We performed a comparison between IBM Security QRadar and Kaspersky Endpoint Detection and Response Expert based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"NGAV and EDR features are outstanding."
"Fortinet is very user-friendly for customers."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The setup is pretty simple."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"IBM QRadar is great help from its security event monitoring to data center and NOC troubleshooting of issues hard for other departments to spot."
"The correlation and the parsing are important features, since it is very important for a SIEM to have a good scalability and performance."
"The interface is good."
"It has a good integration with the artificial intelligence engine of Watson."
"The most valuable aspect of the solution is the integration capabilities on offer."
"One of the most valuable features is its ability to integrate with other solutions. IBM has a lot of solutions and we have managed to make it work with IBM BigFix and MaaS360, and even Microsoft."
"The most valuable features are the AI assistant, which is good at detecting known types of behavior."
"QRadar, Splunk, and ArcSight are SIEM solutions with built-in AI/ML features. They can do the complete investigation and alert the admin about what is happening. They can also do the root cause analysis. There are many other features that come with QRadar. It has a more granular log, so you can integrate with various non-IT as well as IT-based components. You can get unstructured data to the SIEM data, and you can identify more what is happening in the network or what is happening in the central head office. You can also identify what is happening between your remote offices. You can also use it to identify what the users in the field are doing on their devices and how things are moving. From the integration point of view, it is very centric. It gives complete control centrally. If a user is not connected to the system, whenever he comes online, we can see the policy updates over the Internet, and we can ensure that the data that is supposed to be protected is protected."
"The solution is scalable."
"I like the tool’s response to malware and trojans."
"Version 14.0 comes with an SQL database, which gives great flexibility on control, reviewing logs, and viewing history."
"We can scale the solution."
"EDR's most valuable feature is its basic protection from malware and viruses."
"The most valuable features are the reports."
"Kaspersky Endpoint Detection and Response Expert offers centralized monitoring where we can monitor everything from a single point. I also like its security and network traffic features."
"We've found the solution to be stable."
More Kaspersky Endpoint Detection and Response Expert Pros →
"The dashboard isn't easy to access and manage."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The solution is not stable."
"Detections could be improved."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The solution is not user-friendly."
"I haven't seen the use of AI in the solution."
"It is very difficult to activate all of the network equipment, and it would help if it were made easier."
"For the common needs of clients to fulfill requirements, a real integration with Blueworks Live (BPA modeling tool also from IBM) and a more suitable BPM on cloud solution for midsize customers."
"The playbook guide which specifies the rules for security use cases needs to be provided to support in case the organization needs help."
"In terms of what could be improved, I would say the script which we have to create for custom actions. QRadar needs to improve that feature. Additionally, QRadar has to provide the playbooks designing features."
"There should be easier and wider integration opportunities. There should be more opportunities for integration with CTI info sharing areas. On platforms where you exchange CTI, there should be more visibility connected to what we share, what we can reach, or what options are connected to CTI info sharing. This is one area where they could add value because we cannot integrate it easily with QRadar. If a client has a legacy or already existing solutions for CTI, we cannot ask them to forget it because we cannot guarantee that QRadar is able to deliver everything connected to this area."
"The biggest problem was built on top of the QRadar in the executive operations center network. The integration was not using the network security specialist properly, and all the incidents were inferior with QRadar. Its compatibility is not really good."
"The features that could be improved include the licensing model and the dashboards and all those presentations. Overall, the user experience part can be improved."
"The interface is very old. IBM should remake it into a more modern interface."
"It is not easy to follow the kill chain of a potential infection or malware."
"We'd like more integrations to be available in the future."
"The technical support team should respond in a more timely manner."
"Kaspersky Endpoint Detection and Response is very heavy on the system resources. It uses a lot of memory and the system can become slow."
"Kaspersky EDR lacks protection from recent ransomware."
"Kaspersky Endpoint Detection and Response should continue to improve its protection while adapting to the changing threat ecosystems. Having more advanced features would be a benefit."
"Kaspersky EDR currently has limited OS support. They only focus on Windows Server and Windows. Kaspersky recently released a Linux version, but it's rudimentary. It does not have any advanced features available on Windows platforms. They should increase their footprint on the Linux side and support other operating systems on the market, like MacOS."
"There is a problem with the solution, it came from Russia and we are looking for a replacement."
More Kaspersky Endpoint Detection and Response Expert Cons →
More Kaspersky Endpoint Detection and Response Expert Pricing and Cost Advice →
IBM Security QRadar is ranked 20th in Endpoint Detection and Response (EDR) with 198 reviews while Kaspersky Endpoint Detection and Response Expert is ranked 17th in Endpoint Detection and Response (EDR) with 44 reviews. IBM Security QRadar is rated 8.0, while Kaspersky Endpoint Detection and Response Expert is rated 8.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Kaspersky Endpoint Detection and Response Expert writes "Solid security and performance; overall a useful tool". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Kaspersky Endpoint Detection and Response Expert is most compared with Trend Vision One, Microsoft Defender for Endpoint, Cynet, Symantec Endpoint Detection and Response and Check Point Harmony Endpoint. See our IBM Security QRadar vs. Kaspersky Endpoint Detection and Response Expert report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.