We performed a comparison between IBM Security QRadar and SolarWinds Security Event Manager based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Sentinel pricing is good"
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The machine learning and artificial intelligence on offer are great."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"We have no complaints about the features or functionality."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"It does good correlation for events. It does good general analysis, and it has good apps as well."
"The simplicity of the solution is the best feature."
"IBM has everything you need in a cybersecurity solution. If you want to build a cybersecurity operation center version then I think QRadar is a perfect solution."
"This solution has allowed us to correlate logs from multiple sources."
"Most of the features are good. It is an excellent solution."
"It comes with many rules disabled. You can tune them and modify them according to your enterprise needs and avoid false positives."
"We find predictive analysis capabilities valuable."
"There are a lot of great out-of-the-box features included."
"The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace."
"SolarWinds is easy to configure, and it provides timely alerts."
"The solution helps me to go back in time and search for different events. For example, if you wanted to know who activated an account; you could go back in time and find out."
"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."
"The most valuable feature is the ease of use for the end user."
"SolarWinds Security Event Manager has been generally working well."
"SolarWinds is effective for server, network, and log monitoring. It's also good for IP address management. We also have a patch manager, but we're still working on getting that operational."
"The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."
"One key area that can be improved is by building a strong integration with our XDR platform."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"I would like to see more AI used in processes."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"There are areas in IBM Security QRadar that could benefit from improvement. Its ability to customize knowledge for specific purposes could be enhanced. Also, it lacks clarity in presenting details. It is also difficult to see the reports."
"QRadar log integration of various applications can be a tough job at times. There may be occasions when you will not find any QRadar guide on adding logs of a particular application. Even if you come across one, adding a log process is not an easy one."
"The user interface is a bit clunky, a bit hard to find what you need."
"Search capability and indexing still lag behind competitors. We also need to see improved rule based access controls and rule/event tuning."
"The solution could improve by having more out-of-the-box use cases."
"IMB should reduce the pricing, or reduce some of the features for a more economical solution for the customer."
"The tool is very complicated. One place for improvement would be to have a more user-friendly interface. Having better support in Spanish would be cool."
"They should introduce some automation into the product."
"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."
"The product should improve the ease with which you can create event alerts. They are not as hard now but you need to have an easier way."
"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."
"There is no correlation made between log entries, so no threat information is presented."
"It can be difficult for users who are inexperienced with the solution."
"I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis."
"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."
"We'd like more customization capabilities."
More SolarWinds Security Event Manager Pricing and Cost Advice →
IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews while SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews. IBM Security QRadar is rated 8.0, while SolarWinds Security Event Manager is rated 7.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Fortinet FortiSIEM, whereas SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, Microsoft Defender XDR, Wazuh and LogRhythm SIEM. See our IBM Security QRadar vs. SolarWinds Security Event Manager report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
