We performed a comparison between IBM Security QRadar and Cynet based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: IBM Security QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Cynet offers strong ransomware protection and an intuitive interface. IBM Security QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. Cynet needs to expand device support and add customization options. Users suggest improving network monitoring and strengthening integration with other tools.
Service and Support: Some customers of IBM Security QRadar have had trouble connecting with knowledgeable support staff and experienced delayed responses. Cynet's customer service is consistently lauded for its excellence. They have a dedicated support team that is available round the clock, and they also have a contingency plan for urgent incidents.
Ease of Deployment: IBM Security QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Cynet’s setup is highly efficient, with the ability to configure thousands of devices quickly.
Pricing: IBM Security QRadar can be costly because users need to buy new hardware to upgrade. Customers generally think Cynet is affordable and a good value for its features.
ROI: IBM Security QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. Cynet yields an excellent ROI by preventing cyberattacks and safeguarding sensitive data.
Comparison Results: Our users prefer IBM Security QRadar over Cynet. The advanced security features and overall strength of QRadar make it the favored option. Users like QRadar's extensive and actionable insights, user-friendly interface, and adaptability. QRadar offers a comprehensive overview of network activity and risk management.
"I have found the ability to delete unwanted threats beneficial."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"The integration, visibility, vulnerability management, and device identification are valuable."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"In terms of incident response, Cynet can contain attacks, offer a trial period to customers, and uninstall if not continued. The most valuable aspect is its integration capabilities, covering endpoints and network data for a comprehensive view of threats."
"We are very satisfied with the level of performance we get."
"I like that it is possible to use the solution to check more information about the users' devices."
"The level of automation is very good because the majority of the time, it blocks the attacks without requiring anything from our side. The technicians don't have to do anything. They are just alerted about what happened. So, the user intelligence works quite well."
"Cynet is light and transparent when downloaded. The product's data aggregation is also valuable since you can see everything you need on a page."
"The product has valuable front-end features."
"It is quite stable. I would rate the stability of the solution a nine out of ten."
"I like the Cynet Correlator™ feature."
"QRadar shows very effective correlations. If you combine all the logins plus user behavior and the current intelligence, it gives a very good correlation for business. I think it reduces the false positives in user activity monitoring because there is a lot of social information to correlate with other data."
"The feature that I have found most valuable is how it monitors the real network. That is its leading security feature."
"Improves visibility and has a great new dashboard."
"Log correlation is very useful for processing alerts. It serves to follow up alerts in real-time, building an entire workflow."
"It is a very good SIEM."
"The initial setup is not complex or difficult."
"I like that it's easy to use and the performance is good."
"When it comes to QRadar, they can do the correlation and not only in networks but also endpoints. This is one of the good features that we have noticed."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"The solution does not offer a unified response and standard data."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"Management of the console could be simplified and made more user-friendly because right now it's not very easy to use."
"I would like to see support for mobile protection and some additional reports included."
"They have automated response capability, and they're moving more and more into SOAR capability. They have built-in deception technology with host-file users, phantoms, etc. We used to call them honeypots. So, they're on target. They're doing a really good job, and they should continue to improve with SOAR."
"Linux servers are not supported."
"I would like to see more emphasis on building the data lake and storing all endpoint data in the enterprise data lake so that data mining can be performed"
"In terms of what could be improved, I would say the usability of this product for new threats. Meaning, not everything which is new is properly seen by the product and not all the required actions are taken."
"Could have better integration with other security applications."
"In future releases, I would like to see cloud security aspects included."
"There should be more opportunity for community kind of distribution where, for example, if there was a zero-day threat targeting companies."
"There are reports that I would like to generate that are either not included, or I cannot find."
"The Indian tech support is not helpful."
"I don't look at only the features and benefits; I also look at the price. It is a bit expensive when compared with other solutions. It is expensive for specific deployment topologies, and the decision-makers go for alternatives like ArcSight. It should also have more AI features or capabilities for better threat intelligence. The more it uses machine learning, the better would be the dashboard, analytics, and other things."
"The product does not have a team for investigating malware."
"The weak signal detection with QRadar needs improvement. You can detect what you know, but what is unknown to the rule engine can't be detected."
"The released patch quality is poor. IBM should test those patches on their side, not on the client's side."
"QRadar needs a lot of fine tuning"
Cynet is ranked 4th in User Entity Behavior Analytics (UEBA) with 35 reviews while IBM Security QRadar is ranked 1st in User Entity Behavior Analytics (UEBA) with 198 reviews. Cynet is rated 8.8, while IBM Security QRadar is rated 8.0. The top reviewer of Cynet writes "Provides memory protection, device control, and vulnerability management". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Cynet is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, ESET Endpoint Protection Platform, Microsoft Defender for Endpoint and Cortex XDR by Palo Alto Networks, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security. See our Cynet vs. IBM Security QRadar report.
See our list of best User Entity Behavior Analytics (UEBA) vendors, best Endpoint Detection and Response (EDR) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.