Find the malicious activity via filter, don't rely on the rules which trigger the offenses and fix the suspicious activities.
IBM QRadar Review
Can detect off-hours or excessive usage of an application or cloud-based service, or network activity patterns that are inconsistent.
Aug 11 2020
What is our primary use case?
How has it helped my organization?
Gaining application visibility and anomaly detection helping IT personnel to quickly identify meaningful deviations. For example, QRadar SIEM can detect off-hours or excessive usage of an application or cloud-based service, or network activity patterns that are inconsistent with historical, moving-average profiles and seasonal usage patterns.
What is most valuable?
Providing real-time visibility for threat detection and prioritization - QRadar SIEM provides contextual and actionable surveillance across the entire IT infrastructure, helping organizations detect and remediate threats often missed by other security solutions. These threats can include inappropriate use of applications; insider fraud; and advanced, “low and slow” threats easily lost in the “noise” of millions of events..
What needs improvement?
Artificial Intelligence is superb, QRadar correlate the events smartly and remove the same events but need improvements.
For how long have I used the solution?
One to three years...
What do I think about the stability of the solution?
No issues.
How are customer service and technical support?
Very good
Which solution did I use previously and why did I switch?
Mcafee, switched due to the bad correlation of data.
How was the initial setup?
It was straightforward
Which other solutions did I evaluate?
Splunk and Logrhythm..
What other advice do I have?
QRadar also supports UBA which is a fantastic feature to detect user's malicious activities.
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More IBM QRadar reviews from users
Learn what your peers think about IBM QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
455,301 professionals have used our research since 2012.
Add a Comment
1 Comment
Shaikh Jamal Uddin (Appxone)Consultant
you need more time and knowledge to completely understand about QRadar SIEM.
Author
Shaikh Jamal Uddin
Cybersecurity Architecture and Technology Lead at Appxone
Consultant
Highlights
Pros
Providing real-time visibility for threat detection and prioritization - QRadar SIEM provides contextual and actionable surveillance across the entire IT infrastructure.
Cons
AI is superb but need improvements.
Popular Comparisons
Splunk
ELK Logstash
LogRhythm NextGen SIEM
ArcSight Enterprise Security Manager (ESM)
RSA NetWitness Logs and Packets (RSA SIEM)
Fortinet FortiSIEM
McAfee ESM
Exabeam
AT&T AlienVault USM
Securonix Security Analytics
NetIQ Sentinel
Rapid7 InsightIDR
Graylog
Fortinet FortiAnalyzer
Elastic Beats
Buyer's Guide
Download our free IBM QRadar Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
- Which is the best SIEM solution for a government organization?
- What Is SIEM Used For?
- What is the difference between IT event correlation and aggregation?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
- What are the must-haves for a SIEM solution?
- What is the difference between SIEM and SOAR platforms?
- What is the difference between log management and SIEM?
- Are you using a SIEM platform with AWS Cloudwatch?