Reliable and Open-Ended One-For-All Solution to fulfill any Orchestration and Automation Need
April 01, 2024
Reliable and Open-Ended One-For-All Solution to fulfill any Orchestration and Automation Need
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with IBM Security QRadar SOAR
We are using the solution for network & security needs. For SOC side, we use the power of IBM Security QRadar SOAR to enrich alerts, prioritize alerts and correlate incidents. This helps us present related alerts in a unified dashboard thus reduces noise and saves us time.
Other than presenting alerts, the automated playbooks approach to trigger actions regarding the output of the playbook, such as blocking an IP address on your DDoS device, quarantining a file hash on your firewall or your ips device, blocking spam/malicious domains on your email security device and automating many of the daily tasks to ensure and enhance security has never been easier.
The most important issue at anywhere is manpower at the moment and with IBM Security QRadar SOAR, while we reduce MTTR to alerts, we also reduced the required manpower and manual labor which is a win-win on the long run.
Other than presenting alerts, the automated playbooks approach to trigger actions regarding the output of the playbook, such as blocking an IP address on your DDoS device, quarantining a file hash on your firewall or your ips device, blocking spam/malicious domains on your email security device and automating many of the daily tasks to ensure and enhance security has never been easier.
The most important issue at anywhere is manpower at the moment and with IBM Security QRadar SOAR, while we reduce MTTR to alerts, we also reduced the required manpower and manual labor which is a win-win on the long run.
- The solution is really easy to integrate with other technologies.
- You can customize any kind of integration as long as you have the programming knowledge.
- The platform has user-friendly interface and requires without extensive training.
- There is a learning curve. Extensive training is not essential but some form of training is must have to use.
- While python language is the solution to all automation needs, for a big company like IBM, I expect one out-of-box integration a day. Being able to do it, does not mean every customer around the world should write it from scratch. Application library is limited
- The user interfaces and ease-of-use of the solution should evolve every day. It needs to become a solution where a newcomer to the solution can do nearly everything within 2 weeks, without relying on anyone or anything.
- Due to automation on network security, we managed to reduce operational costs by %20 on a team of 20 administrators. Now automation does the job and they maintain it
- SLA on responsive security control changes improved drastically. We eliminated the middle man for the operation which for each record, the time-wait was around 2 hours.
- Required expertise on every other solution has decreased since automation is handling every other required operation on the devices. Users do not need to log in to different solutions and make manual changes anymore.
The elasticity of the IBM Security QRadar SOAR solution is what had driven us. We knew that the solution would require nurturing, training over the personnel but once the initial road blocks were destroyed, we went going faster. The other solutions lacked this elasticity, meaning we did not want to work with the things that were given to us but we wanted to make our own playground. We found IBM solution is the only one to provide this answer seamlessly. Also ease-of-integration and native integration with IBM SIEM is another factor of choose on our part.
Do you think IBM Security QRadar SOAR delivers good value for the price?
Yes
Are you happy with IBM Security QRadar SOAR's feature set?
Yes
Did IBM Security QRadar SOAR live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of IBM Security QRadar SOAR go as expected?
Yes
Would you buy IBM Security QRadar SOAR again?
Yes