IBM QRadar Review

Good detect rate with a small number of false positives, and support resolves issues quickly


What is our primary use case?

We used this product as a SIEM, for information security.

How has it helped my organization?

This product collects all of the system logs and analyzes them to see if there are any security threats, or there have been any attacks. If there are, then it will alert the administrator to take the appropriate actions.

What is most valuable?

The detection rate is good and the false positive rate is low. Having a low false-positive rate is good because it means that if an alert happens then it is very likely a real attack.

QRadar is quite flexible. Out of ten, I would rate flexibility a nine.

What needs improvement?

They should speed up the incident response and also, at the same time, reduce the amount of manual effort that is required.

A nice enhancement would be the incorporation of more artificial intelligence and machine learning capabilities.

For how long have I used the solution?

We have used IBM QRadar for approximately two years.

What do I think about the stability of the solution?

I would rate the stability a ten out of ten. We have had the occasional bug or other issue but once we report it to IBM, they give us a resolution quite quickly.

How are customer service and technical support?

Technical support is quick to resolve issues.

Which solution did I use previously and why did I switch?

We developed our own application to use as a SIEM, but we switched to QRadar.

How was the initial setup?

The initial setup is complex and the deployment takes approximately three months.

What's my experience with pricing, setup cost, and licensing?

It would be great if this product were cheaper.

Which other solutions did I evaluate?

We did evaluate other options before selecting this product.

What other advice do I have?

Within the past year, IBM developed a SaaS version of QRadar, which is a nice option.

My advice for anybody who is considering this solution is to implement the latest IBM offerings together. QRadar is just one of the products, and multiple products can be combined to create the best solution for their needs.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More IBM QRadar reviews from users
...who work at a Financial Services Firm
...who compared it with Splunk
Learn what your peers think about IBM QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
534,057 professionals have used our research since 2012.
Add a Comment
ITCS user
Guest