• Home
  • IBM Security QRadar vs. Zabbix

IBM Security QRadar vs Zabbix comparison

Cancel
You must select at least 2 products to compare!
IBM Logo
IBM Security QRadar
Read 198 IBM Security QRadar reviews
21,075 views|12,899 comparisons
91% willing to recommend
Zabbix Logo
Zabbix
Read 101 Zabbix reviews
22,616 views|17,448 comparisons
95% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Security Information and Event Management (SIEM)
April 2024
Executive Summary

We performed a comparison between IBM Security QRadar and Zabbix based on real PeerSpot user reviews.

Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM).
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: April 2024).
Download the complete report
771,212 professionals have used our research since 2012.
Featured Review
Anonymous User
Real-time detection is quite efficient but the dashboard lacks important visibility for threat hunting
Our company uses the solution as our main CM to detect malicious activity. There are many campaigns targeting Europe and other countries so it is... Read more →
Patrice Delavictoire
We can fix issues with our network before they become serious problems
Zabbix alerts us about problems on the system, including damage to the hardware or network connectivity issues.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It'll get you from point A to B.""It showed us where weaknesses were in our environment, so we could actively target those patches first.""The UBA feature is the most valuable because you can see everything about users' activities.""Log correlation is very useful for processing alerts. It serves to follow up alerts in real-time, building an entire workflow.""It can analyze event logs, event security, and give a good consult.""It is suitable for large companies with critical infrastructure. For our clients, robustness, availability at a high level, and the level of references and experiences connected to the solution are important.""IBM Qradar's ability to simplify the number of events, not only on a technical level but by making that information easy to pan through the orchestration deduplication. It is very impressive given that we have hundreds of devices that send event logs through.""Integration is very easy and the reporting is good."

More IBM Security QRadar Pros →

"Like other common Linux distributions, some of the most valuable features of this solution are the ease of use and deployment. It's simple and has a lot of packages and a lot of software.""We use it to monitor and manage our servers.""It's a very reliable platform and we've never had any issues regarding the scalability or the stability of Zabbix.""Zabbix is a cost-effective solution. We're a small organization with a few dozen devices to monitor, and it was available for free. We can see what we need. We haven't done an in-depth analysis on it, but we're currently okay with the product.""The most valuable features are the monitoring and the ease with which we can set it up at customer sites with our custom Zabbix proxy and tools.""The level of discovery-based configuration that lets us auto-configure the monitoring for various systems is a valuable feature.""The calculations part is the most valuable.""It has an intuitive UI with beautiful graphs and customizable maps."

More Zabbix Pros →

Cons
"There could be better integration with the solution.""The only challenge with products like IBM is the EPS. You just have to be really on the events per second, as that's where the cost factor becomes a huge issue.""The solution lacks vendor support.""I would like to see a better GUI.""I would like the rule creation interface to be much more user-friendly in the next release.""If you have too many events that occur, then the storage capacity becomes a problem. You need to have more storage.""The architecture could be improved. I got stuck for a long time trying to understand the architecture, as it is quite challenging.""IBM Qradar could improve the reporting. The tool is not designed to report. It's a great operational monitoring tool. You put it on a screen and you watch it. If you want to have analytics out of it, that's a whole different story. You're going to need more people and tools. What should be added is reporting and integration into Power BI, into some capability that produces analytical reports from the source data. IBM does not seem to care to add these features."

More IBM Security QRadar Cons →

"I would like to see a more flexible mobile client, and better HA out of the box.""Its UI needs to be improved a little bit more so that an end-user is also able to handle it. I can handle it, but others should also be able to handle it in a better way. It becomes complex when we are growing and need to add proxies. We need more scalability features and documentation for different use cases. A lot of articles are available, but they need to be in proper documentation. For example, when you have thousands of servers that have to be monitored in different regions of the world, there should be some kind of documentation to describe how you can create proxies and add them. Sometimes, when you are using the database, it can get overloaded. When the network is growing, the number of transactions becomes very high, and the database gets overloaded. There should be information about how to reduce the load on the MySQL database, which is what Zabbix is using. The market is growing a lot, and it should be enhanced for a lot more things. We are currently bringing enhancements at our end for different use cases. For example, when dockerization is going on, how can we check the logs inside the Dockers. We should also be able to monitor and check the number of logins and add features such as SSO login and two-factor authentication as a protocol. These are the security features and concerns that we have to deal with. Currently, we are developing modules to add features to Zabbix, but they should also work on these features.""The reports are not great and should be improved.""Its UI should be improved. They did some improvements in version 5, but it could benefit from some more work. Its integrations should also be improved. They've been active for one year, and they seem to have noticed that. It has new integrations, but it could benefit from more integrations. As far as I know, there is no model to push statistics, metrics, or events towards Zabbix. This type of API isn't yet there, whereas some other tools provide an API for this.""The stability could be better.""It would be helpful if they translated the documentation to Cyrillic languages.""The performance reporting could be improved.""I think the reporting part of Zabbix can be improved in terms of more user-friendly graphics to display the collected data. Many simple users who don't know how to use Zabbix properly might get confused by the reporting, although at the same time it is very versatile for my company."

