The force of IBM Qradar
December 24, 2019

The force of IBM Qradar

Larbi Belmiloud | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Review Source

Overall Satisfaction with IBM QRadar

I had the privilege to install and deploy QRadar for my customers, to respond to many problems like managing logs and detecting advanced attacks to the platform. In many cases, people can't see human behaviors. With QRadar UBA, they can finally profile and use UBA capabilities to anticipate and respond to attacks. QRadar has a greater ability to integrate with many other solutions with more than 200 apps developed, and this helps to harmonize customer fabric security.
  • Rich functionality.
  • Scalable.
  • Integration.
  • Analyze Flows.
  • UBAI Analyses capability.
  • Integrations with SOAR and other SIEM platforms.
  • It's a good product. I can do all security investigations within one single point.
  • A very rich product with many useful cases and apps added.
There is a full integration between QRadar and Resilient. This two-way integration helps investigators to enhance and use the strongest version of QRadar, more so than the use of Xforce and other threat sources to investigate and get the IOC feeds. There are many applications to use and integrations with many threat sources. To put it simply, I like to use QRadar!
I've had many issues with QRadar, and the support would hear and respond to my question all the time (more so than in the case of IBM Resilient support). They were very quick to respond, were helpful, and provided remote access.

Do you think IBM QRadar delivers good value for the price?

Yes

Are you happy with IBM QRadar's feature set?

Yes

Did IBM QRadar live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of IBM QRadar go as expected?

Yes

Would you buy IBM QRadar again?

Yes

Some use cases for QRadar include:
  1. Detect advanced attacks with upgraded functionality systems when activating systems and auditing advanced logs on owers server to detect hidden infections.
  2. Detecting and monitoring the behavior of Active directory users to know the possibility of malicious infection.
  3. Analysing third-party applications, and writing parsers quickly.
  4. Investigate threats and write new rules for detecting new and correlated unknown attacks.

IBM QRadar Feature Ratings

Centralized event and log data collection
10
Correlation
10
Event and log normalization/management
9
Deployment flexibility
9
Integration with Identity and Access Management Tools
8
Custom dashboards and workspaces
9
Host and network-based intrusion detection
6