IBM Security QRadar SIEM best SIEM Tool
Updated March 27, 2025

IBM Security QRadar SIEM best SIEM Tool

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Software Version

QRadar Advisor with Watson (legacy branding)

Modules Used

  • SIEM

Overall Satisfaction with IBM Security QRadar SIEM

With the increasing number of cybersecurity threats, our company needed software to help us correlate logs sent from our infrastructure for the purpose of detecting and preventing threats. We chose the IBM Security QRadar SIEM solution as it is the best solution on the market. We send all application and operating system logs from our machines to IBM Security QRadar SIEM, IBM Security QRadar SIEM analyzes them and correlates them to see if there are, for example, incorrect login attempts or other issues. Obviously, the software has to be managed by a team of people to function at its best. But once it's set up properly, you can set alerts that go off in certain situations to alert you via e-mail of problems that are occurring at that time. Really a very good SIEM!

Pros

  • Log correlation to find possible problems
  • Creation and visualization of custom dashboards
  • Handles almost any kind of log source
  • User management

Cons

  • High initial learning curve
  • High product costs for small businesses
  • Managing the product requires a high number of people working on it
  • Reduced human work in data correlation
  • Saving time and energy in finding anomalies or cyber attacks
  • Dashboards provide a quick overview of cyber attacks
In our case we have not integrated IBM Security QRadar SIEM with other software but we know that it can be integrated with many software such as servicenow, firewalls such as checkpoint, antivirus such as crowdstrike etc.We saw a demo of the product with the possible integrations.
We have used IBM support a few times, for example, we needed help to upgrade the appliances and the support has been great and ready to help us.
We chose IBM Security QRadar SIEM not only because it was a leader but because it convinced us it was a solid product suitable for multiple scenarios but most importantly we needed a really secure and powerful software for our infrastructure.

Do you think IBM Security QRadar SIEM delivers good value for the price?

Yes

Are you happy with IBM Security QRadar SIEM's feature set?

Yes

Did IBM Security QRadar SIEM live up to sales and marketing promises?

Yes

Did implementation of IBM Security QRadar SIEM go as expected?

Yes

Would you buy IBM Security QRadar SIEM again?

Yes

An example scenario is the detection of ddos attacks. The product immediately notices if there are high ping requests or abnormal access requests on a machine. Another scenario is repeated attempts within a short period of time to access a machine by entering incorrect credentials. IBM Security QRadar SIEM in this case signals a possible bruteforce attack.

IBM Security QRadar SIEM Feature Ratings

Security Information and Event Management (SIEM)
9.3
Correlation
10
Integration with Identity and Access Management Tools
9
Custom dashboards and workspaces
10
Behavioral analytics and baselining
9
Rules-based and algorithmic detection thresholds
9
Reporting and compliance management
9

Using IBM Security QRadar SIEM

20 - In our company, QRadar represents crucial software in detecting and correlating cyber threats. It is used by our Security and Risk offices. We collect events from thousands of servers and clients and constantly monitor activity on these devices. It allows us to be proactive in the face of new threats. We cannot do without it.
10 - The people who work on QRadar are different. One person is not enough to manage the product, but it takes a team of people to do daily analysis of threats found by QRadar. Although it may initially seem difficult to master the software, over time you learn to use it. To use the product, people need to have cybersecurity skills and advanced analysis skills aimed at understanding how to remediate threats and prevent new ones.
  • Threat correlation
  • Log collection
  • advanced continuous threat monitoring reports
  • We used QRadar for the collection and historicization of logs
  • Ability to save logs for 10 years or more to do advanced analysis over time, so not just for a short period of time.
QRadar is an established and stable product, we have been using it for many years and want to continue to focus on it. Anyone who has used the product and knows it knows how reliable it is and how it facilitates continuous monitoring of threats from outside and inside. it is an exceptional product that is very useful for us.

Evaluating IBM Security QRadar SIEM and Competitors

  • Other
QRadar is a well-known and established product. It is very powerful compared to other solutions in the market. It was chosen because of its reliability and how it correlates threats and collects logs efficiently from so many different types of devices. It is not an immediately usable software as it needs time for learning. But once learned the software works very well.
Nothing.

IBM Security QRadar SIEM Implementation

Initial patience is required to learn how to use the product, and it takes a dedicated team to use it. One person is not enough, and it's not enough to just set it up and check it once in a while. It has to be used daily and kept under control to be used effectively.
  • Implemented in-house
Not sure - I don't know.
  • Nothing

IBM Security QRadar SIEM Training

  • Online Training
  • In-Person Training
  • No Training
The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.
The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.
It is preferable to learn the product with QRadar support; alone it is difficult to learn.

Configuring IBM Security QRadar SIEM

Sometimes it may seem complex, but with the right support everything is easier.
Nothing.

IBM Security QRadar SIEM Support

ProsCons
Quick Resolution
Good followup
Knowledgeable team
Problems get solved
Kept well informed
No escalation required
Immediate help available
Support understands my problem
Support cares about my success
Quick Initial Response
None
Yes we purchased premium support as we need assistance in better understanding the product and how it works.
One time we could not configure the product correctly, and the support helped us better understand where we were going wrong. In addition, the support also explained to us how to correlate logs and detected threats correctly.

Using IBM Security QRadar SIEM

As a grade I give 8 as QRadar is not easy to learn. It requires some time to master it. It also needs a team of people actively working on the product. Once you learn to use it the software works very well and it is easy to correlate and understand detected threats. It only takes time to learn how to use it well and configure it properly.
ProsCons
Like to use
Well integrated
Consistent
Feel confident using
Lots to learn
  • Correlation of threats
  • Collection of logs
  • Dashboard construction
  • Initial configuration

IBM Security QRadar SIEM Reliability

Integrating IBM Security QRadar SIEM

Relationship with IBM

Upgrading IBM Security QRadar SIEM

Comments

More Reviews of IBM Security QRadar SIEM

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. IBM Security QRadar SIEM Reviews
  4. User Review of IBM Security QRadar SIEM