We performed a comparison between IBM Security QRadar and Rapid7 InsightOps based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."QRadar, Splunk, and ArcSight are SIEM solutions with built-in AI/ML features. They can do the complete investigation and alert the admin about what is happening. They can also do the root cause analysis. There are many other features that come with QRadar. It has a more granular log, so you can integrate with various non-IT as well as IT-based components. You can get unstructured data to the SIEM data, and you can identify more what is happening in the network or what is happening in the central head office. You can also identify what is happening between your remote offices. You can also use it to identify what the users in the field are doing on their devices and how things are moving. From the integration point of view, it is very centric. It gives complete control centrally. If a user is not connected to the system, whenever he comes online, we can see the policy updates over the Internet, and we can ensure that the data that is supposed to be protected is protected."
"This solution has allowed us to correlate logs from multiple sources."
"The solution is reliable."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"The support is very good. We get support whenever we need it. Sometimes they respond immediately and sometimes it will be within 24 hours. We can ask them to please do it right away and they can get a request done within an hour or two."
"It is a scalable solution."
"The most valuable features would have to be the products' ability to customize vulnerability management settings."
"One of the most valuable features of this solution is it has very good data correlation."
"We can save logs as plain text."
"The most valuable feature of Rapid7 InsightOps is the search functionality."
"It has the ability to alert and track logs from different sources."
"Integration of InsightOps with other tools, especially SIEM solutions, has generally improved operational efficiency."
"The ability to browse logs from multiple sources at the same time really speeds up root cause analysis."
"We have had problems with networking."
"The user interface and configurability of IBM QRadar User Behavior Analytics can be improved. It has a lot of pre-configured settings and not many things can be changed. It also needs more integrations. Currently, User Behavior Analytics is integrated only with IBM QRadar. It could have deeper integrations. It can also have more complicated scoring models. Currently, it has a very simple linear scoring model for users."
"From a functionality point of view there are issues sometimes."
"In a future release, the solution could provide malware analysis."
"The solution is clunky."
"I would like for Yara to be supported by all components."
"I'd like them to improve the offense. When QRadar detects something, it creates what it calls offenses. So, it has a rudimentary ticketing system inside of it. This is the same interface that was there when I started using it 12 years ago. It just has not been improved. They do allow integration with IBM Resilient, but IBM Resilient is grotesquely expensive. The most effective integration that IBM offers today is with IBM Resilient, which is an instant response platform. It is a very good platform, but it is very expensive. They really should do something with the offense handling because it is very difficult to scale, and it has limitations. The maximum number of offenses that it can carry is 16K. After 16K, you have to flush your offenses out. So, it is all or nothing. You lose all your offenses up until that point in time, and you don't have any history within the offense list of older events. If you're dealing with multiple customers, this becomes problematic. That's why you need to use another product to do the actual ticketing. If you wanted the ticket existence, you would normally interface with ServiceNow, SolarWinds, or some other product like that."
"I'm not sure about the stability just yet. We've observed a few issues and we raised a supporting ticket for it."
"There are a few things I would like to do with a few more complex queries which I am not able to do right now, because it is a SaaS solution."
"Since I used the beta, improvements are to be expected. The dashboard options could have been clearer, but I believe it is more a problem with the limited documentation available at the time."
"Rapid7 InsightOps could improve by making the search query better. There are times when the search query is broken and it does not find anything."
"The solution takes a little bit of time when we load the website for the first time."
"Improvement is needed in the dashboard of InsightOps, especially for less technical users."
IBM Security QRadar is ranked 6th in Log Management with 198 reviews while Rapid7 InsightOps is ranked 36th in Log Management with 9 reviews. IBM Security QRadar is rated 8.0, while Rapid7 InsightOps is rated 8.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Rapid7 InsightOps writes "Useful search functionality, easy to use, and reliable". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Rapid7 InsightOps is most compared with Wazuh, Datadog, New Relic, Dynatrace and DNIF HYPERCLOUD. See our IBM Security QRadar vs. Rapid7 InsightOps report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.