We performed a comparison between IBM Security QRadar and Datadog based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Datadog users like its customizable displays, error tracking, and advanced AI/ML capabilities. QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. Datadog could enhance its usability and reduce its learning curve. Users said integration was another pain point.
Service and Support: Some QRadar customers have had trouble connecting with knowledgeable support staff and experienced delayed responses. While many users spoke highly of Datadog’s support team, others reported slow support, especially in the Asia-Pacific region.
Ease of Deployment: QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Datadog’s setup is considered straightforward, and users often receive help from a partner or vendor.
Pricing: QRadar can be costly because users need to buy new hardware to upgrade. Opinions about Datadog's price are divided. Some users found it costly, but others thought it was acceptable. Some said the pricing model could be clearer and better explained.
ROI: QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. Users said Datadog saved them time and improved visibility into security blind spots.
"Having a wealth of information has helped us investigate outages, and having historical data helps us tune our system."
"The infrastructure monitoring capabilities are really valuable. You can just log on and see everything that is happening within an IT environment."
"We have a better grasp of what is occurring during the deployment cycle. If something fails, we have an idea what has failed, where it has failed, and how it failed to better mitigate the situation."
"The most valuable features of Datadog are the flexibility and additional features when compared to other solutions, such as AppDynamics and Dynatrace. Some of the features include AI and ML capabilities and cloud and analysis monitoring"
"I find the greatest feature is being able to search across logs from various microservices."
"The ingestion points are unlimited and support customization. We haven't had anything yet that we haven't been able to integrate with it."
"By moving to Datadog, we did not need to manage our own monitoring infrastructure anymore."
"It has a high-level insight into the infrastructure model of the application and provides important detailed data on the host and metrics, which is the main concern of our customers."
"What I like the most about it is that you can very easily install and configure it. As compared to other SIEM solutions, for which you need to know and do a lot more to prepare your SIEM environment, QRadar is much simpler to install and configure. There are various options in the Admin console. In the Admin tab, you can design dashboards and view various graphs. It has a lot of attractive features, and you don't need to configure everything on your own."
"The feature that I have found most valuable is how it monitors the real network. That is its leading security feature."
"The most valuable features are log monitoring, easy-to-fix issues, and problem-solving."
"Most of the features are good. It is an excellent solution."
"It has a lot of good correlation rules. From a customer's point of view, it is one of the best solutions because you don't need to create correlation rules from scratch. You just review them and customize them as you want."
"I have found IBM QRadar to be stable."
"One of the most valuable features of this solution is it has very good data correlation."
"The QNI feature is the one I am very interested in, and I have also been interested in Watson. From the log analysis and the security perspective, we are able to dive deep into any of the logs and anomalies."
"It lacks consistency in the APIs."
"We would like to see some versioning system for the Synthetic Tests so that we could have a backup of our tests since they are time-consuming to make and very easy to damage in a moment of error."
"We need to learn more about the session reply feature inside of DD."
"Datadog could improve the flexibility with AI and ML concepts. This will allow customers to be more leveraged towards publishing."
"Once agents are connected to the Datadog portal, we should be able to upgrade them quickly."
"The ease of implementation needs improvement."
"It is very difficult to make the solutions fit perfectly for large organizations, especially in terms of high cardinality objects and multi-tenancy, where the data needs to be rolled up to a summarized level while maintaining its individual data granularity and identifiers."
"I'm not sure what kind of features are in the roadmap right now, but I encourage the development of features for defining your organization, and allowing the visibility of what kind of metrics you can get. Those features would be really useful for us."
"You can scale IBM QRadar User Behavior Analytics, but it has room for improvement."
"It doesn't have a SOAR system by default. You need to purchase it additionally, which is the main problem with QRadar."
"There is a lot of manual configuration required in order for the product to run smoothly, and I think that it could be made more automatic."
"The only challenge with products like IBM is the EPS. You just have to be really on the events per second, as that's where the cost factor becomes a huge issue."
"IBM is going through some problems with its resources currently making its support response time slow."
"Right now, if you look at the compatibility, if you need to deploy QRadar in a physical appliance you have only two choices of server, their own or a Lenovo server. In today's world, you cannot keep something tied to such a big brand. Clients want to be able to use whatever type of server they want."
"In terms of additional features, a mobile app would be nice. Also, the reporting is definitely okay, but you have to make sure that everybody with different roles can understand it. There is room for improvement in the reporting."
"The solution could improve by having more out-of-the-box use cases."
Datadog is ranked 3rd in Log Management with 137 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Datadog is rated 8.6, while IBM Security QRadar is rated 8.0. The top reviewer of Datadog writes "Very good RUM, synthetics, and infrastructure host maps". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Datadog is most compared with Dynatrace, Azure Monitor, New Relic, AWS X-Ray and Elastic Observability, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Google Chronicle Suite. See our Datadog vs. IBM Security QRadar report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.