Skip to main content
TrustRadius
IBM Security QRadar SIEM

IBM Security QRadar SIEM

Overview

What is IBM Security QRadar SIEM?

IBM Security QRadar is security information and event management (SIEM) Software.

Read more
Recent Reviews

QRadar review.

8 out of 10
March 31, 2024
Incentivized
We have used IBM Security QRadar SIEM to provide security to our costumers (B2B) and also for our own corporate security. IBM Securty …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 13 features
  • Rules-based and algorithmic detection thresholds (40)
    9.2
    92%
  • Correlation (60)
    8.9
    89%
  • Integration with Identity and Access Management Tools (56)
    8.4
    84%
  • Custom dashboards and workspaces (60)
    7.6
    76%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing
IBM Security QRadar SIEM

IBM Security QRadar SIEM

N/A
Unavailable

What is IBM Security QRadar SIEM?

IBM Security QRadar is security information and event management (SIEM) Software.

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.ibm.com/products/qradar…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

12 people also want pricing

Alternatives Pricing

Microsoft Sentinel

Microsoft Sentinel

$2.46
per GB ingested
What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.

Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

8.7
Avg 7.8
Return to navigation

Product Details

What is IBM Security QRadar SIEM?

IBM QRadar SIEM helps users to remediate threats faster by prioritizing high-fidelity alerts to help catch threats.

QRadar analytics monitor threat intel, network and user behavior anomalies to prioritize where immediate attention and remediation is needed. When threat actors trigger multiple detection analytics, move across the network or change their behaviors, QRadar SIEM will track each tactic and technique being used. More important, it will correlate, track and identify related activities throughout a kill chain, with a single high-fidelity case, automatically prioritized for the user.


https://ibm.biz/QRadar_SIEM_product_page



IBM Security QRadar SIEM Features

Security Information and Event Management (SIEM) Features

  • Supported: Correlation
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces
  • Supported: Behavioral analytics and baselining
  • Supported: Rules-based and algorithmic detection thresholds
  • Supported: Reporting and compliance management

Additional Features

  • Supported: Open architecture to deploy on premises, on cloud, or as a service.
  • Supported: Investigation speed faster with automated triage and contextual intelligence
  • Supported: Better visibility by removing silos and unifying input and shared insights
  • Supported: Integrates with existing tools to leave data where it is and leveraging current environment.

IBM Security QRadar SIEM Integrations

IBM Security QRadar SIEM Competitors

IBM Security QRadar SIEM Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

IBM Security QRadar is security information and event management (SIEM) Software.

Microsoft Sentinel, Splunk Enterprise Security (ES), and LogRhythm NextGen SIEM Platform are common alternatives for IBM Security QRadar SIEM.

Reviewers rate Centralized event and log data collection highest, with a score of 9.9.

The most common users of IBM Security QRadar SIEM are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(259)

Attribute Ratings

Reviews

(1-2 of 2)
Companies can't remove reviews or game the system. Here's why
December 14, 2023

A high level software and very easy to integrate data.

Verified User
Team Lead in Information Technology
Information Technology & Services Company, 10,001+ employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Working with total confidence is our goal and with this IBM Security QRadar has come to the organization. A tool that helps to be free of internal threats in our system, analyzes and executes strategies to get rid of all possible threats. It's powerful and feature-rich, which is what we were looking for, with the ability to customize it. QRadar has had the best time in detecting the threats having an immediate response, in addition to giving a report with all the details of what happened.
Pros and Cons
  • Excellent user interface.
  • Threat-specific reports.
  • It was characterized by being customizable.
  • Integration with IBM log data.
  • It keeps track of the system to achieve the best security, always with the best tools.
  • Data analysis from other software is quick and easy.
Likelihood to Recommend
It has adequate and specific functions to have an improved system, such as analysis, threat alerts, monitoring, integration with various platforms, among several other features. QRadar has managed to significantly improve our organization, it is a much freer system to work comfortably. It has the ability to eliminate threats in a short time, always with an ideal alert system to be aware of what is happening instantly. QRadar is the perfect solution to avoid bad times with threats to our system, with perfect detection and elimination of threats.
IBM Security QRadar SIEM Feature Ratings
Security Information and Event Management (SIEM) (6)
N/A
N/A
Correlation
N/A
N/A
Integration with Identity and Access Management Tools
N/A
N/A
Custom dashboards and workspaces
N/A
N/A
Behavioral analytics and baselining
N/A
N/A
Rules-based and algorithmic detection thresholds
N/A
N/A
Reporting and compliance management
N/A
N/A
Return on Investment
  • Regarding hidden threats on the network, we have made very effective progress with the visualization capacity, this also helps to save a lot of money.
  • Includes user behavior analytics.
  • Its approach to visualization in the hybrid cloud environment is ideal for our overall security development.
Ease of Integration
10
In this aspect, we can carry out direct work with the integration of the IBM Security Verify audit file log directly with the logs on the QRadar server, these links are made in very few steps and without having to request additional administrative permissions from the team IBM provides to us for our licenses to all of our software.
Support Rating
9
The response time may vary according to the number of complexity of the problems to be solved, in simple situations such as to solve some integration of all IBM modules or to manage and analyze data from other sources or products, it may be achieved in less than an hour, but if your problem is much more complicated, it may take a few days to solve your problems.
Users and Roles
35
Support Headcount Required
17
Business Processes Supported
  • It helps to get a focused workflow directly to the work area, this very capable and easy to install software.
Innovative Uses
  • Anticipate cyber attack threats, detect security problems.
Future Planned Uses
  • Improve safety reporting in all departments.
Likelihood to Renew
10
July 18, 2023

