We performed a comparison between IBM Security QRadar and LogPoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. LogPoint is noted for its advanced technology and extensive log-collection, parsing, and analysis mechanisms. QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. Reviews suggest LogPoint should improve its dashboard customization, resource efficiency, network hierarchy diagrams, and agent deployment.
Service and Support: Some QRadar customers have had trouble connecting with knowledgeable support staff and experienced delayed responses. LogPoint's customer service receives high marks for its exceptional technical support and responsive engineers, but some users reported delays in receiving help from higher-level support.
Ease of Deployment: QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. The complexity of LogPoint's initial setup can range from complex and time-consuming to fast and easy, depending on the user's experience and the organization’s size.
Pricing: QRadar can be costly because users need to buy new hardware to upgrade. LogPoint's fixed pricing model is seen as cost-effective and competitive.
ROI: QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. LogPoint makes costs more predictable and enables companies to generate revenue through security operation services.
"The price is low and quite competitive with others."
"This is stable and scalable."
"Fortinet is very user-friendly for customers."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"It is stable and scalable."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"It has a logical, user-friendly GUI."
"The features that I have found most valuable in QRadar are its data enrichment, use case creations, and adding references - those kinds of features are very good. Also QRadar's event filtration and device integration are perfect."
"One of the most valuable features of this solution is it has very good data correlation."
"It has improved my efficiency."
"The most valuable feature is the machine learning module."
"It's quite scalable. We have upgraded some solutions from 1000 APS up to 3500 APS to 5000 APS. It's a good solution, they have no scalability issues."
"We've found the solution to be scalable."
"The scalability is good."
"The solution's most valuable aspect is the combination of the software and the support that they have."
"The flexibility of the search feature and the solution's analytics features are the most valuable parts of the solution."
"The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."
"It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them."
"The solution is user-friendly."
"It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline."
"The solution offers excellent reporting features. Our customers have been satisfied that they have been able to meet their compliance needs by giving them a standard report."
"Log collection, dashboards and reporting are good."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The dashboard isn't easy to access and manage."
"Cannot be used on mobile devices with a secure connection."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The solution is not stable."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"FortiEDR can be improved by providing more detailed reporting."
"The only minor concern is occasional interference with desired programs."
"The initial setup was complex, and it took six months."
"Maybe there should be more custom rules in the exchange. Basically, we are using a lot of threat rules, so maybe they'll develop something like that."
"AI is superb but need improvements."
"QRadar's performance has room for improvement because it cannot handle the volume. I need massive amounts of logs from various devices in our existing network architecture. IBM needs to improve QRadar's capacity to handle more logs."
"The user interface needs improvement."
"The interface is very old. IBM should remake it into a more modern interface."
"Pricing model could be more cost-effective."
"Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules."
"LogPoint must find a way to integrate the servers without agents."
"I know that they have user behavior analytics, but it's an extra cost for this feature. It would be nice if it was in with the standard products."
"In terms of functionality, it is very good. The only issue is the documentation. Its documentation should be improved."
"It is a good product, but its interface or GUI could be better."
"Log management could be better because transporting the log from a password to the client system takes time."
"The solution should offer more integrations and third-party solutions like incident response platforms or allow access to third-party big data"
"It is complicated to collect daily logs from other systems."
"One of the downsides is it is not a SaaS solution. It must be on-premises."
IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews while Logpoint is ranked 26th in Security Information and Event Management (SIEM) with 20 reviews. IBM Security QRadar is rated 8.0, while Logpoint is rated 7.4. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Logpoint is most compared with Elastic Security, Rapid7 InsightIDR, Microsoft Sentinel, Wazuh and LogRhythm SIEM. See our IBM Security QRadar vs. Logpoint report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best User Entity Behavior Analytics (UEBA) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.