Basic features of IBM QRadar
Ruben Albornoz | TrustRadius Reviewer
February 21, 2019

Basic features of IBM QRadar

Score 10 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with IBM QRadar

IBM QRadar is an excellent security software. It was recommended to apply in the agribusiness companies that I advise, in order to protect the database of agrochemical products for sale. It is implemented throughout the company, especially in the sales department.

IBM QRadar mainly installed itself in the agro-industry that I usually advise in order to protect against security risks or threats.

Since it is based on cognitive computing solutions, this product is the only one able to cope with the growing sophistication and volume of threats to information security. Since it is characterized by providing present-time analysis of security alerts originating both in the hardware, as well as in the software that is being used in the company, IBM QRadar was installed in the company mainly to protect the database of listing data of the agrochemical products that are commercialized against virus threats that could alter the database.
  • All the databases and valuable information of the organizations are increasingly exposed to a great diversity of threats. The more and more expert attackers manage to make the brands of their actions practically inevitable, and QRadar detects in time any anomaly in order to protect companies from these actions. This is carried out through an exhaustive analysis of the information, which allows it to identify in advance those threats and suspicious actions that may affect the data and systems in general.
  • In terms of ease of use, QRadar has a somewhat complex architecture that makes it a software product that is not very detailed, as it offers a user interface and a fairly systematic deployment.
  • You can send a denial of service. The Linux kernel used by QRadar is vulnerable to a denial of service due to an error in functionality.
  • The impact has been 100% positive, since QRadar is such a powerful platform, capable of offering attractive functionalities for each type of organization.
  • It has reached all the security and protection objectives of the organizations' databases and storage.
I had initially selected AlienVault, as security software and as software protection for the sales office with the objective of safeguarding the database. However, I selected QRadar, although both are solutions capable of offering attractive functionalities for each type of organization. I selected IBM QRadar because the organization in which it is implemented uses Linux. In this case, both solutions offer clear, functional and efficient reports that allow you to have complete visibility of the connected networks.
The use and application of IBM QRadar is very appropriate in organizations where it integrates features for the handling of incidents, vulnerability detection and generation of compliance reports. In the case of the agribusiness company where it was applied, it was used in order to detect possible virus threats in product database sales, under a Linux environment.

QRadar defines risk management strategies, contributing to creating security policies adapted to the particular context, needs, and business activities; the goal is to build a robust and functional security system.

IBM QRadar Feature Ratings

Centralized event and log data collection
10
Correlation
10
Event and log normalization
10
Deployment flexibility
10
Integration with Identity and Access Management Tools
10
Custom dashboards and views
10
Host and network-based intrusion detection
10