Security Information and Event Management (SIEM) » IBM QRadar Reviews » Review

IBM QRadar Review

Can detect off-hours or excessive usage of an application or cloud-based service, or network activity patterns that are inconsistent.

What is our primary use case?

Find the malicious activity via filter, don't rely on the rules which trigger the offenses and fix the suspicious activities.

How has it helped my organization?

Gaining application visibility and anomaly detection helping IT personnel to quickly identify meaningful deviations. For example, QRadar SIEM can detect off-hours or excessive usage of an application or cloud-based service, or network activity patterns that are inconsistent with historical, moving-average profiles and seasonal usage patterns.

What is most valuable?

Providing real-time visibility for threat detection and prioritization - QRadar SIEM provides contextual and actionable surveillance across the entire IT infrastructure, helping organizations detect and remediate threats often missed by other security solutions. These threats can include inappropriate use of applications; insider fraud; and advanced, “low and slow” threats easily lost in the “noise” of millions of events.

What needs improvement?

Artificial Intelligence is superb, QRadar correlate the events smartly and remove the same events but need improvements.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No issues.

How are customer service and technical support?

Very good

Which solution did I use previously and why did I switch?

Mcafee, switched due to the bad correlation of data.

How was the initial setup?

It was straightforward

Which other solutions did I evaluate?

Splunk and Logrhythm..

What other advice do I have?

QRadar also supports UBA which is a fantastic feature to detect user's malicious activities.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 Comment
author avatarShaikh Jamal Uddin
TOP 5LEADERBOARDConsultant

you need more time and knowledge to completely understand about QRadar SIEM.

Reply
Guest
Author
Highlights
Pros
Providing real-time visibility for threat detection and prioritization - QRadar SIEM provides contextual and actionable surveillance across the entire IT infrastructure.
Cons
AI is superb but need improvements.
Sign in to see all reviews and comparisons. It's free!
By clicking Sign in with LinkedIn™ you agree to let IT Central Station use your LinkedIn profile and email address in accordance with our Privacy Policy and agree to the Terms of Service.
Sign Up with Email
  • Unlimited access to 31000+ reviews from real users
  • Your own page to promote your professional skills
  • Join a community of experts to call upon for support
As seen in:

By registering, you agree to our Terms of Service and Privacy Policy.
  • Unlimited access to 31000+ reviews from real users
  • Your own page to promote your professional skills
  • Join a community of experts to call upon for support
As seen in