We performed a comparison between IBM Security QRadar, LogRhythm SIEM, and Quest InTrust based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Wazuh, Datadog and others in Log Management."IBM QRadar has improved my organization by introducing many functions. It collects logs from all of our systems in the organization and has functioned very well. It alerts and correlates the aggregate events or offenses we receive through all the applications we use."
"I like that it's easy to use and the performance is good."
"The most valuable feature is the QRadar Vulnerability Manager which provides vulnerability scans. In addition, I like the way QRadar generates alerts."
"I like the graphical interface. It's so good and easy."
"The tool is already automated in many ways, but there are some additional functions which should be automated, like sending an email, mobile notification, and integration of XFS."
"Technical support is good overall."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"It's quite scalable. We have upgraded some solutions from 1000 APS up to 3500 APS to 5000 APS. It's a good solution, they have no scalability issues."
"When it comes to dealing with support, all my interactions have been great. Everyone has known what they're doing and have been quick to respond. They seem to always know the answer. I haven't stumped anybody yet."
"The ability to drill down and pivot from an event is one of the biggest advantage the product has compared to other things that I have seen in the market."
"The log analysis feature is valuable."
"Their customer support is friendly and willing to help."
"The Web Console is my favorite. It enables me, at a glance, to see the health of the environments."
"It has helped us centralize and have better visibility into devices on our network. We are better able to respond to threats in a timely manner."
"I would say the most valuable feature of LogRhythm is that it has built-in UEBA functionality, among other basic Windows packages."
"The daily alerts allow me to quickly find security and operations issues which need to be addressed."
"I would rate the technical support very well as they are knowledgeable and quick to respond."
"The dashboard is pathetic and it takes a long time to perform a search."
"The AQL queries could be better."
"The interface is very old. IBM should remake it into a more modern interface."
"I would like to see a better GUI."
"The user interface and configurability of IBM QRadar User Behavior Analytics can be improved. It has a lot of pre-configured settings and not many things can be changed. It also needs more integrations. Currently, User Behavior Analytics is integrated only with IBM QRadar. It could have deeper integrations. It can also have more complicated scoring models. Currently, it has a very simple linear scoring model for users."
"With IBM Security QRadar, my company faced issues with the support we received for the product."
"Its architecture is very complicated."
"IBM Qradar could improve the reporting. The tool is not designed to report. It's a great operational monitoring tool. You put it on a screen and you watch it. If you want to have analytics out of it, that's a whole different story. You're going to need more people and tools. What should be added is reporting and integration into Power BI, into some capability that produces analytical reports from the source data. IBM does not seem to care to add these features."
"One area for improvement in LogRhythm NextGen SIEM is that it's a Windows-based tool, and I feel it should be on the Linux operating system instead. Another area for improvement in the tool is the UI. There should be minor changes in the UI to make it better, though I like the dashboards in LogRhythm NextGen SIEM."
"I would like to see our vulnerabilities counter. We will be using Tenable to fill that void right now."
"The console installation is an area with a shortcoming in the solution that needs improvement. If LogRhythm SIEM can offer a web console, it would be great."
"I think they probably need to, because a lot of companies are having this cloud-first strategy, where anything that's new has to go into the cloud for some reason."
"The responses provided by the cloud team are inefficient."
"The initial setup is not so easy because it is quite a process."
"The built-in functionality of the solution for NDR, SOAR, SIEM, and EDS has room for improvement."
"We had a little bit of difficulty implementing a disaster recovery situation because it was leveraging only Microsoft native DNS and it wouldn't work with our Infoblox DNS deployment that we use in our environment. They've been working on that behind the scenes."
"It was very complex. There was poor native correlation. "
"It needs to have better reporting. "
Earn 20 points