We performed a comparison between IBM Security QRadar and Varonis Datalert based on real PeerSpot user reviews.
Find out what your peers are saying about IBM, Splunk, Rapid7 and others in User Entity Behavior Analytics (UEBA)."This is a distributed application, meaning that a customer can stack small and then scale it so that they can expand pretty effectively. You can use, basically, the same product in an SMB or a large enterprise."
"The most valuable features would have to be the products' ability to customize vulnerability management settings."
"The timeline and machine learning features are great."
"Search capabilities are sufficient for most tasks."
"QRadar shows very effective correlations. If you combine all the logins plus user behavior and the current intelligence, it gives a very good correlation for business. I think it reduces the false positives in user activity monitoring because there is a lot of social information to correlate with other data."
"Senses, tracks, and links significant incidents and threats."
"It has a lot of good correlation rules. From a customer's point of view, it is one of the best solutions because you don't need to create correlation rules from scratch. You just review them and customize them as you want."
"The threat hunting capabilities in general are great."
"The analytics would have to be our most valuable feature."
"The 24/7 support is the most valuable feature. They have been able to answer support questions pretty quickly."
"It can easily identify unusual behavior or access patterns that may pose a potential threat, while operating as a unified reporting system."
"On the Varonis side, technical support is phenomenal. Their ability to explain is very good, and they seem to be very knowledgeable. When I get an alert that doesn't quite make sense, they dive in there and kind of take me through it. That's very useful and very good. There are some false alerts, but it is better to have a false alert than no alert at all."
"The telemetry to capture everything and the reports are very easy to configure without having a developer degree."
"That alerting and reporting service is great."
"I would also like to see more integration with other vendors. IBM doesn't integrate well with products from China, like Huawei. Many Middle Eastern customers are switching to Huawei from American vendors like Cisco because of the price. In most RFPs, Huawei wins because it costs less."
"The dashboards are all legacy and old."
"The custom rules could be simplified more or it should be possible to use a different language, other than the ones that the solution is already using. They should add other languages into the mix."
"There could be better integration with the solution."
"I have also been working with other SIEM solutions, and I have observed that they have extensive Linux-based and Unix-based integrations. They have been able to support some of the Linux-based agents, which is useful to investigate and process the information on the Linux and Unix side."
"They should speed up the incident response and also, at the same time, reduce the amount of manual effort that is required."
"IBM Security QRadar lacks automated response. With this feature, there's no need to visit VirusTotal or other sites for IP reputation. There should be a small plug-in where users can click to retrieve details about the reputation and organization of public IP."
"The implementation and configuration are not easy."
"I'd like to see automatic updates for this solution. Currently, it's a manual process to update all the keywords"
"It is significantly complex."
"We have Microsoft Office 365. I just saw an article today which says that they're actually getting integrated with Microsoft Office 365, which would be a useful feature. For user-based reports, log on activity, and stuff like that, it doesn't seem to really be present like Log360. That could just be my inexperience with it. I've been dealing with it for only about two and a half months."
"The GUI should be more functional. There should be a process for connecting through Chrome, Internet Explorer, etc."
"I would like it to have cloud integration."
"For unstructured data monitoring, it's one of the top ones, if not the top one, due to its usability."
IBM Security QRadar is ranked 1st in User Entity Behavior Analytics (UEBA) with 198 reviews while Varonis Datalert is ranked 8th in User Entity Behavior Analytics (UEBA) with 6 reviews. IBM Security QRadar is rated 8.0, while Varonis Datalert is rated 8.6. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Varonis Datalert writes "Offers the ability to identify sensitive areas, allowing you to drill down into the sensitive data". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Varonis Datalert is most compared with Splunk User Behavior Analytics, Microsoft Defender for Identity, Exabeam Fusion SIEM and Rapid7 InsightIDR.
See our list of best User Entity Behavior Analytics (UEBA) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.