More Zabbix Cons →

Pricing and Cost Advice
  • "found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price."
  • "Most of the time, it is easier and cheaper to buy a new product or the QRadar box."
  • "IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much."
  • "IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much."
  • "Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost."
  • "It is expensive. It is not a product that I can provide for SMBs. It is a program that I can only provide for really large enterprises."
  • "The maintenance costs are high."
  • "Pricing (based on EPS) will be more accurate."

    • More IBM Security QRadar Pricing and Cost Advice →

  • "It’s free of cost."
  • "It is a true open-source solution, so there are no licensing costs."
  • "The product is an open source and free solution."
  • "It's free software released under the GNU/GPL license."
  • "There are no licenses."
  • "We’re using the free version, which covers all our current needs."
  • "It is free, which allows us to reduce costs."
  • "I was using the free, Community Edition."

    • More Zabbix Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    771,212 professionals have used our research since 2012.
    Comparison Review
    Anonymous User
    Nagios vs. Zabbix vs. PRTG vs. Spiceworks vs. Solarwinds Network Performance Monitor
    I have researched a quite a few network monitoring tools which can be used for various monitoring purposes of not only the servers, but the intermediate routers as well. There are majorly three types of these softwares. Ones which are completely open-source, you can do almost anything you want using these, but they require quite some expertise before you can use them. Then there are the ones that are not open source, the enterprise softwares and cost you some money, but on the other hand, they are extremely easy to set-up and learn. You can have them up and running in a matter of minutes. And then there are those which are completely cloud based. They can be free of cost or charge some money depending on the software. The good thing about these is that you don’t have to install any extra software, and it can be managed completely online but then again these have limited features and you cannot exploit them to the full extent as you can do with the open-source and to some extent the enterprise software, so I won’t suggest you to use these, because these are generally not the complete solutions and require other support software to achieve the same. Below I have listed the outstanding pros and cons of the various Network analyzers that you can look into Nagios Pros: Nagios offers an extensive set of collector plug-ins that allows users to gather performance and availability data from a broad range of operating systems, including  Windows and Netware Nagios… Read more →
    Questions from the Community
    What are the biggest differences between Securonix UEBA, Exabeam, and IBM...
    Top Answer:It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information… more »
    Read all 2 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Read all 12 answers   →
    What do you like most about IBM QRadar?
    Top Answer:The event collector, flow collector, PCAP and SOAR are valuable.
    Read all 88 answers   →
    What do you like most about Zabbix?
    Top Answer:The template system in Zabbix is very beneficial as it saves time in configuration.
    Read all 55 answers   →
    What is your experience regarding pricing and costs for Zabbix?
    Top Answer:Zabbix's licensing and pricing are good for our needs.
    Read all 53 answers   →
    What needs improvement with Zabbix?
    Top Answer:To improve Zabbix, adding more features to support the monitoring of modern workloads like containers would be beneficial. Many environments are shifting away from traditional setups to remote and… more »
    Read all 57 answers   →
    Ranking
    4th
    out of 80 in Security Information and Event Management (SIEM)
    Views
    21,075
    Comparisons
    12,899
    Reviews
    29
    Average Words per Review
    487
    Rating
    7.6
    1st
    out of 148 in Network Monitoring Software
    Views
    22,616
    Comparisons
    17,448
    Reviews
    26
    Average Words per Review
    616
    Rating
    8.4
    Comparisons
    Also Known As
    IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar, IBM QRadar User Behavior Analytics, IBM QRadar Advisor with Watson
    Learn More
    IBM
    Zabbix
    Overview

    IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.

