We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The most valuable feature is the log monitoring."
"The features I have found most valuable are it capabilities for behavioral analytics and anomaly detection."
"The correlation engine is good."
"Most of the features are good. It is an excellent solution."
"In terms of the most valuable features, the log collections and log processing mechanisms are good. They have good dashboards."
"QRadar shows very effective correlations. If you combine all the logins plus user behavior and the current intelligence, it gives a very good correlation for business. I think it reduces the false positives in user activity monitoring because there is a lot of social information to correlate with other data."
"It has a powerful GUI where you can put together your use cases, and don't have to write your own scripts."
"I really like the feature we have with the logs, that if there are any credit card numbers being used, like a PII, you can just use rejects and you can mask it. This is a really good feature in QRadar."
"The feature that I find the most useful is that IBM QRadar User Behavior Analytics is free of charge. It's a fully free product that can be installed on top of IBM QRadar SIEM."
"It provides many options for searching. I can see devices from different vendors, like Cisco, in one interface, which is good for me."
"Integration is very easy and the reporting is good."
"ArcSight is not a user-friendly solution and the interface needs to be improved."
"ArcSight's features that can be improved include anything related to its visualization capabilities and user friendliness."
"It needs more user analytics and aggregation user queries. And it's slow. When you query over ArcSight, it is very slow."
"IMB should reduce the pricing, or reduce some of the features for a more economical solution for the customer."
"They have to build more quantitative monitoring, profiling, and make it more predictive."
"From a functionality point of view there are issues sometimes."
"While the interface is easy to use, it could be a little more responsive."
"There should be an extension where we can get the reports. This could be an extension to the dashboard with the Guardian or another product with limited technology, for example IPS. Now, we only have IBM. Basically, it needs more and more integration models."
"The user interface and configurability of IBM QRadar User Behavior Analytics can be improved. It has a lot of pre-configured settings and not many things can be changed. It also needs more integrations. Currently, User Behavior Analytics is integrated only with IBM QRadar. It could have deeper integrations. It can also have more complicated scoring models. Currently, it has a very simple linear scoring model for users."
"We sometimes get an error about the hard drive. Approximately once in two months, we can't find the logs, and they go missing, which is a terrible issue. We are getting support for this issue from our support company."
"The dashboard is pathetic and it takes a long time to perform a search."
"The price of this solution is a little bit expensive, so if it were cheaper then it would help."
"It's free of charge."
"The price of this product is high."
Earn 20 points
ArcSight User Behavior Analytics offers enterprises the ability to monitor and detect from internal and external security threats and fraud.
The User Behavior Analytics for QRadar (UBA) app is a tool for detecting insider threats in your organization. It is built on top of the app framework to use existing data in your QRadar to generate new insights around users and risk. UBA adds two major functions to QRadar: risk profiling and unified user identities.
Risk profiling is done by assigning risk to different security use cases. Examples might include simple rules and checks such as bad websites, or more advanced stateful analytics that use machine learning. Risk is assigned to each one depending on the severity and reliability of the incident detected. UBA uses existing event and flow data in your QRadar system to generate these insights and profile risks of users.
ArcSight Analytics is ranked 16th in User Behavior Analytics - UEBA with 3 reviews while IBM QRadar User Behavior Analytics is ranked 8th in User Behavior Analytics - UEBA with 8 reviews. ArcSight Analytics is rated 6.6, while IBM QRadar User Behavior Analytics is rated 6.8. The top reviewer of ArcSight Analytics writes "Has good behavioral analytics and anomaly detection features ". On the other hand, the top reviewer of IBM QRadar User Behavior Analytics writes "Stable and solid security intelligence but lacks some functionalities ". ArcSight Analytics is most compared with Securonix UEBA and Varonis Datalert, whereas IBM QRadar User Behavior Analytics is most compared with Splunk User Behavior Analytics, Securonix UEBA, Cynet, LogRhythm Enterprise UEBA and Citrix Analytics. See our ArcSight Analytics vs. IBM QRadar User Behavior Analytics report.
See our list of best User Behavior Analytics - UEBA vendors.
We monitor all User Behavior Analytics - UEBA reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.