We performed a comparison between IBM Security QRadar and SolarWinds Security Event Manager based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The main benefit is the ease of integration."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"It is a pretty solid product for the type that it is representing. It is a CM solution as compared to Splunk or ArcSight from HP. It is also user friendly. It comes with some internal AI as well, in which it automatically maps multiple lots from unrelated devices and makes a smart decision to link them back and create an offense based on that. It is a smart tool."
"The feature that I have found most valuable is its artificial intelligence component, Watson. Its contribution is pretty good from a machine-learning artificial intelligence perspective. This compliments the orchestration automation component, as well."
"The solution is relatively easy to use."
"The most valuable features of IBM Security QRadar are flexibility, IBM support, and scalability."
"The tool helps with infrastructure, application, and network monitoring."
"The most valuable features are the versatility of this solution and the variety of things you can do with it."
"QRadar shows very effective correlations. If you combine all the logins plus user behavior and the current intelligence, it gives a very good correlation for business. I think it reduces the false positives in user activity monitoring because there is a lot of social information to correlate with other data."
"I have used IBM QRadar User Behavior Analytics in a Cloud Pak on Amazon, and there it runs on top of it and is easy to assess. Additionally, I have installed processes and characters."
"SolarWinds' stability is fine. I don't think we've had any software issues."
"SolarWinds is easy to configure, and it provides timely alerts."
"SolarWinds Security Event Manager has been generally working well."
"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."
"It supports high availability, which is very helpful."
"The most valuable feature of this solution is the visibility into both attempted and failed logins."
"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
"The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"Sentinel's reporting is complex and can be more user-friendly."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"The playbook is a bit difficult and could be improved."
"The only thing is sometimes you can have a false positive."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"I would like the rule creation interface to be much more user-friendly in the next release."
"They need to improve their threat intelligence feed and they need to improve their user behavior analytics modules."
"The dashboard is pathetic and it takes a long time to perform a search."
"The solution lacks some maturity."
"Some of the cloud apps need improvement."
"The IBM support can be better."
"Right now, if you look at the compatibility, if you need to deploy QRadar in a physical appliance you have only two choices of server, their own or a Lenovo server. In today's world, you cannot keep something tied to such a big brand. Clients want to be able to use whatever type of server they want."
"This solution is on-premise and many customers are moving to the cloud base solution."
"The company had to use a third party for the implementation of the solution."
"There are no multiple dashboards which would allow you to see information side-by-side."
"I don't think SolarWinds is scalable enough. It is somewhat limited when I need to deploy it across multiple environments in a distributed architecture."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
"It can be difficult for users who are inexperienced with the solution."
"I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis."
"The only issue is the pricetag. SolarWinds is a costly solution."
"One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install, configure, and maintain."
More SolarWinds Security Event Manager Pricing and Cost Advice →
IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews while SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews. IBM Security QRadar is rated 8.0, while SolarWinds Security Event Manager is rated 7.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Fortinet FortiSIEM, whereas SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, Wazuh, Microsoft Defender XDR and LogRhythm SIEM. See our IBM Security QRadar vs. SolarWinds Security Event Manager report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.