Skip to main content
TrustRadius
IBM Security QRadar EDR

IBM Security QRadar EDR
Formerly ReaQta

Overview

What is IBM Security QRadar EDR?

IBM Security QRadar EDR (formerly ReaQta) combines automation and dashboards to minimize analyst workloads, detect anomalous endpoint behavior and remediate threats in near real time.With visibility across endpoints, it combines expected features, like MITRE ATT&CK mapping and attack visualizations, with…

Read more
Recent Reviews

EDR FOR ENDPOINT

10 out of 10
February 22, 2024
Incentivized
We wanted to secure our end points with NxtGen AV and to protect the end points with response and detection. More over the solution …
Continue reading

IBM QRADAR REVIEW

10 out of 10
July 19, 2023
Incentivized
we were in dire need of an endpoint solution as our institution comprises a variety of nodes ranging from IoT surveillance to VDI to …
Continue reading

IBM QRadar EDR Review

8 out of 10
July 18, 2023
Incentivized
We use it to detect anomaly activity in the user computer or server, and respond as fast as possible if detected any possibilityt of being …
Continue reading
Read all reviews

How IBM Security QRadar EDR Differs From Its Competitors

Automation

IBM Security ReaQta's automation features have improved our efficiency by prioritizing alerts & automating routine tasks. It has done faster incident response by containing & remedying threats in real-time, minimizing damage. The platform's AI & machine learning enhance …
Continue reading

Automation

We became more efficient after we started using IBM Security QRadar EDR. Specially because it comes with predefine rules and policies so we don't need to manually configure them. And the AI can also analyse our usage pattern and suggest custom rules to us which again saves us a lot of time.
Continue reading

Automation

IBM QRadar helps in that process by helping efficiently detect threats and optimizing responses. The security team can focus on genuine threats rather than sifting through many false positives.
Continue reading

Automation

Yes it come with Watson capabilities which help in keep the threat away and you are alway one step forward in order to protect your organisation from all the unwanted anomalies and by keep the environment safe for user to function with very low usage of resources and it also provides Xforce …
Continue reading

Automation

The AI can be switched on to manage your system by handling alerts and reducing 90% false positive. We tend to use the AI and our service desk to check the alerts, so that something is not missed.
Continue reading

Automation

The dashboard itself is comprehensive and provides a 360 degree view of the end points combined with other features to analyse the end points which could be potential anomalies, the AI and ML capabilities of EDR helps in quick analysis of the threat on the basis of similar potential …
Continue reading

Automation

they impacted very effectively reducing the time for analysts to measure the errors and the impact of errors ntivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Spotlight module delivers …
Continue reading

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 6 features
  • Endpoint Detection and Response (EDR) (9)
    8.5
    85%
  • Centralized Management (9)
    8.3
    83%
  • Malware Detection (9)
    8.3
    83%
  • Infection Remediation (9)
    8.1
    81%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing
IBM Security QRadar EDR

IBM Security QRadar EDR

N/A
Unavailable

What is IBM Security QRadar EDR?

IBM Security QRadar EDR (formerly ReaQta) combines automation and dashboards to minimize analyst workloads, detect anomalous endpoint behavior and remediate threats in near real time. With visibility across endpoints, it combines expected features, like MITRE ATT&CK mapping and attack…

Entry-level set up fee?

  • Setup fee optional
For the latest information on pricing, visithttps://www.ibm.com/products/qradar…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

8 people also want pricing

Alternatives Pricing

Microsoft Defender for Endpoint

Microsoft Defender for Endpoint

$2.50
per user/per month
What is Microsoft Defender for Endpoint?

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection…

CrowdStrike Falcon

CrowdStrike Falcon

$6.99
per endpoint/month (for 5-250 endpoints, billed annually)
What is CrowdStrike Falcon?

CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no…

Return to navigation

Features

Endpoint Security

Endpoint security software protects enterprise connected devices from malware and cyber attacks.

8.2
Avg 8.5
Return to navigation

Product Details

What is IBM Security QRadar EDR?

IBM Security QRadar EDR (formerly ReaQta) combines automation and dashboards to minimize analyst workloads, detect anomalous endpoint behavior and remediate threats in near real time.

