1. Home
  2. Security Information and Event Management (SIEM) Software
  3. IBM Security QRadar SIEM Reviews
  4. User Review of IBM Security QRadar SIEM
A Little Pricy But Secures Us Well
September 25, 2023

A Little Pricy But Secures Us Well

Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User

Software Version

Other

Modules Used

  • SIEM
  • SOAR

Overall Satisfaction with IBM Security QRadar SIEM

We use IBM QRadar as a main SIEM tool and we as a soc team completely depend on it. We do a primary investigation as per the building blocks and rules we organize. Whenever the alert triggers as per the rule we wrote. We go to a particular event and check the payload if we can find any suspicious things and proceed with further investigation.

  • Parsing
  • Payload
  • Integrations
  • User interface
  • Easy to operate
  • Loading speed
  • Higher quality alerts
  • Stronger security
  • Quickly triggers alerts
Coming to the integration we do pull mechanism and it works well. Most of the Microsoft events we do in this way. Other integrations also do, but the pull mechanism is much easier to integrate than the other integrations. Also, it is very easy to troubleshoot when the events are not triggering.
We use IBM QRadar as an SIEM tool for the organization. We integrated with the soar tool and from there, we assign the alerts. In some cases, the alerts are not triggered properly. We raised a ticket with the IBM QRadar team to resolve the issue and after a few connects, the problem was resolved.

Do you think IBM Security QRadar SIEM delivers good value for the price?

Yes

Are you happy with IBM Security QRadar SIEM's feature set?

Yes

Did IBM Security QRadar SIEM live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of IBM Security QRadar SIEM go as expected?

Yes

Would you buy IBM Security QRadar SIEM again?

Yes

IBM Security QRadar SIEM, PowerConnect for Splunk, Microsoft 365
IBM QRadar as an SIEM tool is very good at parsing the Microsoft events when properly integrated and behaves well with the firewall events. This will be very useful in such scenarios, but, in some cases, the log sources will not parse properly that time it will be very difficult to troubleshoot.

IBM Security QRadar SIEM Feature Ratings

Security Information and Event Management (SIEM)
6.7
Correlation
10
Integration with Identity and Access Management Tools
8
Custom dashboards and workspaces
4
Behavioral analytics and baselining
5
Rules-based and algorithmic detection thresholds
7
Reporting and compliance management
6