Item: IBM Security QRadar SIEM
Rating: 9
Author: Muhannad Zarour

Use Cases and Deployment Scope

Consulting on the platform.

Pros and Cons

Scalable and modular (e.g., distributed architecture)
Many other IBM products enhance its capability (e.g., Guardium, Watson, QRM, QVM, X-force)
Full payload inspection and correlation using the QNI feature
Robust HA capabilities

Licensing model complexity
Abundance in documentation makes it a challenge to find relevant guidance
QVM enhancement many organizations prefer other third-party scanners

Return on Investment

Enhanced SOC resource optimization
Value and benefits realization for strategic goals
Increased cost due to skills and training

Alternatives Considered

RSA NetWitness Platform and Splunk Enterprise Security

Very close competition but IBM QRadar stands out; other IBM products support the cybersecurity monitoring and IR function.

Other Software Used

IBM Resilient Security Orchestration, Automation and Response (SOAR), IBM Security Guardium, HCL AppScan (formerly from IBM)

Any organizations may benefit from IBM QRadar regardless of size, as offerings are available for all sizes and deployment types, including cloud (e.g., QRoC). But the organization needs to invest heavily in competency (e.g., skilled people, training).

A Robust Solution

Overall Satisfaction with IBM QRadar

Use Cases and Deployment Scope

Pros and Cons

Return on Investment

Alternatives Considered

Key Insights

Do you think IBM Security QRadar SIEM delivers good value for the price?

Are you happy with IBM Security QRadar SIEM's feature set?

Did IBM Security QRadar SIEM live up to sales and marketing promises?

Did implementation of IBM Security QRadar SIEM go as expected?

Would you buy IBM Security QRadar SIEM again?

Other Software Used

Likelihood to Recommend

IBM Security QRadar SIEM Feature Ratings