IBM Security QRadar SIEM for Cybersecurity
January 24, 2024
IBM Security QRadar SIEM for Cybersecurity
Score 9 out of 10
Vetted Review
Verified User
Software Version
QRadar Advisor with Watson (legacy branding)
Modules Used
- SIEM
- SOAR
Overall Satisfaction with IBM Security QRadar SIEM
The main goal of IBM Security QRadar SIEM is cybersecurity. We provide perimeter monitoring and active defense by blocking "bad" IPs. We monitor unusual user activity, password compromises, etc. We monitor malware activity in our organization using different IOCs from threat intelligence services and feeds. QRadar SIEM provides log storage for a definite period of time.
- We are monitoring connections from/to the TOR Nodes to detect hidden malware.
- We are monitoring users' password compromises by typing their password in the login box. Also, we send users notifications to change their passwords immediately.
- We are monitoring bad HTTP(S) queries to our www sites from external agents and we are blocking bad IP addresses on our perimeter IPS Devices in real-time.
- Improve the assets management tab as it has poor functionality.
- Add more options and tests for creating rules and building blocks.
- Add more options in the rules response tab to use multiple scripts and alerts.
- Increased time for detection and reaction to cyber threats
- Ensured regulatory requirements for saving different system logs
- Very expensive QRadar technical support
ArcSight is more difficult to understand and administer, and it looks more like a box for programming and needs a lot of high-level skills personnel. IBM Security QRadar SIEM is well suited for organization cybersecurity in large and medium organizations. IBM Security QRadar SIEM has a very user-friendly interface.
Do you think IBM Security QRadar SIEM delivers good value for the price?
Not sure
Are you happy with IBM Security QRadar SIEM's feature set?
Yes
Did IBM Security QRadar SIEM live up to sales and marketing promises?
Yes
Did implementation of IBM Security QRadar SIEM go as expected?
Yes
Would you buy IBM Security QRadar SIEM again?
Yes