We performed a comparison between IBM Security QRadar and SolarWinds Security Event Manager based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The analytic rule is the most valuable feature."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"IBM QRadar User Behavior Analytics's most important feature is its ease of use."
"Vulnerability detection is the most valuable feature. It's the tool that finds the threats."
"The scalability is very good. It's not a problem."
"The scalability is awesome, because QRadar includes other solutions in the same console."
"It integrates very easily with other solutions. The solution is flexible. We can add anything to it, as it is a good companion to other tools."
"What I like the most about it is that you can very easily install and configure it. As compared to other SIEM solutions, for which you need to know and do a lot more to prepare your SIEM environment, QRadar is much simpler to install and configure. There are various options in the Admin console. In the Admin tab, you can design dashboards and view various graphs. It has a lot of attractive features, and you don't need to configure everything on your own."
"It has a good integration with the artificial intelligence engine of Watson."
"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
"It supports high availability, which is very helpful."
"It's extremely easy to deploy."
"The graphical user interface is very user-friendly. SolarWinds is a hybrid solution so you can use it across many platforms."
"SolarWinds is easy to configure, and it provides timely alerts."
"The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."
"The most valuable feature is the ease of use for the end user."
"SolarWinds Security Event Manager has been generally working well."
"The AI capabilities must be improved."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"The solution could be more user-friendly; some query languages are required to operate it."
"I think the number one area of improvement for Sentinel would be the cost."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"I'm not sure about the stability just yet. We've observed a few issues and we raised a supporting ticket for it."
"Solution has too many menus that require going to two or three sub-monitors to enter the QRadar."
"What needs to be improved in IBM QRadar User Behavior Analytics is the user experience. It's not optimal. Some screens are a bit clunky. The solution needs to be more user-friendly."
"Do your research before implementing it, because it is tough to implement."
"IBM is going through some problems with its resources currently making its support response time slow."
"I would like to see more integration in place after the security lock."
"GUI needs to be improved."
"There needs to be better integration with other applications."
"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."
"The company had to use a third party for the implementation of the solution."
"There is no correlation made between log entries, so no threat information is presented."
"It is a very technical program. They can simplify it so that it isn't so hard to deal with."
"I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis."
"I would like to have a more customizable dashboard."
"The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow."
"One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install, configure, and maintain."
More SolarWinds Security Event Manager Pricing and Cost Advice →
IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews while SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews. IBM Security QRadar is rated 8.0, while SolarWinds Security Event Manager is rated 7.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Fortinet FortiSIEM, whereas SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, Microsoft Defender XDR, Wazuh and LogRhythm SIEM. See our IBM Security QRadar vs. SolarWinds Security Event Manager report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
