely help you to secure all the data channels. The tool is one of the best security solutions today.
August 23, 2022

QRadar - Great Platform to start your program with

Verified User
C-Level Executive in Information Technology
Information Technology & Services Company, 1001-5000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
QRadar was selected to address a gap with the current security incident and event management tool that we could not address with that platform. Through the evaluation of QRadar we were able to identify how we could simplify our deployment, integrate with additional tools and improve our overall workflow with regards to Security Operations.
Pros and Cons
  • Alerting and reporting.
  • Integrations with other tools and partners.
  • Ease of use/deployment.
  • Licensing models - move away from the consumption based models.
Likelihood to Recommend
The development of a security operations center's incident response process is where QRadar shines. The platform allows the analyst to review, react and respond to the possible issue within the same tool. This cuts down the dwell time of threat actors and the overall delay in response to possible incidents significantly.

July 20, 2022

a coworker of your's: Qradar, makes your life easier

Muhammed Ali CETİN | TrustRadius Reviewer
Muhammed Ali CETİN
Information Technology Security Engineer
Yapı Kredi Teknoloji (Banking, 10,001+ employees)
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
IBM Qradar's been used as compliance in our company and also trying to overcome all the security related problems. briefly, onboarding any security-related data, consolidating, and creating detection rules on top of that. We also integrated with QNI for flow data to unleash grey part which is not visible enough with legacy data sources. IBM Qradar is user-friendly and easy to deploy and with auto-discover data management is never been so easy as that. any LogOps project steps can easily run on Qradar.
Pros and Cons
  • Autodiscover for data sources
  • Data onboarding
  • Creating detection rules
  • API integration
  • Should onboard any type of data.
  • Dashboarding and advanced queries like statistical analysis and ML features.
  • Parsing and filter out.
  • License model.
  • Instead of java, could be written C to get more efficient and faster environment.
  • Enrichment of data on data pipeline.
  • Replication and loadbalancing on Datanodes and EventProcesssors.
Likelihood to Recommend
- Log management is never been easy, with auto-discover and DSM features, adding log sources is so easy and user-friendly.
- UI is so simple and user-friendly, if you haven't experienced it yet you still can understand it within a second and create searches.
- Deployment of architecture. well structured.
- Alerting and correlation rules are well suited as well.
May 20, 2022

Pragmatic features for in-depth investigation into all internal and external activity

MR
Michael Ronchetti
IT Infrastructure Specialist
Verdant Steel Group (Automotive, 201-500 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We adopted this technology due to its capability of defending our critical data from novel, rapidly evolving cyber threats and inside threats, whether malicious or non-malicious. This self-learning technology is able to detect and report ransomware actively attacking our network from within, which none of our security tools were able to spot. Genuinely anomalous activity is reported to the IT security team, allowing us to carry out further investigation and mitigate any risk posed.
Pros and Cons
  • Improved understanding of user and device behavior.
  • Alerts to threats as they occur, allowing efficient risk mitigation.
  • Complete, 24/7 network visibility.
  • Staff must be extremely familiar with networking to continually tune the software for false positives.
Likelihood to Recommend
This technology is capable of real-time threat detection because it quickly learns the network's pattern by modeling the behaviors of each user and device as well as the network as a whole. The IT security team will be more confident in the knowledge that potential threats from inside and even the unknown won't go unnoticed.
Return to navigation