Skip to main content
TrustRadius
IBM Security QRadar SIEM

IBM Security QRadar SIEM

Overview

What is IBM Security QRadar SIEM?

IBM Security QRadar is security information and event management (SIEM) Software.

Read more
Recent Reviews

QRadar review.

8 out of 10
March 31, 2024
Incentivized
We have used IBM Security QRadar SIEM to provide security to our costumers (B2B) and also for our own corporate security. IBM Securty …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 13 features
  • Rules-based and algorithmic detection thresholds (40)
    9.2
    92%
  • Correlation (60)
    8.9
    89%
  • Integration with Identity and Access Management Tools (56)
    8.4
    84%
  • Custom dashboards and workspaces (60)
    7.6
    76%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing
IBM Security QRadar SIEM

IBM Security QRadar SIEM

N/A
Unavailable

What is IBM Security QRadar SIEM?

IBM Security QRadar is security information and event management (SIEM) Software.

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.ibm.com/products/qradar…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

12 people also want pricing

Alternatives Pricing

Microsoft Sentinel

Microsoft Sentinel

$2.46
per GB ingested
What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.

Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

8.7
Avg 7.8
Return to navigation

Product Details

What is IBM Security QRadar SIEM?

IBM QRadar SIEM helps users to remediate threats faster by prioritizing high-fidelity alerts to help catch threats.

QRadar analytics monitor threat intel, network and user behavior anomalies to prioritize where immediate attention and remediation is needed. When threat actors trigger multiple detection analytics, move across the network or change their behaviors, QRadar SIEM will track each tactic and technique being used. More important, it will correlate, track and identify related activities throughout a kill chain, with a single high-fidelity case, automatically prioritized for the user.


https://ibm.biz/QRadar_SIEM_product_page



IBM Security QRadar SIEM Features

Security Information and Event Management (SIEM) Features

  • Supported: Correlation
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces
  • Supported: Behavioral analytics and baselining
  • Supported: Rules-based and algorithmic detection thresholds
  • Supported: Reporting and compliance management

Additional Features

  • Supported: Open architecture to deploy on premises, on cloud, or as a service.
  • Supported: Investigation speed faster with automated triage and contextual intelligence
  • Supported: Better visibility by removing silos and unifying input and shared insights
  • Supported: Integrates with existing tools to leave data where it is and leveraging current environment.

IBM Security QRadar SIEM Integrations

IBM Security QRadar SIEM Competitors

IBM Security QRadar SIEM Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

IBM Security QRadar is security information and event management (SIEM) Software.

Microsoft Sentinel, Splunk Enterprise Security (ES), and LogRhythm NextGen SIEM Platform are common alternatives for IBM Security QRadar SIEM.

Reviewers rate Centralized event and log data collection highest, with a score of 9.9.

The most common users of IBM Security QRadar SIEM are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(259)

Attribute Ratings

Reviews

(1-3 of 3)
Companies can't remove reviews or game the system. Here's why
December 19, 2023

Security and total integration with different tools for your company.

