Overall Satisfaction with IBM Security QRadar SIEM
We are a consulting company and support locally to other companies. Most of the criticits are about offense management, uncertain notifications. For instance, CPU High Utilization offense is generated but the root cause of that situation is uncertain. Which process or extension result in this alert we don't know. there are same issues for notifications. Another point is old fashioned dashboard.
- Correlation rule capabilities
- Search capabilities
- UBA
- Offenses page is sometimes incomprehensible. Offense timeline is unclear for some of rules. Graphical explanation will be better
- Old-fashined web UI
- Manual parser is not very hard but it needs be made automatic
- All in one is supporting 30K EPS
- Different integrations are covering like WEF, agent, agentless configurations
- Correlation capabilities
- Parser is a negative side. It needs a bit manuel operation
- Old-fashioned designed but it is improving SLOWLY
Correlation competency are very high. Log seach capabilities are very high. Support is better than many other solutions. Local support is widely. Enterprise solution and leader at Gartner and Forrester
Do you think IBM Security QRadar SIEM delivers good value for the price?
Yes
Are you happy with IBM Security QRadar SIEM's feature set?
No
Did IBM Security QRadar SIEM live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of IBM Security QRadar SIEM go as expected?
Yes
Would you buy IBM Security QRadar SIEM again?
Yes