We performed a comparison between IBM Security QRadar and Sophos MDR based on real PeerSpot user reviews.
Find out in this report how the two Managed Detection and Response (MDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The customization has been the most valuable aspect and was really the reason we ended up selecting Binary Defense. They worked with us to provide exactly the level of support, features, response, and collaboration we needed."
"The case interface is Binary Defense MDR's most valuable feature."
"The most valuable features are the SIEM and the ticketing function; the latter is very smooth and easy to read and understand. We don't have any issues looking at the ticketing information when we're trying to identify what's going on."
"One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."
"Binary Defense's most valuable feature is the 24/7 monitoring and threat hunting. Their team checks the latest breaches and how they're done."
"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."
"The best part about Binary Defense MDR is that it runs on everything, and they keep an eye on things 24/7."
"The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."
"It is very stable. We have not faced interruptions in the past four and a half years."
"IBM has everything you need in a cybersecurity solution. If you want to build a cybersecurity operation center version then I think QRadar is a perfect solution."
"The tool helps with infrastructure, application, and network monitoring."
"QRadar UBA's most valuable feature is the risk rating of users depending on their behavior."
"It's a state-of-the-art product for security information and event management (SIEM)."
"I have used IBM QRadar User Behavior Analytics in a Cloud Pak on Amazon, and there it runs on top of it and is easy to assess. Additionally, I have installed processes and characters."
"The most valuable feature is the machine learning module."
"It can analyze event logs, event security, and give a good consult."
"The product’s most valuable feature is rapid response."
"The authentication it offers minimizes the risk of access."
"The solution is stable."
"It is stable and scalable. It has good technical support."
"The product’s most valuable features are integration and endpoint protection."
"Sophos MTR will stop the threat as it is happening. Intercept X, which is a part of it, has the ability to roll back, so the attack is undone. And then the advanced edition of MTR lets me handle the threat by talking on the phone. I don't have to deal with it. I don't have to just go through emails back and forth. We don't have to pay extra for Rapid Response services. If something is happening, they're right on top of it."
"There is a feature called XDR Central. With this, Sophos can connect to third-party security solutions."
"The product’s most valuable feature is ease of use."
"We found a couple of bugs in the user interface."
"It's hard to think of anything that they need to improve on, but just to point out something, I would like to see them provide advanced XDR."
"It's sometimes difficult to know when to engage Binary Defense or TrustedSec, their sister company. TrustedSec is more focused on offensive security, as opposed to the defensive security that the MDR solution provides. It would be awesome if there were a better bridge between that relationship for when we need to get more proactive services or when we need to do a penetration test."
"I would like to get more reports from Binary Defense about what they're blocking."
"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."
"We should be able to isolate devices faster. They should shorten the time between clicking on a device to contain it and carrying out the action. That would be a welcome improvement."
"I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine."
"The current reporting system could benefit from improvement."
"I would like to see some artificial intelligence and alternative solutions."
"It would be better if it were more stable and more secure. The price for maintenance could be better. It's too high. In the next release, I think they should focus on the price and the operation."
"There could be improvements made to the UI, the user interface. Though the newer version, 7.3.2, might already have this improvement in place."
"The modularity could be improved."
"The threat intelligence functionality can be better. In addition, it can have more monitoring capabilities."
"The product is good, but one feature they should have is an Elasticsearch. Currently, in QRadar, there are no Elasticsearch criteria."
"It needs more resilience and functionality."
"I have noticed the interface has room for improvement."
"Sophos MDR's support and basic training of their devices could be improved."
"It could be more secure."
"Once in a great while, an update fails."
"It is a bit expensive. It could be cheaper. There are many competitive products in the market, like Kaspersky, McAfee Antivirus, and more."
"Threat intelligence is an area for improvement for MDR."
"Its technical support could be better."
"Multitenancy features of Sophos Managed Threat Response should be improved. You cannot use the solution for multiple clients."
"The technical team for Sophos MDR is not so good since they take a long time, like a week, to provide a solution to a simple case or problem we face in our company."
IBM Security QRadar is ranked 10th in Managed Detection and Response (MDR) with 198 reviews while Sophos MDR is ranked 5th in Managed Detection and Response (MDR) with 22 reviews. IBM Security QRadar is rated 8.0, while Sophos MDR is rated 8.6. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Sophos MDR writes "Proactive protection, scalability, and cloud-based efficiency". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Sophos MDR is most compared with CrowdStrike Falcon Complete, SentinelOne Vigilance, Arctic Wolf Managed Detection and Response, Trend Micro Managed XDR and Bitdefender MDR. See our IBM Security QRadar vs. Sophos MDR report.
See our list of best Managed Detection and Response (MDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.