We performed a comparison between IBM Security QRadar and Secureworks Taegis ManagedXDR based on real PeerSpot user reviews.
Find out in this report how the two Managed Detection and Response (MDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The customization has been the most valuable aspect and was really the reason we ended up selecting Binary Defense. They worked with us to provide exactly the level of support, features, response, and collaboration we needed."
"The most valuable features are the SIEM and the ticketing function; the latter is very smooth and easy to read and understand. We don't have any issues looking at the ticketing information when we're trying to identify what's going on."
"One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."
"The most valuable feature is reviewing tickets and the notes added by technicians."
"The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."
"Binary Defense's most valuable feature is the 24/7 monitoring and threat hunting. Their team checks the latest breaches and how they're done."
"Binary Defense has a human service department that provides live monitoring for our systems."
"The case interface is Binary Defense MDR's most valuable feature."
"The most valuable features are log monitoring, easy-to-fix issues, and problem-solving."
"We can easily monitor many things using this tool."
"It's built around Red Hat Linux, which is highly robust."
"The playbook engine is flexible and allows for the graphical visualization of processes, enabling the implementation of dynamic playbooks for incident response or testing."
"Log correlation is very useful for processing alerts. It serves to follow up alerts in real-time, building an entire workflow."
"The most valuable feature is the machine learning module."
"We run 65 servers globally with just two people: an engineering person and me."
"The solution is quite flexible."
"This solution gathers the information logs from all devices and correlates all the information. It notifies us of any critical events taking place across our networks which has been valuable."
"The most valuable feature is the fast alerting and response time."
"There are some patent pending detectors within the platform that provides a lot of value."
"The pricing is flexible."
"The most valuable feature is the support. The support chat. It's always connecting to people. And you open the chat, and it's not about that automated response. It's actually a human being that responds to you."
"We can easily isolate affected machines in the network."
"We don't have a full SOC, so it's helpful to have them sifting through our alerts and only bringing actionable items to us."
"The initial setup was very straight forward."
"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."
"It's hard to think of anything that they need to improve on, but just to point out something, I would like to see them provide advanced XDR."
"I would like to see more frequent check-ins with our security status."
"We found a couple of bugs in the user interface."
"Binary Defense MDR could be even better with additional features, like automatic scans and file quarantine."
"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."
"It's sometimes difficult to know when to engage Binary Defense or TrustedSec, their sister company. TrustedSec is more focused on offensive security, as opposed to the defensive security that the MDR solution provides. It would be awesome if there were a better bridge between that relationship for when we need to get more proactive services or when we need to do a penetration test."
"The current reporting system could benefit from improvement."
"The technical support can be improved a little bit, and the price could be cheaper."
"Technical support is good, but not great."
"The solution is clunky."
"SOAR is what is expected the most from QRadar. They have something called SOAR Resilient, and it would be great if that gets induced in SIEM. IBM QRadar (as well as McAfee ESM) should have analytics platform integration. Currently, SIEMs don't have full-fledged integration with analytics where we are able to dump our data in SIEM, and the same data can be called from different analytics applications. We should be able to bring this data to a platform like Hadoop for big data and run the analytics there. Currently, people are seeing the past data and taking some actions in the present, but when it comes to analytics, there should be futuristic data where you can predict something out of your present and past data. Apart from that, I would like to see a full-fledged ITSM tool in QRadar. It sometimes has some technical issues that need to be checked. It requires a dedicated QRadar engineer to completely manage it. It has different module sets, such as event collector and event processor, and some technical glitches come in between. It takes the log but doesn't exactly process it in the way we want."
"The implementation and configuration are not easy."
"There could be improvements made to the UI, the user interface. Though the newer version, 7.3.2, might already have this improvement in place."
"IBM QRadar could improve the plugins and threat detection."
"The features that could be improved include the licensing model and the dashboards and all those presentations. Overall, the user experience part can be improved."
"In the next release of this solution, I would like to see file integrity monitoring."
"The integration would look better with other products, with other EDRs, with other firewalls, with other older versions of firewalls, and the versions of software and hardware."
"The deployment could definitely be improved."
"The integration with the Carbon Black sensor could be better. ManagedXDR doesn't seem to know how to extract the forensic data from an endpoint that was quarantined by Carbon Black."
"Dell Secureworks is for higher-end customers and it's not quite as straightforward to implement or to get up and running as some of the other solutions."
"Dell Secureworks could improve its integration with other third-party solutions."
"It would be nice if the solution were a little more affordable."
"Tamper-proofing or tamper protection is still pending in Secureworks. Tamper protection will make it more secure. If I'm an admin of a device, I can uninstall an agent without the knowledge of the security or Secureworks admin. If someone gets hold of one endpoint with admin credentials, he can remove anything, and an organization will lose visibility. They need to work on providing more visibility across endpoints. A couple of times it has happened that the cloak agent is there, but it did not get activated, or there were some issues. The machine was restarted, but the cloak agent didn't run. In such cases, you have to troubleshoot. It is a big issue if a cyber attack is happening, and your machine is rebooted, but the events are not captured."
More Secureworks Taegis ManagedXDR Pricing and Cost Advice →
IBM Security QRadar is ranked 10th in Managed Detection and Response (MDR) with 198 reviews while Secureworks Taegis ManagedXDR is ranked 8th in Managed Detection and Response (MDR) with 13 reviews. IBM Security QRadar is rated 8.0, while Secureworks Taegis ManagedXDR is rated 7.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Secureworks Taegis ManagedXDR writes "Offers proactive threat hunting and actively examines our environment". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Secureworks Taegis ManagedXDR is most compared with CrowdStrike Falcon Complete, SentinelOne Vigilance, Rapid7 MDR, Trend Micro Managed XDR and Huntress. See our IBM Security QRadar vs. Secureworks Taegis ManagedXDR report.
See our list of best Managed Detection and Response (MDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.