We performed a comparison between IBM Security QRadar and Secureworks Taegis ManagedXDR based on real PeerSpot user reviews.
Find out in this report how the two Managed Detection and Response (MDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."
"The case interface is Binary Defense MDR's most valuable feature."
"The most valuable feature is reviewing tickets and the notes added by technicians."
"The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."
"One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."
"The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."
"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."
"Binary Defense has a human service department that provides live monitoring for our systems."
"The feature that I have found most valuable is its artificial intelligence component, Watson. Its contribution is pretty good from a machine-learning artificial intelligence perspective. This compliments the orchestration automation component, as well."
"QRadar, Splunk, and ArcSight are SIEM solutions with built-in AI/ML features. They can do the complete investigation and alert the admin about what is happening. They can also do the root cause analysis. There are many other features that come with QRadar. It has a more granular log, so you can integrate with various non-IT as well as IT-based components. You can get unstructured data to the SIEM data, and you can identify more what is happening in the network or what is happening in the central head office. You can also identify what is happening between your remote offices. You can also use it to identify what the users in the field are doing on their devices and how things are moving. From the integration point of view, it is very centric. It gives complete control centrally. If a user is not connected to the system, whenever he comes online, we can see the policy updates over the Internet, and we can ensure that the data that is supposed to be protected is protected."
"The solution is flexible and easy to use."
"Provided that the report is prebuilt and I can find what I am looking for, the reporting is the most valuable feature in this solution."
"One very useful feature is the plug-in offering that allows you to integrate it with other solutions, such as integrating it with plug-ins like Scout, Carbon Black, and the rest."
"This is a distributed application, meaning that a customer can stack small and then scale it so that they can expand pretty effectively. You can use, basically, the same product in an SMB or a large enterprise."
"It comes with many rules disabled. You can tune them and modify them according to your enterprise needs and avoid false positives."
"It is a bit easier to use than other products, such as Splunk or ELK Elasticsearch."
"There are some patent pending detectors within the platform that provides a lot of value."
"The most valuable features are IDS and IPS."
"The most valuable feature is the fast alerting and response time."
"Securworks' threat intel seems pretty decent, and they integrate with several solutions we have, such as Azure AD, so all our Microsoft 365 stuff is covered."
"We don't have a full SOC, so it's helpful to have them sifting through our alerts and only bringing actionable items to us."
"This solution gathers the information logs from all devices and correlates all the information. It notifies us of any critical events taking place across our networks which has been valuable."
"It provides more visibility and more control over endpoints. It reduces the noise. It clears things and only shows things that are really important. It only shows those things that need to be looked at or need to be investigated further. Other similar solutions give you a lot of alerts and other things, but Secureworks gives you a defined or less noisy view so that you can work or focus on things that are important in terms of investigation, response, and remediation."
"We can easily isolate affected machines in the network."
"It's hard to think of anything that they need to improve on, but just to point out something, I would like to see them provide advanced XDR."
"It's sometimes difficult to know when to engage Binary Defense or TrustedSec, their sister company. TrustedSec is more focused on offensive security, as opposed to the defensive security that the MDR solution provides. It would be awesome if there were a better bridge between that relationship for when we need to get more proactive services or when we need to do a penetration test."
"Binary Defense MDR could be even better with additional features, like automatic scans and file quarantine."
"The only area I see for improvement with Binary Defense is their service portal. It could benefit from some enhancements."
"I would like to see more frequent check-ins with our security status."
"The current reporting system could benefit from improvement."
"We found a couple of bugs in the user interface."
"We should be able to isolate devices faster. They should shorten the time between clicking on a device to contain it and carrying out the action. That would be a welcome improvement."
"The solution should include remote action capabilities."
"The quality of technical support depends on the IBM support person. Sometimes, it's hard to get the right person on the other side. A ticket coordinator could be the key to better quality delivery."
"I would like to see some artificial intelligence and alternative solutions."
"There should be more opportunity for community kind of distribution where, for example, if there was a zero-day threat targeting companies."
"The reporting system could use some upgrading."
"Right now, if you look at the compatibility, if you need to deploy QRadar in a physical appliance you have only two choices of server, their own or a Lenovo server. In today's world, you cannot keep something tied to such a big brand. Clients want to be able to use whatever type of server they want."
"Pricing model could be more cost-effective."
"It needs more resilience and functionality."
"In the next release of this solution, I would like to see file integrity monitoring."
"We did a PoC of their next-gen antivirus product, but it wasn't ready yet. It was underdeveloped and caused a lot of issues. We'd like to move away from Carbon Black, but they said that it's probably still not to a point where we'd be happy with it. Carbon Black and RedCloak seem to work fine for us."
"The deployment could definitely be improved."
"The integration with the Carbon Black sensor could be better. ManagedXDR doesn't seem to know how to extract the forensic data from an endpoint that was quarantined by Carbon Black."
"Dell Secureworks could improve its integration with other third-party solutions."
"It would be nice if the solution were a little more affordable."
"This solution could be improved with a higher degree of automation such as automated emails, triggers and defining the severity of the cases."
"Tamper-proofing or tamper protection is still pending in Secureworks. Tamper protection will make it more secure. If I'm an admin of a device, I can uninstall an agent without the knowledge of the security or Secureworks admin. If someone gets hold of one endpoint with admin credentials, he can remove anything, and an organization will lose visibility. They need to work on providing more visibility across endpoints. A couple of times it has happened that the cloak agent is there, but it did not get activated, or there were some issues. The machine was restarted, but the cloak agent didn't run. In such cases, you have to troubleshoot. It is a big issue if a cyber attack is happening, and your machine is rebooted, but the events are not captured."
More Secureworks Taegis ManagedXDR Pricing and Cost Advice →
IBM Security QRadar is ranked 10th in Managed Detection and Response (MDR) with 198 reviews while Secureworks Taegis ManagedXDR is ranked 8th in Managed Detection and Response (MDR) with 13 reviews. IBM Security QRadar is rated 8.0, while Secureworks Taegis ManagedXDR is rated 7.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Secureworks Taegis ManagedXDR writes "Offers proactive threat hunting and actively examines our environment". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Secureworks Taegis ManagedXDR is most compared with CrowdStrike Falcon Complete, SentinelOne Vigilance, Rapid7 MDR, Arctic Wolf Managed Detection and Response and EY MDR. See our IBM Security QRadar vs. Secureworks Taegis ManagedXDR report.
See our list of best Managed Detection and Response (MDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.