IBM Security QRadar SIEM review
July 17, 2024
IBM Security QRadar SIEM review
Score 9 out of 10
Vetted Review
Verified User
Software Version
QRadar Advisor with Watson (legacy branding)
Modules Used
- SIEM
Overall Satisfaction with IBM Security QRadar SIEM
We use IBM Security QRadar SIEM in our organization to centralize all the security and compliance events to monitor and detect a possible security breach in our environment. The scope of our use cases is related to our infrastructure, security products that protect our company and use cases to detect scammers exploiting vulnerabilities in our business rules.
Pros
- Simplicity in creating new use cases and rules
- Simplicity in making filters using properties
- Simplicity in have IBM support
Cons
- Pulse app can be improved to implement easily new charts using properties and not only by using AQL
- The Asset menu is difficult to configure and brings a lot of false positives
- The UBA is difficult to configure well to bring relevant finds
- Gives us more visibility about cyber attacks and gives us the opportunity to create defensive strategies to protect our business.
- The negative impact is the price, justifying the price paid for the IBM Security QRadar SIEM is a challenge
- To have high disponibility and redundancy in IBM Security QRadar SIEM is expensive
Because is easy to use and if you don't have analysts with database language skills IBM Security QRadar SIEM is easy to use in comparison to Splunk.
Do you think IBM Security QRadar SIEM delivers good value for the price?
Yes
Are you happy with IBM Security QRadar SIEM's feature set?
Yes
Did IBM Security QRadar SIEM live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of IBM Security QRadar SIEM go as expected?
I wasn't involved with the implementation phase
Would you buy IBM Security QRadar SIEM again?
No
Comments
Please log in to join the conversation