We performed a comparison between IBM Security QRadar and LogPoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. LogPoint is noted for its advanced technology and extensive log-collection, parsing, and analysis mechanisms. QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. Reviews suggest LogPoint should improve its dashboard customization, resource efficiency, network hierarchy diagrams, and agent deployment.
Service and Support: Some QRadar customers have had trouble connecting with knowledgeable support staff and experienced delayed responses. LogPoint's customer service receives high marks for its exceptional technical support and responsive engineers, but some users reported delays in receiving help from higher-level support.
Ease of Deployment: QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. The complexity of LogPoint's initial setup can range from complex and time-consuming to fast and easy, depending on the user's experience and the organization’s size.
Pricing: QRadar can be costly because users need to buy new hardware to upgrade. LogPoint's fixed pricing model is seen as cost-effective and competitive.
ROI: QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. LogPoint makes costs more predictable and enables companies to generate revenue through security operation services.
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"This is stable and scalable."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"This console gives you the entire view, which makes life easier and allows you to take precautionary measures."
"It is a very optimized engine."
"The most valuable feature currently is security behaviors and the pdf files."
"It has very rich functionality."
"Senses, tracks, and links significant incidents and threats."
"On the back-end, Watson helps me figure out an exact problem, sometimes giving me the result."
"The UBA feature is the most valuable because you can see everything about users' activities."
"No doubt about it, the solution is extremely stable."
"Log collection, dashboards and reporting are good."
"The integration is very user-friendly. There are not many CLI commands. Everything is directly accessible from the web interface."
"Technical support is responsive and very friendly."
"It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline."
"The product is easy to use."
"They basically charge you in a better way."
"It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them."
"The most valuable features are the ones that we use the most, which are the search and report facilities."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The dashboard isn't easy to access and manage."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"There are a lot of things they are working on and a lot of technologies that are not yet there. They should probably work out a better reserve with their ecosystem of business partners and create wider and more in-depth qualities, third-party tools, and add-ons. These things really give immediate business value. For instance, there are many limitations in using SAP, EBS, or Micro-Dynamics. A lot of things that are happening in those platforms could also be monitored and allowed from the cybersecurity risks perspective. IBM might be leaving this gap or empty space for business partners. Some larger organizations might already be doing this. It would be very nice if IBM can make some artificial intelligence part free of charge for all current QRadar users. This would be a big advantage as compared to other competitors. There are companies that are going in different directions. Of course, you can't do everything inside QRadar. In general, it might be very good for all players to provide more use cases, especially regarding data protection and leakage prevention. There are some who are already doing some kind of file integrity or gathering some more information from all possible technologies for building anything related to the user and data analysis, content analysis, and management regarding the data protection."
"When it comes to what could be better, it is always what others are trying to do and what is the roadmap. It can have more integration. It should have more flexible RESTful APIs for integration with applications. These are the things that are always in demand for any of the SIEM solutions, not only for QRadar. Integration is ever-evolving. Nowadays, different versions of mobile handsets are there and data is getting scattered. Users are using their personal handsets to keep the data of the organization. So, it should have a more flexible integration, irrespective of the flavor of the firmware and iOS or Android version. It should have an API that can seamlessly get integrated. It should also provide more flexible control and a more advanced or analytical view to see what exactly is happening across the globe or network. From wherever a user is connecting and accessing the enterprise data, it should give real-time visibility and predictive visibility about what exactly is happening. These things are already there, but there should be more advanced control in terms of managing the security."
"IBM technical support is always terrible."
"Ideally we would like a mobile version so that any alert that comes in will notify us in a mobile app, or by using SMS integration."
"The IBM support can be better."
"You can scale IBM QRadar User Behavior Analytics, but it has room for improvement."
"The threat intelligence functionality can be better. In addition, it can have more monitoring capabilities."
"The modularity could be improved."
"What could be improved in LogPoint is its UI because it's less friendly to users than LogRhythm. The UI could be more aesthetically appealing to users. It's completely outdated."
"Nowadays the trend is going towards the ransomware and the endpoint detection and response. So if they added something for that, that will be very, very good."
"It is complicated to collect daily logs from other systems."
"In terms of functionality, it is very good. The only issue is the documentation. Its documentation should be improved."
"The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness."
"Logpoint is not flexible. Its documentation is not user-friendly."
"The interface needs things like wizards that will assist with creating complex correlation rules."
"Log management could be better because transporting the log from a password to the client system takes time."
IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews while Logpoint is ranked 26th in Security Information and Event Management (SIEM) with 20 reviews. IBM Security QRadar is rated 8.0, while Logpoint is rated 7.4. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Logpoint is most compared with Elastic Security, Rapid7 InsightIDR, Microsoft Sentinel, Wazuh and LogRhythm SIEM. See our IBM Security QRadar vs. Logpoint report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best User Entity Behavior Analytics (UEBA) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.