IBM QRadar Review

Enables us to add extensions that provide valuable test ports but is not the best solution on the market

What is our primary use case?

Our primary use case of this solution is for our customer's operations. 

What is most valuable?

The ability to add extensions is the most valuable feature. For example, extensions that provide valuable test ports.

What needs improvement?

I don't think this is the best solution on the market because it takes much longer than ArcSight, for example, which provides more flexibility and capability to create much more complex use cases. Other tools provide more valuable things that you can do for the active channel. 

I would like for them to develop out of the box content that doesn't require too much customization. Most of the out of the box we get from it requires too much customization. I would also like to see dynamic filters and better cross-integration between functions.  

For how long have I used the solution?

Less than one year.

What do I think about the scalability of the solution?

We've only been using it for eight months so we haven't scaled much during this time but it seems to be very scalable. We use it a minimum of eight hours a day.

Which solution did I use previously and why did I switch?

We used ArcSight.

What about the implementation team?

We did the integration ourselves. It was straightforward. 

What's my experience with pricing, setup cost, and licensing?

It is cheaper than ArcSight. 

What other advice do I have?

I would rate this solution a six out of ten. 

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment