We performed a comparison between IBM Security QRadar and Secureworks Taegis XDR based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The product is very easy to use."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"Technical support is good overall."
"It is a bit easier to use than other products, such as Splunk or ELK Elasticsearch."
"Provided that the report is prebuilt and I can find what I am looking for, the reporting is the most valuable feature in this solution."
"The feature that I find the most useful is that IBM QRadar User Behavior Analytics is free of charge. It's a fully free product that can be installed on top of IBM QRadar SIEM."
"It's hard for me to pinpoint any one feature that's most valuable because it is all about consuming logs and analyzing them. We started using QRadar UBA because we needed something that could analyze Linux authentication information. Other products take care of the Windows platform."
"The simplicity of the solution is the best feature."
"We've found the solution to be scalable."
"The rule engine is very easy to use — very flexible."
"The initial setup was straightforward."
"It's a complete solution package."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"The solution is highly used here in Pakistan and in many sectors, they could improve it by having more SIEM connectors."
"The usability of interfaces could be improved."
"IBM Qradar could improve the reporting. The tool is not designed to report. It's a great operational monitoring tool. You put it on a screen and you watch it. If you want to have analytics out of it, that's a whole different story. You're going to need more people and tools. What should be added is reporting and integration into Power BI, into some capability that produces analytical reports from the source data. IBM does not seem to care to add these features."
"The threat intelligence functionality can be better. In addition, it can have more monitoring capabilities."
"The architecture could be improved. I got stuck for a long time trying to understand the architecture, as it is quite challenging."
"The product does not have a team for investigating malware."
"IBM technical support is always terrible."
"IBM needs to invest more into the collaboration with other vendors."
"The pricing could be improved."
"We found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules."
IBM Security QRadar is ranked 11th in Extended Detection and Response (XDR) with 198 reviews while Secureworks Taegis XDR is ranked 28th in Extended Detection and Response (XDR) with 2 reviews. IBM Security QRadar is rated 8.0, while Secureworks Taegis XDR is rated 6.0. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Secureworks Taegis XDR writes " It's a complete solution package". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Secureworks Taegis XDR is most compared with Cortex XDR by Palo Alto Networks, Wazuh, CrowdStrike Falcon, Microsoft Defender for Cloud and LogRhythm UEBA. See our IBM Security QRadar vs. Secureworks Taegis XDR report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
