Item: IBM Security QRadar SIEM
Rating: 10
Author: Verified User

Use Cases and Deployment Scope

IBM QRadar is one of the best SIEM available. Year of experience, continous improvements and constant innovations makes this product one of the most stable and reliable Cybersecurity platforms in commerce. I use QRadar on a daily basis both on operational and administrative levels in order to address the cybersecurity issues in my company and other companies.

Pros and Cons

Event correlation
Rule Alerting and Response
Data parsing and normalization
Customizations

User interface
Cloud services integration
NDR Integration like QNI can improve a lot

Return on Investment

Like any cybersecurity product, any money you don't lose on a prevented attack is money that you saved
Most of the apps are free and provides great enrichment like User Behaviour Analytics
Top quality alerts gives enormous value to the "passive" data that flows into the infrastructure

Ease of Integration

One of the selling points for IBM QRadar is the number of default integrations that comes out of the box with the product. More than 400 products and vendors from any kind of technology and even so, if you have a custom application that you want to normalize and correlate with, the parsing engine is fully customizable and allows the normalization of any kind of data.

Support Rating

The support from IBM is another golden point for the product. Given the huge documentation available from IBM, the support is there 24/7 with a wide range of experts and teams that are specialized in various section of the product allowing IBM to provide cutting edge support and to solve even the most complicated and unusual problem.

Alternatives Considered

Splunk Enterprise, Chronicle SOAR and LogSentinel SIEM

IBM Qradar takes the best from its competitors. Reliable and stable but sometimes very expensive, the SIEM from IBM offers a wide range of scenarios in which the customers can suite and size their own infrastructures. IBM Qradar doesn't really needs to stack up againt its competitors because it already sets an example in the SIEM world.

Key Insights

Do you think IBM Security QRadar SIEM delivers good value for the price?

Yes

Are you happy with IBM Security QRadar SIEM's feature set?

Yes

Did IBM Security QRadar SIEM live up to sales and marketing promises?

Did implementation of IBM Security QRadar SIEM go as expected?

Yes

Would you buy IBM Security QRadar SIEM again?

Yes

Other Software Used

Bitdefender GravityZone, Darktrace, Microsoft Defender for Endpoint

Likelihood to Recommend

IBM QRadar is well suited for medium/large companies that needs to monitor their IT infrastructure on a trasversal level. Given that a SIEM is fundamental for a good cybersecurity environment, IBM QRadar is the rocksteady answer to all the needs that an IT Operation or SOC team may ask. Both on premise or in cloud, all-in-one or distributed, QRadar is scalable for any kind of scenario. This is a cutting edge product that needs to be followed constantly so it can be less appropriate for companies that doesn't have the required workforce to keep the product healty and up to date.

The most complete and reliable SIEM

Software Version

Modules Used

Overall Satisfaction with IBM Security QRadar SIEM