Item: IBM Security QRadar SIEM
Rating: 10
Author: Verified User

Use Cases and Deployment Scope

IBM QRadar is one of the best SIEMs on the market. It is a SIEM solution that provides security, integrity, and resilience to logs collected from critical resources. QRadar provides customizable dashboards, compliance templates, and data archiving. The SIEM offers a full range of security intelligence capabilities for on-premise deployments and the possibility of automation to detect sources of security log data and new network flow traffic. In conclusion, QRadar is a great SIEM solution.

Pros and Cons

Good integration of log sources.
Low level of false positive offenses.
Collect logs from more than 400+ sources and millions of events per second.
Intuitive dashboards.

The solution is a little bit too expensive.
Create templates for logs from SWIFT.
Make it more user-friendly.

Return on Investment

Assure security (confidentiality, integrity, and availability) of logs.
Assure compliance with international standards.
Help to investigate incidents.
Help to identify and analyze cyber attacks.

Alternatives Considered

We selected IBM QRadar SIEM because it is the best SIEM solution on the market. Great support from the vendor. A great user community that offers support for different problems. The price is good for product functionalities. The implementation was easy. The vendor offered support for sources integration.

Other Software Used

Tenable SecurityCenter, SovLabs Microsoft Active Directory, Azure Active Directory

Likelihood to Recommend

In my opinion, IBM QRadar SIEM is a fit great for big enterprises with more than 100 log sources. SIEM collects in secure mode logs from different sources. Great integration with different log sources. Easy to select and analyze logs. Good dashboards and graphics. QRadar offers incident forensics integration—very good functionality.

Assure great security with IBM QRadar

Overall Satisfaction with IBM QRadar