IBM QRadar Review

It captures and processes large volumes of event data, and scales to support them in a unified database. But, it'd be good to have a default configuration to meet PCI requirements.

Valuable Features:

It's very helpful in meeting compliance monitoring and reporting (PCI DSS, PA DSS, ISO, SOX) requirements.

Improvements to My Organization:

It captures and processes large volumes of event data, and scales to support hundreds of thousands of events in one unified database. 

It also offers high-availability and disaster-recovery options. 

There's very high quality in reporting suitable to all most all compliance requirements.

Room for Improvement:

We use it mostly for purchases and regulatory requirements of that process. It would be good, therefore, if there was a standard configuration by default that was offered or proposed during install or configuration to meet PCI requirements, e.g. log archive duration set by default to one year for each device added. 

The event Information display might prioritize event ID, user, destination, source, and date/time as the first info gathered in the report.

Use of Solution:

We're only using the Log Manager.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More IBM QRadar reviews from users
...who work at a Financial Services Firm
...who compared it with Splunk
Learn what your peers think about IBM QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
522,946 professionals have used our research since 2012.
Add a Comment
ITCS user