We performed a comparison between IBM Security QRadar and Datadog based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Datadog users like its customizable displays, error tracking, and advanced AI/ML capabilities. QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. Datadog could enhance its usability and reduce its learning curve. Users said integration was another pain point.
Service and Support: Some QRadar customers have had trouble connecting with knowledgeable support staff and experienced delayed responses. While many users spoke highly of Datadog’s support team, others reported slow support, especially in the Asia-Pacific region.
Ease of Deployment: QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Datadog’s setup is considered straightforward, and users often receive help from a partner or vendor.
Pricing: QRadar can be costly because users need to buy new hardware to upgrade. Opinions about Datadog's price are divided. Some users found it costly, but others thought it was acceptable. Some said the pricing model could be clearer and better explained.
ROI: QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. Users said Datadog saved them time and improved visibility into security blind spots.
"Datadog has a lot of features to be able to drill down deep into the swath of logs that our platforms generate."
"The integration and configuration are incredibly simple. The SaaS offering is remarkably easy to set up, especially if you're coming from a Graphite environment or anything that uses a StatsD."
"It helps us better manage our logs."
"It provides more cloud data. They tend to just get the way a service would be designed on the cloud."
"Datadog has so far been a breeze to use and set up."
"The biggest thing I liked was the combination of all the things - monitoring, log aggregation, and profiling."
"It has a nice UI."
"Even if we don't end up using Datadog, it revealed problems and optimizations to us that weren't obvious before."
"Providing real-time visibility for threat detection and prioritization - QRadar SIEM provides contextual and actionable surveillance across the entire IT infrastructure."
"It has a logical, user-friendly GUI."
"It is very stable. We have not faced interruptions in the past four and a half years."
"The pre-canned rules and reports in this product are a huge plus."
"Integrations are quite a useful and key feature of this solution. It has integration with the CVSS score, which is a central point for all the data and scores about the threats. There is an IBM Bluemix dashboard that is integrated with the CVSS score."
"The correlation and the parsing are important features, since it is very important for a SIEM to have a good scalability and performance."
"IBM QRadar User Behavior Analytics has easy architecture, has a good portfolio and integration."
"It has a good integration with the artificial intelligence engine of Watson."
"The logging could be improved in the future."
"The error traceability is an area that can be improved."
"There is occasional UI slowness and bugs."
"Datadog has a lot of features kind of cramped into one dashboard. It's quite hard to get around what feature does exactly what. There was a steep learning curve, trying to navigate through menus."
"Stability of the product has been a concern for us outside of the primary monitoring agents."
"We want to reduce having to go to different screens to obtain all the information."
"The dashboard could be improved. It would be helpful to get a view of specific things that we need to monitor for our application."
"One area where I was really looking for improvement was the CSPM product line. I had really wanted to have team-level visibility for findings, since the team managing the resources has much more context and ability to resolve the issue, as the service owner. However, this has been added to the announcement in a recent keynote."
"IBM QRadar could improve the plugins and threat detection."
"IMB should reduce the pricing, or reduce some of the features for a more economical solution for the customer."
"If you have too many events that occur, then the storage capacity becomes a problem. You need to have more storage."
"Integration could be better. They should make it easy to integrate with other solutions."
"IBM technical support is always terrible."
"They have to build more quantitative monitoring, profiling, and make it more predictive."
"I would like to see some artificial intelligence and alternative solutions."
"When it comes to what could be better, it is always what others are trying to do and what is the roadmap. It can have more integration. It should have more flexible RESTful APIs for integration with applications. These are the things that are always in demand for any of the SIEM solutions, not only for QRadar. Integration is ever-evolving. Nowadays, different versions of mobile handsets are there and data is getting scattered. Users are using their personal handsets to keep the data of the organization. So, it should have a more flexible integration, irrespective of the flavor of the firmware and iOS or Android version. It should have an API that can seamlessly get integrated. It should also provide more flexible control and a more advanced or analytical view to see what exactly is happening across the globe or network. From wherever a user is connecting and accessing the enterprise data, it should give real-time visibility and predictive visibility about what exactly is happening. These things are already there, but there should be more advanced control in terms of managing the security."
Datadog is ranked 3rd in Log Management with 137 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Datadog is rated 8.6, while IBM Security QRadar is rated 8.0. The top reviewer of Datadog writes "Very good RUM, synthetics, and infrastructure host maps". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Datadog is most compared with Dynatrace, Azure Monitor, New Relic, AWS X-Ray and Elastic Observability, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh and LogRhythm SIEM. See our Datadog vs. IBM Security QRadar report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.