Simply the best - QRadar
Overall Satisfaction with IBM QRadar
IBM QRadar is being used to monitor the logs of the Cisco Firewall and several AIX Logs.
Business problems addressed include detection of security risk and automation of response to aid in taking prompt action to detect sources of security using log data and new network traffic data, making investigations possible and prompt
- Data visibility
- Only alerts when necessary. Detects threats, identifies and prioritizes potential incidents
- Automates response, contains threat
- Machines require fairly high resources
- The process of setting what is considered an offense is a bit cumbersome.
- Variable login expiration would be appreciated
- We are in a position to have peace knowing that we can find out about intrusions and identify access
- Ability to search old logs
- We can now focus on core business