IBM QRadar Review

Can detect off-hours or excessive usage of an application or cloud-based service, or network activity patterns that are inconsistent.


What is our primary use case?

Find the malicious activity via filter, don't rely on the rules which trigger the offenses and fix the suspicious activities.

How has it helped my organization?

Gaining application visibility and anomaly detection helping IT personnel to quickly identify meaningful deviations. For example, QRadar SIEM can detect off-hours or excessive usage of an application or cloud-based service, or network activity patterns that are inconsistent with historical, moving-average profiles and seasonal usage patterns.

What is most valuable?

Providing real-time visibility for threat detection and prioritization - QRadar SIEM provides contextual and actionable surveillance across the entire IT infrastructure, helping organizations detect and remediate threats often missed by other security solutions. These threats can include inappropriate use of applications; insider fraud; and advanced, “low and slow” threats easily lost in the “noise” of millions of events.

What needs improvement?

Artificial Intelligence is superb, QRadar correlate the events smartly and remove the same events but need improvements.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No issues.

How are customer service and technical support?

Very good

Which solution did I use previously and why did I switch?

Mcafee, switched due to the bad correlation of data.

How was the initial setup?

It was straightforward

Which other solutions did I evaluate?

Splunk and Logrhythm..

What other advice do I have?

QRadar also supports UBA which is a fantastic feature to detect user's malicious activities.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 Comment
author avatarShaikh Jamal Uddin
TOP 5LEADERBOARDConsultant

you need more time and knowledge to completely understand about QRadar SIEM.

Guest
Sign Up with Email