With visibility across endpoints, it combines expected features, like MITRE ATT&CK mapping and attack visualizations, with dual-engine AI and automation.

For teams that need extended support, managed detection and response (MDR) services offers 24/7 monitoring and response to help keep users protected. QRadar EDR can be deployed as SaaS, on-premises and in air-gapped environments.


https://ibm.biz/QRadar_EDR_product_page


IBM Security QRadar EDR Features

Endpoint Security Features

  • Supported: Anti-Exploit Technology
  • Supported: Endpoint Detection and Response (EDR)
  • Supported: Centralized Management
  • Supported: Hybrid Deployment Support
  • Supported: Infection Remediation
  • Supported: Malware Detection

Additional Features

  • Supported: Pre-execution prevention: Reviews file source code prior to full execution and stop files from running if malicious code is detected.
  • Supported: NanoOS: Each endpoint agent includes dual AI engines and NanoOS technology, which allows certain detection and autonomous operation capabilities even when endpoints are offline.
  • Supported: Attack visibility: Detects and correlates alert information, including an attack’s root cause, risk assessment, and MITRE ATT&CK framework.
  • Supported: Anti-ransomware: Analyzes file behaviors for detecting imminent attacks and stop malicious processes from executing.
  • Supported: Signature scanning: Uses heuristics and signature-based prevention.
  • Supported: Threat insights: Identifies potential threats with metadata-based analysis to expedite triaging and enable detection of an alert’s artifacts to discover new binaries as soon as they’re activated.
  • Supported: AI-driven Threat hunting: Enables real-time search for indicators of compromise (IOC), binaries and behaviors to facilitate the discovery of dormant threats.
  • Supported: Forensics: Enables remote gathering of forensic information to reconstruct an attacker’s activities.
  • Supported: Custom playbook: Creates custom-built detection response and remediation playbooks.
  • Supported: API access: Automates workflows and integrate with external platforms with Direct API access to ReaQta.

IBM Security QRadar EDR Screenshots

Screenshot of Behavioral tree: A behavioral tree provides full alert and attack visibility.Screenshot of Behavioral tree storyline: A visual storyline is automatically created as an attack unfolds, including mapping to MITRE ATT&CK, for full visibility.Screenshot of Cyber Assistant alerts: The Cyber Assistant, an AI-powered alert management system, can autonomously handle alerts, reducing analysts’ workloads.Screenshot of Cyber Assistant recommends: The Cyber Assistant learns from analyst decisions, then retains the intellectual capital and learned behaviors to make recommendations and help reduce false positives.Screenshot of Custom detection strategies: Detection Strategy (DeStra) scripting allows users to build custom detection strategies — beyond preconfigured models — to address compliance or company-specific requirements without the need to reboot the endpoint.

IBM Security QRadar EDR Videos

IBM Security QRadar EDR Integrations

IBM Security QRadar EDR Competitors

IBM Security QRadar EDR Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesGlobal
Supported LanguagesEnglish

IBM Security QRadar EDR Downloadables

Frequently Asked Questions

CrowdStrike Falcon, SentinelOne Singularity, and VMware Carbon Black Endpoint are common alternatives for IBM Security QRadar EDR.

Reviewers rate Endpoint Detection and Response (EDR) highest, with a score of 8.5.

The most common users of IBM Security QRadar EDR are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(33)

Reviews

(1-9 of 9)
Companies can't remove reviews or game the system. Here's why
April 03, 2024

