Full-featured SIEM with a price tag to match and room for improvement in the support offering
November 09, 2021

Full-featured SIEM with a price tag to match and room for improvement in the support offering

Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User

Software Version

Other

Overall Satisfaction with IBM Security QRadar

QRadar is being used across our organisation, aggregating logs from all servers and network devices. It provides visibility of potential threats and attacks, and the data is analysed and reported upon daily. Its grouping of security events into "flows" assists greatly with understanding the timeline of a particular set of events. We also integrate the output of other security tools such as Cisco Umbrella and Qualysguard into our QRadar instance to provide a holistic view of our threat landscape.
  • Event grouping
  • Searching and filtering
  • All-in-one appliances for "drop-in" installation and setup
  • More responsive support
  • Harmonised prices throughout different worldwide markets
  • Tidy up UI and make it more intuitive
  • Reliability
  • Usability
  • Speed
  • Increased understanding of threat landscape
  • Greatly reduced time spent manually trawling through logs
  • Ability to carry out forensic analysis as part of a post incident review

Do you think IBM Security QRadar SIEM delivers good value for the price?

No

Are you happy with IBM Security QRadar SIEM's feature set?

Yes

Did IBM Security QRadar SIEM live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of IBM Security QRadar SIEM go as expected?

Yes

Would you buy IBM Security QRadar SIEM again?

No

It works well in medium-to-large companies who have the budget for such a full-featured product. It may be less suitable for small-to-medium enterprises with tighter margins and a more controlled security budget, though the QRadar Community Edition could provide a more cost-effective solution. It's also well-suited to organisations with a diverse technology estate as it integrates well with many popular hardware and software offerings.

IBM Security QRadar SIEM Feature Ratings

Centralized event and log data collection
10
Correlation
9
Event and log normalization/management
8
Deployment flexibility
9
Integration with Identity and Access Management Tools
10
Custom dashboards and workspaces
9
Host and network-based intrusion detection
10
Log retention
9
Data integration/API management
9
Behavioral analytics and baselining
9
Rules-based and algorithmic detection thresholds
9
Response orchestration and automation
9
Reporting and compliance management
9
Incident indexing/searching
9