Paige Jenkins | TrustRadius Reviewer
Paige Jenkins
Senior Telecommunications Specialist
GE (Machinery, 10,001+ employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
This tool is of great help in taking full control of the different IBM options that we are using in the company; it is highly compatible with any other software that is available. Security Qradar will maintain total security in each of the departments of your organization, providing confidence in everything elaborated, so any threat or attack that may exist and damage any result is immediately visualized, so it is constantly analyzed and efficient.
Pros and Cons
  • Automation capability and control.
  • Supply of information in real time.
  • Server attacks are protected.
  • Excellence technical support.
  • Easy to run.
  • The capacity of tables and graphs should be improved to keep all job environments safe, so those graphs are somewhat uncomfortable for newbies.
Likelihood to Recommend
It works for any department of the business organization, be it small, medium, or large, as long as you want the entire system to run smoothly and safely. It has, in an integral way, the artificial intelligence processes and above all the essential detection of any threat in real and constant time. It has a very capable technical service and is always willing to help whenever necessary, which is why this tool is necessary for your company.
Return on Investment
  • Its on-premises, cloud, and hybrid deployment allows for broader development.
  • AI threat detection and correlation works in a short time.
  • It allows working with other tools without having to perform data migration.
Ease of Integration
10
This software has a very well-designed interface to work together with all of IBM's own software or third-party software; this is important to work without having to perform additional data migrations, and this is significantly positive for data analysis that comes from other sources external to the IBM Security QRadar software.
Support Rating
10
It is very important to note that this technical support does manage to establish direct contact with the administrator of this software in a relatively short time, but considering my role in this software, I think that a good option may be to be active in the different discussions with its user community. That always uploads new updates of new technologies so that you are aware of new trends and functions.
Users and Roles
20
We use IBM Security QRadar SIEM, it is extremely easy to use software, the implementation is very fast, it effectively protects us from threats in order of priority, we take care of managing and implementing the different functions of IBM Security QRadar SIEM to have a good impact on the security of our company.
Business Processes Supported
  • It allows us to monitor our entire IT environment automatically to detect threats and incidents in real time.
  • The configuration and creation of security rules is simple, it has allowed us to customize it to our convenience and needs.
Likelihood to Renew
10
With the arrival of IBM Security QRadar SIEM at our company, we have a better vision of all the security needs that may arise, it is a very safe software to use that prevents threats from damaging our IT environment, it is impossible to change it for another software.
Usability
10
A very special system to use without problems, the process is very genuine and does not require complicated procedures.
December 14, 2023

A high level software and very easy to integrate data.

Verified User
Team Lead in Information Technology
Information Technology & Services Company, 10,001+ employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Working with total confidence is our goal and with this IBM Security QRadar has come to the organization. A tool that helps to be free of internal threats in our system, analyzes and executes strategies to get rid of all possible threats. It's powerful and feature-rich, which is what we were looking for, with the ability to customize it. QRadar has had the best time in detecting the threats having an immediate response, in addition to giving a report with all the details of what happened.
Pros and Cons
  • Excellent user interface.
  • Threat-specific reports.
  • It was characterized by being customizable.
  • Integration with IBM log data.
  • It keeps track of the system to achieve the best security, always with the best tools.
  • Data analysis from other software is quick and easy.
Likelihood to Recommend
It has adequate and specific functions to have an improved system, such as analysis, threat alerts, monitoring, integration with various platforms, among several other features. QRadar has managed to significantly improve our organization, it is a much freer system to work comfortably. It has the ability to eliminate threats in a short time, always with an ideal alert system to be aware of what is happening instantly. QRadar is the perfect solution to avoid bad times with threats to our system, with perfect detection and elimination of threats.
IBM Security QRadar SIEM Feature Ratings
Security Information and Event Management (SIEM) (6)
N/A
N/A
Correlation
N/A
N/A
Integration with Identity and Access Management Tools
N/A
N/A
Custom dashboards and workspaces
N/A
N/A
Behavioral analytics and baselining
N/A
N/A
Rules-based and algorithmic detection thresholds
N/A
N/A
Reporting and compliance management
N/A
N/A
Return on Investment
  • Regarding hidden threats on the network, we have made very effective progress with the visualization capacity, this also helps to save a lot of money.
  • Includes user behavior analytics.
  • Its approach to visualization in the hybrid cloud environment is ideal for our overall security development.
Ease of Integration
10
In this aspect, we can carry out direct work with the integration of the IBM Security Verify audit file log directly with the logs on the QRadar server, these links are made in very few steps and without having to request additional administrative permissions from the team IBM provides to us for our licenses to all of our software.
Support Rating
9
The response time may vary according to the number of complexity of the problems to be solved, in simple situations such as to solve some integration of all IBM modules or to manage and analyze data from other sources or products, it may be achieved in less than an hour, but if your problem is much more complicated, it may take a few days to solve your problems.
Users and Roles
35
Support Headcount Required
17
Business Processes Supported
  • It helps to get a focused workflow directly to the work area, this very capable and easy to install software.
Innovative Uses
  • Anticipate cyber attack threats, detect security problems.
Future Planned Uses
  • Improve safety reporting in all departments.
Likelihood to Renew
10
July 18, 2023

Good Correlation Rule Capabilities with Legacy Dashboard.