Effective Threat Mitigation

Verified User
Manager in Information Technology
Industrial Automation Company, 201-500 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
As a user of IBM Security QRadar EDR in our organization, we use its powerful capabilities to improve our cybersecurity posture. The product plays a critical role in giving various business problems related to threat detection & response at the endpoint level. Firstly, QRadar EDR gives us solution to detecting potential security threats across our endpoints. It continuously moniters activities such as file changes, network connections & process behaviors. it alerts us to any suspicious & malicious activities in real-time.
Pros and Cons
  • QRadar is full capable of collecting extensive endpoint telemetry data, including file system changes, registry modifications, process executions, network connections etc.
  • Its interface & robust search capabilities analysts easily conduct detailed investigations & uncover IOCs as well as suspicious patterns of behavior.
  • QRadar EDR integrates smoothly with threat intelligence feeds, from which an organization can enrich endpoint data with contextual information about known threats & IOC.
  • QRadar EDR gives many predefined detection rules & response actions but from our team member found out limitations in terms of customization & flexibility.
Likelihood to Recommend
QRadar EDR is well suited for large malware detection capabilities above traditional antivirus solutions. It excellent in detecting advanced malware variants, including fileless malware, polymorphic malware & zero-day exploits.
As a security team, when we need to hunt for threats across our endpoints, IBM Security QRadar EDR's powerful search & investigation capabilities allow our analysts to take a deep look into endpoint data, searching for indicators of compromise (IOCs) & finding hidden threats.
March 31, 2024

Great security solution with advanced analytics and intuitive interface

LM
Laury Mante
Senior Software Quality Assurance Analyst
Computools (Computer Software, 501-1000 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
IBM Security QRadar EDR is a reliable endpoint security solution that uses advanced analytics to detect threats and malwares and vulnerabilities and it is only possible because of predefined rules and policies that come with it by default. Also its intuitive interface simplifies security operations for everyone and makes it very easy to operate. And it meets all the security needs a business may ever need and hence it is the best security solution.
Pros and Cons
  • Uses advanced analytics to detect threats and malwares and vulnerabilities in real time.
  • Intuitive interface so everyone can use it.
  • Easy to implement and set it up.
  • For large organizations, the pricing may be ok. But for smaller organization the price is quite high.
  • Sometimes consume too much resources though it doesn't last long and returns to normal usage after sometime.
Likelihood to Recommend
IBM Security QRadaar EDR provides all the security features at one place with a reasonable price. Though for smaller organizations, the price may be quite high. Plus since it can detect threats and malwares in real time, every business should try them out.
March 19, 2024

My Experience for IBM Security QRadar.

sandeep kamboj | TrustRadius Reviewer
sandeep kamboj
Software Engineer
Tech Casa LLP (Computer Software, 11-50 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
IBM Security RRader EDR has a straightforward and user-friendly interface. IBM Security QReata is easy to use for users and helps security analysis navigate the system more effectively. Real-time monitoring of network traffic and endpoint activities also helps admins reduce risk and respond to security incidents in a timely manner. I think not every security vendor provides continuous updates as fast as IBM. IBM is easy to implement.
Pros and Cons
  • Automatic alert management.
  • Analysis
  • UI/ UX
  • System Performance.
  • Little Bit Expensive.
Likelihood to Recommend
Its function of creating logs helped me a lot, as I could create accurate reports, which also saved me time and money. I think all are good in IBM security QRadar, but its security function and instant reporting function are best for me, as in the security field, as fast as action is taken, the problems can be solved correctly and accordingly.
March 12, 2024

IBM Security QRadar EDR endpoint security

Dr. Paul Nemirovsky | TrustRadius Reviewer
Dr. Paul Nemirovsky
Cybersecurity Advisor
Northrop Grumman, CenturyLink, Lumen, Advisory (Telecommunications, 1001-5000 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We leverage IBM Security QRadar EDR capability to protect endpoints from cyberattacks, detect anomalous behavior and remediate security issues. The business problems we address with this service are the endpoint security of the enterprise IT systems, including network and IT infrastructure systems, automatic threat remediation, informed cybersecurity decision-making with attack visualization storyboards
Pros and Cons
  • Detect known and unknown endpoint security threats
  • Remediate these threats near real time
  • Automation in threat detection
  • Threat attack attack visualization storyboards
  • Alert management authomation
  • IBM Security QRadar EDR is expensive to use
  • Requires a complex and confusing training
  • Labor intensive to support
  • Complex to integrate with SOC/NOC (security operations center/network operations center) services
Likelihood to Recommend
Well suited: Complex, large scale enterprises with thousands of endpoints to secure, well trained security support groups, significant training budget.
Less appropriate: small and medium enterprises with limited security resources and talent. Limited training resources.
February 22, 2024

