a coworker of your's: Qradar, makes your life easier
July 20, 2022

a coworker of your's: Qradar, makes your life easier

Muhammed Ali CETİN | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User

Software Version

Other

Modules Used

  • SIEM
  • QNI

Overall Satisfaction with IBM Security QRadar

IBM Qradar's been used as compliance in our company and also trying to overcome all the security related problems. briefly, onboarding any security-related data, consolidating, and creating detection rules on top of that. We also integrated with QNI for flow data to unleash grey part which is not visible enough with legacy data sources. IBM Qradar is user-friendly and easy to deploy and with auto-discover data management is never been so easy as that. any LogOps project steps can easily run on Qradar.

Pros

  • Autodiscover for data sources
  • Data onboarding
  • Creating detection rules
  • API integration

Cons

  • Should onboard any type of data.
  • Dashboarding and advanced queries like statistical analysis and ML features.
  • Parsing and filter out.
  • License model.
  • Instead of java, could be written C to get more efficient and faster environment.
  • Enrichment of data on data pipeline.
  • Replication and loadbalancing on Datanodes and EventProcesssors.
  • Comparing with other solutions, IBM Qradar reduce investment.
  • Gives you high quality alerts and can use reference set as enrichment or filter purpose.
  • With auto-discover, it reduces manual work significantly.
- IBM Qradar can almost integrates all 3rd vendor products.
- with QNI it gives you full visibility from east to west or north to south. depends where you put it
- integrating with any type of SOAR platform within a sec and onboard all incidents purely.
- search engine is user friendly, and if you parsed according to Common information model for data, you can correlate any type of data sources with a simple search
One of the best support that I've seen in vendors. they are well equipped and knowledgeable about security and their product. If you go with a problem, %100 sure that they will get back to you in several minutes. What's more, if IBM is located in the Country, support and customer success much much better.
IBM is more user-friendly if we compare it with ELK stack and ArcSight. Much reliable, and have better Support. Onboarding data, creating correlation searches, and easier to integrate with 3rd party solutions as well. LogOps projects and less time-consuming products. Qradar saves your time.

Do you think IBM Security QRadar SIEM delivers good value for the price?

Yes

Are you happy with IBM Security QRadar SIEM's feature set?

Yes

Did IBM Security QRadar SIEM live up to sales and marketing promises?

Yes

Did implementation of IBM Security QRadar SIEM go as expected?

Yes

Would you buy IBM Security QRadar SIEM again?

No

Splunk Enterprise, Splunk Enterprise Security (ES), Microsoft Sentinel, Cribl LogStream, CrowdStrike Falcon Endpoint Protection, Picus Security, IBM Resilient Security Orchestration, Automation and Response (SOAR), Splunk SOAR
- Log management is never been easy, with auto-discover and DSM features, adding log sources is so easy and user-friendly.
- UI is so simple and user-friendly, if you haven't experienced it yet you still can understand it within a second and create searches.
- Deployment of architecture. well structured.
- Alerting and correlation rules are well suited as well.

Comments

More Reviews of IBM Security QRadar SIEM

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. IBM Security QRadar SIEM Reviews
  4. User Review of IBM Security QRadar SIEM