Good Correlation Rule Capabilities with Legacy Dashboard.

Verified User
Consultant in Information Technology
Information Technology & Services Company, 51-200 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Qradar is a leader SIEM solution and we are consulting companies for installation, technical issues, correlation rules etc. Most of the problem is about the legacy dashboard. Many companies want to see like splunk view and usage but less than Qradar price. Qradar is trying to improve this side like Users, log source management tabs but it is relatively slow. However, the solution mostly stable for working. Another issue is related to upgrades. When we uppgrade the solution, many issues are solved but many problems are coming together. Sometimes, finding the suitable version can be hard. Another issue, IBM support. It is better than many other products' support but it is not enough. Escalation period is relatively long and they can reject your escalation request. Finally, when you find some notification or error logg about an issue. However there is no solution for these issues in troubleshooting guide.
Pros and Cons
  • Mostly stable.
  • Strong Threat Intelligence.
  • Correlation Rules.
  • Log collection and auto-parser.
  • Support
  • Documentation
Likelihood to Recommend
I added some logs and screenshots to support portal but the analyst wants the same things again without any questions or suggestions. Also, log parser can be time consuming. As some of the other SIEM solutions, Qradar need to be improve itself. Offenses page is very legacy and case process can be visualized. Annotation part must be grafically for better understanding.
IBM Security QRadar SIEM Feature Ratings
Security Information and Event Management (SIEM) (6)
80%
8.0
Correlation
90%
9.0
Integration with Identity and Access Management Tools
80%
8.0
Custom dashboards and workspaces
60%
6.0
Behavioral analytics and baselining
80%
8.0
Rules-based and algorithmic detection thresholds
90%
9.0
Reporting and compliance management
80%
8.0
Return on Investment
  • The custom rule engine is successful.
  • Rule creation is very easy with predefined sentences.
  • Ease of use.
Ease of Integration
7
Actually, it can be successfully integrated with 3rd party solutions like virus total or SocRadar, but it is a bit hard to understand for API integration even if it has an API Guide.
Support Rating
8
Support is not bad. However some situations make me a bit nervous. I take screenshots, collect logs and notifications and upload them to the case. The analyst wants them again without any suggestion or question. I add possible solution but it wrote in the guide make it with support however they don't return me and I apply this solution and return to the case I made and solved. They say "ok good I am closing the case then". Another case I cannot reached to the assigned analyst due to power outage. That is so unprofessional. Despite all this, many cases are solved in an acceptable time period and these are exceptions.
Alternatives Considered
Correlation rule capabilities are very good. Maybe that is not best but its ROI is best. In addition, it is IBM and in my region, Qradar is one of the best SIEM solutions with good quality local and global support.
Other Software Used
Users and Roles
20
They are consultants and SOC Analysts.
Support Headcount Required
8
We are consulting company, and we are a partner of IBM. So, we have Qradar consultants.
Business Processes Supported
  • We can install and make Qradar ready in one day.
  • Support capabilities are very high but a bit slow.
  • The dashboard is legacy, but Qradar works well.
Innovative Uses
  • Local partnership is better than other SIEM solutions, so it is more preferred.
  • ROI is very high.
  • IBM is hard to work with.
Future Planned Uses
  • Dashboard renovation.
  • Automatic parser mechanism must be improved like elastic/Wazuh/Splunk...
  • Offense workflow must be more readable.
Likelihood to Renew
9
Products Replaced
No
Key Differentiators
  • Scalability
  • Integration with Other Systems
  • Ease of Use
Evaluation Lessons Learned
We know the product, and this is the solution that best meets our expectations. Maybe we can add a new solution for SMEs because of price.
Return to navigation