EDR FOR ENDPOINT

Verified User
Vice-President in Sales
Information Technology & Services Company, 1001-5000 employees
Score 10 out of 10
Vetted Review
ResellerIncentivized
Use Cases and Deployment Scope
We wanted to secure our end points with NxtGen AV and to protect the end points with response and detection. More over the solution competes very well with this immediate competitor and provides easy way to do the implementation and response to solution has turned out to be fantastic and provides exact response.
Pros and Cons
  • NxtGen AV
  • Easy to implement
  • Response and Detection to the threats
  • Clarity on the roadmap
  • Prices competitive
  • Provide cloud based security.
Likelihood to Recommend
As mentioned ease to deployment and implementation made the delivery seamless. NxtGen antivirus capabilities, it helps in protecting endpoints from Cyber attacks and anomalies and remediate vulnerabilities in near real time. Enable informed decision making with attack making visualisation, also help to automate decision and focus on the threats which are matters
November 27, 2023

IBM Security QRadar EDR good SIEM tool

Verified User
Technician in Information Technology
Information Technology & Services Company, 51-200 employees
Score 8 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
We use it as a SIEM logs tool. The alerts are human readable. There is a cyber assistant that can help you if needed and also you have plenty of options to customize it to feed your organizations needs. The endpoints are exposed a lot and with them the network of the customer is exposed so this tool help us keep everything monitored
Pros and Cons
  • automatic alert management
  • customizable detection strategy
  • rassomware detection
  • UI
Likelihood to Recommend
It helps our service desk to be active in monitoring alerts. The alerts are human readable, easy to identify what is happening and it can be set up to detect all alerts you/your organization needs. The UI can be modernized/updated, but that is the only thing. Ransomware detection is good as well
November 21, 2023

EDR for threat management with AI/ML

Verified User
Employee in Professional Services
Information Services Company, 10,001+ employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
It is being used to manage security management and information, the main feature used is threat detection and responses at the end point, the artificial learning and machine capabilities are used for behavioral analysis of the anomalies in the end point. Also used for tracing and souring of the incidents.
Pros and Cons
  • Monitoring
  • UI/UX
  • Analysis
  • Threat intelligence
  • scalability
  • Not easy to understand the overall features
  • system performance
  • costing for small organization
Likelihood to Recommend
It is well suited for analysis of the threat on the basis of hierarchy and its AI and ML features can be used to analyze the root source and tracing the incidents. It is less applicable at small level designs where scalability is not required when volume of incidents are less.
July 19, 2023

IBM QRADAR REVIEW

Verified User
Employee in Information Technology
Education Management Company, 501-1000 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
we were in dire need of an endpoint solution as our institution comprises a variety of nodes ranging from IoT surveillance to VDI to supercomputers so in search of a solution that would secure all the infrastructure I came up to IBM the features they provided were commendable and other's experience with this product I made the decision to carry on with it. And it is working very fine rectifying the traffic and patching itself to become more resilient in front of sophisticated attacks.
Pros and Cons
  • Monitoring
  • Resilience
  • Patching itself
  • Interface
  • User Interface
  • faster processing for interface
Likelihood to Recommend
the scenarios like there is lot of traffic especilly for reguistration for new studens the traffic grph rose exponentially so in that scenario it is very helpful but when there is any internet issue it has some problem because of its cloud based architecture so real time analysis is little bit effected.
July 18, 2023

IBM QRadar EDR Review

Verified User
Engineer in Information Technology
Computer & Network Security Company, 201-500 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use it to detect anomaly activity in the user computer or server, and respond as fast as possible if detected any possibilityt of being a true malicious activity.
Pros and Cons
  • Pin processes in the tree investigation
  • Lua script
  • friendly UI/UX
  • use AI to review previous false negatives that contributed wrongly in the AI suggestion on the follow alerts
  • easily run a script based on values from an hash, ips, path inside the boxes on the behavioral tree
  • apply the remediation to a range of endpoint instead to only the endpoint of the current alert
  • use ajax for example to update the alert page automatically while actions are happening
  • for api have profiles that allow only get actions, or just post on some actions
  • create users in bulk
Likelihood to Recommend
It is well suited for companies that already have part of IBM QRadar Suite, an less appropriate for those that have multiple vendors integrations get little more harder of achieve but possible.
Return to navigation