We performed a comparison between IBM Security QRadar and Kaspersky Endpoint Detection and Response Expert based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The stability is very good."
"Fortinet is very user-friendly for customers."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"This is stable and scalable."
"I get alerts when scripts are detected in the environment."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The most valuable feature is the integration with the GRD, for banking."
"We find predictive analysis capabilities valuable."
"The most valuable feature is the searching capability and real-time operational use."
"What I like about IBM QRadar User Behavior Analytics is that it uses machine learning algorithms to generate risk scoring for the user activity. I also like that it syncs with our Active Directory users, so it really has full coverage for all users in our environment."
"The visibility it gives you into your infrastructure has been great."
"No doubt about it, the solution is extremely stable."
"Provided that the report is prebuilt and I can find what I am looking for, the reporting is the most valuable feature in this solution."
"IBM Qradar's ability to simplify the number of events, not only on a technical level but by making that information easy to pan through the orchestration deduplication. It is very impressive given that we have hundreds of devices that send event logs through."
"The performance for Kaspersky is good, and it's not impacted our client performance."
"The most valuable features of Kaspersky Endpoint Detection and Response are all the features. The features have all helped us and most recently malware has been an issue in our company and malware protection has been effective."
"My impression of the stability of this solution is good. We have not had any issues with stability."
"It's scalable enough for us."
"The solution does a good job of filtering and blocking unusual traffic."
"I like the tool’s response to malware and trojans."
"This solution is quite responsive and the tech support engineers are kind and good."
"The integration with our hypervisor is quite smooth, especially within the Kaspersky Enterprise environment. We have many virtual machines, and the integration is helpful."
More Kaspersky Endpoint Detection and Response Expert Pros →
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The SIEM could be improved."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"There is room for improvement in IBM QRadar in integrating features for SOC maturity and security levels directly into QRadar."
"There is a lot of manual configuration required in order for the product to run smoothly, and I think that it could be made more automatic."
"IBM needs to invest more into the collaboration with other vendors."
"Each module requires a separate license and a separate cost."
"It's resource-intensive."
"The solution is highly used here in Pakistan and in many sectors, they could improve it by having more SIEM connectors."
"I would like to see the update process simplified."
"They should speed up the incident response and also, at the same time, reduce the amount of manual effort that is required."
"They should include XDR features in the solution."
"Device control is lacking in EDR."
"There are some issues with EDR's web policy blocking sites that are marked as exceptions."
"The solution could always be more secure."
"If a customer wants to use Kaspersky on-prem, they'll need to spend a lot on the hardware. Their server must be strong because EDR is a heavy product. You need excellent hardware to run it. It might make sense to deploy the solution in the cloud. If they add features, it will only make the product heavier and increase the hardware costs."
"Kaspersky EDR currently has limited OS support. They only focus on Windows Server and Windows. Kaspersky recently released a Linux version, but it's rudimentary. It does not have any advanced features available on Windows platforms. They should increase their footprint on the Linux side and support other operating systems on the market, like MacOS."
"The solution does not offer much support to its users in Spanish, so I would like to see them offer more support in Spanish."
"Kaspersky Endpoint Detection and Response Expert needs to include a traffic interface."
More Kaspersky Endpoint Detection and Response Expert Cons →
More Kaspersky Endpoint Detection and Response Expert Pricing and Cost Advice →
IBM Security QRadar is ranked 20th in Endpoint Detection and Response (EDR) with 198 reviews while Kaspersky Endpoint Detection and Response Expert is ranked 17th in Endpoint Detection and Response (EDR) with 44 reviews. IBM Security QRadar is rated 8.0, while Kaspersky Endpoint Detection and Response Expert is rated 8.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Kaspersky Endpoint Detection and Response Expert writes "Solid security and performance; overall a useful tool". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Kaspersky Endpoint Detection and Response Expert is most compared with Trend Vision One, Microsoft Defender for Endpoint, Cynet, Symantec Endpoint Detection and Response and Check Point Harmony Endpoint. See our IBM Security QRadar vs. Kaspersky Endpoint Detection and Response Expert report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.