    IBM Security QRadar is built to address a wide range of security issues and can be easily scaled with minimal customization effort required. As data is ingested, QRadar administers automated, real-time security intelligence to swiftly and precisely discover and prioritize threats. The platform will issue alerts with actionable, rich context into developing threats. Security teams and analysts can then rapidly respond to minimize the attackers' strike. The solution will provide a complete view of activity in both cloud-based and on-premise environments as a large amount of data is ingested throughout the enterprise. Additionally, QRadar’s anomaly detection intelligence enables security teams to identify any user behavior changes that could be indicators of potential threats. 

    IBM QRadar Log Manager

    To better help organizations protect themselves against potential security threats, attacks, and breaches, IBM QRadar Log Manager gathers, analyzes, preserves, and reports on security log events using QRadar Sense Analytics. All operating systems and applications, servers, devices, and applications are converted into searchable and actionable intelligent data. QRadar Log Manager then helps organizations meet compliance reporting and monitoring requirements, which can be further upgraded to QRadar SIEM for a more superior level of threat protection.

    Some of QRadar Log Manager’s key features include:

    • Data processing and capture on any security event
    • Disaster recovery options and high availability 
    • Scalability for large enterprises
    • SoftLayer cloud installation capability
    • Advanced threat protection

    Reviews from Real Users

    IBM Security QRadar is a solution of choice among users because it provides a complete solution for security teams by integrating network analysis, log management, user behavior analytics, threat intelligence, and AI-powered investigations into a single solution. Users particularly like having a single window into their network and its ability to be used for larger enterprises.

    Simon T., a cyber security services operations manager at an aerospace/defense firm, notes, "The most valuable thing about QRadar is that you have a single window into your network, SIEM, network flows, and risk management of your assets. If you use Splunk, for instance, then you still need a full packet capture solution, whereas the full packet capture solution is integrated within QRadar. Its application ecosystem makes it very powerful in terms of doing analysis."

    A management executive at a security firm says, "What we like about QRadar and the models that IBM has, is it can go from a small-to-medium enterprise to a larger organization, and it gives you the same value."

    Zabbix is an open-source monitoring software that provides real-time monitoring and alerting for servers, networks, applications, and services. 

    It offers a wide range of features including data collection, visualization, and reporting. 

    With its user-friendly interface and customizable dashboards, Zabbix helps organizations ensure the availability and performance of their IT infrastructure.

    Sample Customers
    Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
    1. IBM 2. Dell 3. Cisco 4. HP 5. Oracle 6. Microsoft 7. Amazon 8. Google 9. Facebook 10. Twitter 11. LinkedIn 12. Netflix 13. Adobe 14. VMware 15. Salesforce 16. SAP 17. Intel 18. AT&T 19. Verizon 20. T-Mobile 21. Vodafone 22. Ericsson 23. Nokia 24. Siemens 25. General Electric 26. Honeywell 27. Philips 28. Sony 29. Samsung 30. LG 31. Panasonic 32. Toshiba
    Top Industries
    REVIEWERS
    Financial Services Firm23%
    Computer Software Company15%
    Comms Service Provider10%
    Security Firm6%
    VISITORS READING REVIEWS
    Educational Organization18%
    Computer Software Company15%
    Financial Services Firm10%
    Government6%
    REVIEWERS
    Computer Software Company24%
    Comms Service Provider10%
    Financial Services Firm7%
    Aerospace/Defense Firm7%
    VISITORS READING REVIEWS
    Educational Organization34%
    Computer Software Company12%
    Financial Services Firm6%
    Government6%
    Company Size
    REVIEWERS
    Small Business39%
    Midsize Enterprise15%
    Large Enterprise45%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise30%
    Large Enterprise50%
    REVIEWERS
    Small Business49%
    Midsize Enterprise20%
    Large Enterprise31%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise42%
    Large Enterprise40%
    Buyer's Guide
    Security Information and Event Management (SIEM)
    April 2024
    Download Free Report
    Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM). Updated: April 2024.
    DOWNLOAD NOW
    771,212 professionals have used our research since 2012.

    IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews while Zabbix is ranked 1st in Network Monitoring Software with 101 reviews. IBM Security QRadar is rated 8.0, while Zabbix is rated 8.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios Core and Nagios XI.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.