The best SIEM solution in the market, hands down!
November 26, 2019

The best SIEM solution in the market, hands down!

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Overall Satisfaction with IBM QRadar

My current client uses QRadar in an environment with more than 6000 endpoints (averaging 40K EPS). QRadar monitors all the servers in the environment, including PCI and SOX zones. QRadar is their central security intelligence solution and is used by the SOC team for incident monitoring and daily incident investigations. The tool is also used to provide compliance information for audit teams and acts as a centralized log repository.
  • Advanced correlation rules
  • Easy to use, in just one day we can train a new SOC analyst
  • Good scalability
  • Integration with advanced data mining tools (e.g. ELK)
  • High ROI, the implementation cost is very low and in just few days you have an environment up and running
  • Security incidents are now detected in timely manner
IBM QRadar is way easier to deploy and use than the other SIEM tools. In literally hours you have a whole environment up and running. Also, QRadar comes with way more out-of-the-box parsers (called DSMs) than any other tool. Also, recently, QRadar released their app store, in which you can download extension packs for your QRadar, so you can easily deploy things such as User Behavior Analytics (UBA) and interactive dashboards.
Sometimes the support doesn't know what they are doing. You have to be lucky to get an engineer that actually knows a lot about QRadar.

Do you think IBM Security QRadar delivers good value for the price?


Are you happy with IBM Security QRadar's feature set?


Did IBM Security QRadar live up to sales and marketing promises?


Did implementation of IBM Security QRadar go as expected?


Would you buy IBM Security QRadar again?


Qualys Cloud Platform (formerly Qualysguard), McAfee Enterprise Security Manager, Arcsight Enterprise Security Manager (formerly HP Arcsight)
If you have a small-to-large company looking for a SIEM solution that "does the job" and is easy to deploy/use, QRadar is your tool. If you're looking for a complex solution that supports integration with data-mining solutions (e.g. ELK), then you may need a different solution. Overall, QRadar fits the needs of 99% of the companies. It is one of the easiest SIEM solutions to deploy and use.

IBM Security QRadar Feature Ratings