We performed a comparison between Cortex XSIAM and IBM Security QRadar based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, CrowdStrike, Securonix Solutions and others in Identity Threat Detection and Response (ITDR)."It is an effective solution in terms of performance and functionalities."
"Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program."
"It operates on a single, extensive database which enables it to excel in detecting threats and anomalies across the network and endpoints, delivering a highly effective and comprehensive security solution."
"The most valuable features of Cortex XSIAM are the machine learning used to identify threats, the complexity of the environment of products, and efficiency."
"It has very rich functionality."
"I have used IBM QRadar User Behavior Analytics in a Cloud Pak on Amazon, and there it runs on top of it and is easy to assess. Additionally, I have installed processes and characters."
"There are other third-party plugins that we can use."
"No doubt about it, the solution is extremely stable."
"IBM QRadar User Behavior Analytics has easy architecture, has a good portfolio and integration."
"The most valuable thing about QRadar is that you have a single window into your network, SIEM, network flows, and risk management of your assets. If you use Splunk, for instance, then you still need a full packet capture solution, whereas the full packet capture solution is integrated within QRadar. Its application ecosystem makes it very powerful in terms of doing analysis."
"The features that I have found most valuable are that it is very stable, easy to get going, and easy to manage. It is also easy to review all incidents."
"We are using the platform version, which I like."
"The platform isn't very developer-friendly and it should provide more flexibility and ease."
"The support could be a bit faster."
"The solution’s pricing and technical support could be improved."
"Further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous."
"Maybe there should be more custom rules in the exchange. Basically, we are using a lot of threat rules, so maybe they'll develop something like that."
"QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month."
"There are reports that I would like to generate that are either not included, or I cannot find."
"The quality of technical support depends on the IBM support person. Sometimes, it's hard to get the right person on the other side. A ticket coordinator could be the key to better quality delivery."
"When it comes to what could be better, it is always what others are trying to do and what is the roadmap. It can have more integration. It should have more flexible RESTful APIs for integration with applications. These are the things that are always in demand for any of the SIEM solutions, not only for QRadar. Integration is ever-evolving. Nowadays, different versions of mobile handsets are there and data is getting scattered. Users are using their personal handsets to keep the data of the organization. So, it should have a more flexible integration, irrespective of the flavor of the firmware and iOS or Android version. It should have an API that can seamlessly get integrated. It should also provide more flexible control and a more advanced or analytical view to see what exactly is happening across the globe or network. From wherever a user is connecting and accessing the enterprise data, it should give real-time visibility and predictive visibility about what exactly is happening. These things are already there, but there should be more advanced control in terms of managing the security."
"IBM QRadar User Behavior Analytics could improve machine learning use cases because they are limited and most of the use cases are rule-based. They should develop more use cases, such as in Securonix or Exabeam because they will detect a threat. Using machine learning is mainly on the correlation rules, but if you think about Exabeam or Securonix, they detect using machine learning or machine learning-based algorithms."
"QRadar needs to be more specialized, along the lines of what other SIEM solutions are."
"In a future release, the solution could provide malware analysis."
Cortex XSIAM is ranked 7th in Identity Threat Detection and Response (ITDR) with 4 reviews while IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews. Cortex XSIAM is rated 9.0, while IBM Security QRadar is rated 8.0. The top reviewer of Cortex XSIAM writes "A robust security operation that ensures achieving automation, stability, and scalability". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Cortex XSIAM is most compared with Palo Alto Networks Cortex XSOAR, Microsoft Sentinel, Splunk SOAR, CrowdStrike Falcon and Exabeam Fusion SIEM, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and ArcSight Logger.
We monitor all Identity Threat Detection and Response (ITDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.