1. Home
  2. Security Information and Event Management (SIEM) Software
  3. IBM Security QRadar SIEM Reviews
  4. User Review of IBM Security QRadar SIEM
IBM Security QRadar SIEM
March 14, 2024

IBM Security QRadar SIEM

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Software Version

QRadar Advisor with Watson (legacy branding)

Modules Used

  • SIEM
  • SOAR

Overall Satisfaction with IBM Security QRadar SIEM

We use IBM Security QRadar SIEM to help us quickly analyze and respond to potential security incidents. Today it is an indispensable solution for our SOC. By having a centralized interface like IBM Security QRadar SIEM, we are able to investigate and identify with much more precision the various events related to certain suspicious behaviors.
  • The interface in general is clean and complete.
  • There is a satisfactory number of plugins approved for integrations with other vendors. Through DSM Universal, we have the possibility of integrating with any other solution that has these resources (information collection through API).
  • With the UBA feature, we get an excellent behavioral view of the end user.
  • A greater number of DSMs available.
  • The frequency of available updates, I know that in some cases this is good, but when we have a large environment, IBM Security QRadar SIEM upgrades take hours to complete and I see that we always have unnecessary bugs in each version. Not that this interrupts the service, but it is somewhat annoying.
  • Support for third-party applications, IBM is not responsible for the third-party applications that run in its environment, so when we have a problem, we need to contact the suppliers. This is something that I believe should improve, since IBM approves all applications and makes it available in its store, so this "between manufacturers" contact should be more direct between those responsible and not depend on customers.
  • Reduction in analysis time for SOC analysts.
  • Greater precision in analyses.
With the possibility of creating a Universal DSM, we can integrate IBM Security QRadar SIEM into any event source that allows information collection via API.
Although I always get help through support, in some situations it leaves something to be desired, whether in the delay in responses or the "that's not my problem" policy.

Do you think IBM Security QRadar SIEM delivers good value for the price?

Yes

Are you happy with IBM Security QRadar SIEM's feature set?

Yes

Did IBM Security QRadar SIEM live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of IBM Security QRadar SIEM go as expected?

Yes

Would you buy IBM Security QRadar SIEM again?

Yes

It is an excellent solution for what is proposed.

IBM Security QRadar SIEM Feature Ratings

Security Information and Event Management (SIEM)
9.2
Correlation
9
Integration with Identity and Access Management Tools
9
Custom dashboards and workspaces
10
Behavioral analytics and baselining
9
Rules-based and algorithmic detection thresholds
9
Reporting and compliance management
9