Verified User
Consultant in Information Technology
Information Technology & Services Company, 51-200 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Qradar is a leader SIEM solution and we are consulting companies for installation, technical issues, correlation rules etc. Most of the problem is about the legacy dashboard. Many companies want to see like splunk view and usage but less than Qradar price. Qradar is trying to improve this side like Users, log source management tabs but it is relatively slow. However, the solution mostly stable for working. Another issue is related to upgrades. When we uppgrade the solution, many issues are solved but many problems are coming together. Sometimes, finding the suitable version can be hard. Another issue, IBM support. It is better than many other products' support but it is not enough. Escalation period is relatively long and they can reject your escalation request. Finally, when you find some notification or error logg about an issue. However there is no solution for these issues in troubleshooting guide.
Pros and Cons
  • Mostly stable.
  • Strong Threat Intelligence.
  • Correlation Rules.
  • Log collection and auto-parser.
  • Support
  • Documentation
Likelihood to Recommend
I added some logs and screenshots to support portal but the analyst wants the same things again without any questions or suggestions. Also, log parser can be time consuming. As some of the other SIEM solutions, Qradar need to be improve itself. Offenses page is very legacy and case process can be visualized. Annotation part must be grafically for better understanding.
IBM Security QRadar SIEM Feature Ratings
Security Information and Event Management (SIEM) (6)
80%
8.0
Correlation
90%
9.0
Integration with Identity and Access Management Tools
80%
8.0
Custom dashboards and workspaces
60%
6.0
Behavioral analytics and baselining
80%
8.0
Rules-based and algorithmic detection thresholds
90%
9.0
Reporting and compliance management
80%
8.0
Return on Investment
  • The custom rule engine is successful.
  • Rule creation is very easy with predefined sentences.
  • Ease of use.
Ease of Integration
7
Actually, it can be successfully integrated with 3rd party solutions like virus total or SocRadar, but it is a bit hard to understand for API integration even if it has an API Guide.
Support Rating
8
Support is not bad. However some situations make me a bit nervous. I take screenshots, collect logs and notifications and upload them to the case. The analyst wants them again without any suggestion or question. I add possible solution but it wrote in the guide make it with support however they don't return me and I apply this solution and return to the case I made and solved. They say "ok good I am closing the case then". Another case I cannot reached to the assigned analyst due to power outage. That is so unprofessional. Despite all this, many cases are solved in an acceptable time period and these are exceptions.
Alternatives Considered
Correlation rule capabilities are very good. Maybe that is not best but its ROI is best. In addition, it is IBM and in my region, Qradar is one of the best SIEM solutions with good quality local and global support.
Other Software Used
Users and Roles
20
They are consultants and SOC Analysts.
Support Headcount Required
8
We are consulting company, and we are a partner of IBM. So, we have Qradar consultants.
Business Processes Supported
  • We can install and make Qradar ready in one day.
  • Support capabilities are very high but a bit slow.
  • The dashboard is legacy, but Qradar works well.
Innovative Uses
  • Local partnership is better than other SIEM solutions, so it is more preferred.
  • ROI is very high.
  • IBM is hard to work with.
Future Planned Uses
  • Dashboard renovation.
  • Automatic parser mechanism must be improved like elastic/Wazuh/Splunk...
  • Offense workflow must be more readable.
Likelihood to Renew
9
Products Replaced
No
Key Differentiators
  • Scalability
  • Integration with Other Systems
  • Ease of Use
Evaluation Lessons Learned
We know the product, and this is the solution that best meets our expectations. Maybe we can add a new solution for SMEs because of price.
Return to navigation