IBM Qradar SIEM Overall Experience
March 18, 2022

IBM Qradar SIEM Overall Experience

Mohit Bhateja | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Software Version

QRadar Advisor with Watson (legacy branding)

Overall Satisfaction with IBM Security QRadar

We are using Qradar as a soc service as Managed service partner managing soc with 500 eps even count, Major problem with the system is disconnection of device from Qradar console with having network issues as switch usually generating few logs and in the interval of 7-8 days, some of the devices removed automatically from the console and no alert triggered in this case. We have manually re-configure the Syslog configuration to map this device. Integration with DLP is quite difficult and does fine any significant impact for integration with DLP. Overall product is good for medium enterprise organizations as firewall level Threats & fast positive alert detection rates ate very high in terms of another tool. Scope: Real-time monitoring 24*7 related to network threat protection, any kind of unauthorized access, abnormal behavior detection, etc…
  • Automative of Threat protection
  • advanced search queries are easy to understand. This allows you to perform specific searches that really speed up the investigation process.
  • Device must be connected once configuration completed to integrate with console,
  • Licensing model: the EPS (events per second) cap limits the number of logs that can be ingested in Qradar Can produce a lot of false positives
  • Pricing structure should be cheeper and enhancement could be faster
  • Filter data event & high end anaylytics
  • Threat detection process
  • Our object is to secure organisation network which we can achieve with this product

Do you think IBM Security QRadar SIEM delivers good value for the price?


Are you happy with IBM Security QRadar SIEM's feature set?


Did IBM Security QRadar SIEM live up to sales and marketing promises?


Did implementation of IBM Security QRadar SIEM go as expected?


Would you buy IBM Security QRadar SIEM again?


Detection of false-positive alert is high and responsive integration of the device is quite difficult