IBM QRadar Review

It's a state-of-the-art product for security information and event management

What is our primary use case?

It is under a non-disclosure agreement (NDA).

How has it helped my organization?

  • It helps because you don't need an army to execute the project when you do the PoC, and when finally going to production. 
  • The abundant out-of-the-box features which are operating wonderfully.

What is most valuable?

  • It's easy to set up.
  • There are a lot of great out-of-the-box features included.
  • It's a state-of-the-art product for security information and event management (SIEM).

What needs improvement?

  • Slow response sometimes and a not-so-helpful staff there. So make the support better, and you could succeed even more.
  • The released patch quality is poor. IBM should test those patches on their side, not on the client's side. So, there are a lot of improvement to do. 
  • I would appreciate if IBM could create another more intuitive, easier way (intuitive UI) to perform advanced searches rather that just counting on regular expressions.

For how long have I used the solution?

One to three years.

How is customer service and technical support?

The quality of technical support depends on the IBM support person. Sometimes, it's hard to get the right person on the other side. A ticket coordinator could be the key to better quality delivery.  

They are sometimes slow to respond and unhelpful.

What other advice do I have?

I highly recommend this product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Sign Up with Email