We performed a comparison between IBM Security QRadar and Datadog based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Datadog users like its customizable displays, error tracking, and advanced AI/ML capabilities. QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. Datadog could enhance its usability and reduce its learning curve. Users said integration was another pain point.
Service and Support: Some QRadar customers have had trouble connecting with knowledgeable support staff and experienced delayed responses. While many users spoke highly of Datadog’s support team, others reported slow support, especially in the Asia-Pacific region.
Ease of Deployment: QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Datadog’s setup is considered straightforward, and users often receive help from a partner or vendor.
Pricing: QRadar can be costly because users need to buy new hardware to upgrade. Opinions about Datadog's price are divided. Some users found it costly, but others thought it was acceptable. Some said the pricing model could be clearer and better explained.
ROI: QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. Users said Datadog saved them time and improved visibility into security blind spots.
"The most valuable features of Datadog are the flexibility and additional features when compared to other solutions, such as AppDynamics and Dynatrace. Some of the features include AI and ML capabilities and cloud and analysis monitoring"
"The most valuable features have been: Sharable dashboards, TimeBoards, dogstatsd API, Slack Integration, Event logging API. CloudTrail Events, Tags, alerts, and anomaly detection. EBS Volume Snapshot Age, which they added upon request."
"We enjoy the multistep API tests."
"The integration and configuration are incredibly simple. The SaaS offering is remarkably easy to set up, especially if you're coming from a Graphite environment or anything that uses a StatsD."
"We integrate our application logs. It is great to be able to tie our metrics and our traces together."
"We really like the charts and visualization."
"Excellent autocomplete for everything in the UI."
"It is a good one stop location where we keep all our data for our infrastructure, and it's also easier to navigate between different things."
"The visibility it gives you into your infrastructure has been great."
"Stability-wise, I rate the solution a ten out of ten."
"QRadar, Splunk, and ArcSight are SIEM solutions with built-in AI/ML features. They can do the complete investigation and alert the admin about what is happening. They can also do the root cause analysis. There are many other features that come with QRadar. It has a more granular log, so you can integrate with various non-IT as well as IT-based components. You can get unstructured data to the SIEM data, and you can identify more what is happening in the network or what is happening in the central head office. You can also identify what is happening between your remote offices. You can also use it to identify what the users in the field are doing on their devices and how things are moving. From the integration point of view, it is very centric. It gives complete control centrally. If a user is not connected to the system, whenever he comes online, we can see the policy updates over the Internet, and we can ensure that the data that is supposed to be protected is protected."
"The most valuable features are log monitoring, easy-to-fix issues, and problem-solving."
"It'll get you from point A to B."
"We can easily monitor many things using this tool."
"The most valuable features are the versatility of this solution and the variety of things you can do with it."
"Flexible and valuable product that is modular, so you can easily set up a roadmap for your clients."
"I've found that the documentation is lacking in certain regards."
"I'm not sure if Datadog can monitor K8s deployments in real-time. For instance, being able to see a deployment step by step visually. This would be helpful if there were any incidents during the deployment."
"When the logs are too big, and Datadog splits them, the JSON format breaks and it is not so useful for us."
"I'd like to see better pricing and more integration in the next release."
"Datadog is so feature-rich that it is often hard to onboard new folks and tough to decide where to invest time."
"It can have an artificial intelligence component. Even though I can seamlessly look at end-to-end security, it would be better to have alerts and notifications powered by an AI engine. I am not sure if they have an AI component. We have not reached out to them or looked at it, but this is something that I keep on talking about within our company in terms of features. Such a feature would be good to have, and it would further optimize my Security Ops team's abilities."
"Sometimes, it takes a long time to load the dashboard if we have many charts."
"This service could be less costly."
"The IBM support can be better."
"There should be easier and wider integration opportunities. There should be more opportunities for integration with CTI info sharing areas. On platforms where you exchange CTI, there should be more visibility connected to what we share, what we can reach, or what options are connected to CTI info sharing. This is one area where they could add value because we cannot integrate it easily with QRadar. If a client has a legacy or already existing solutions for CTI, we cannot ask them to forget it because we cannot guarantee that QRadar is able to deliver everything connected to this area."
"Technical support really needs to be improved. Right now, they aren't where they need to be at all."
"The architecture could be improved. I got stuck for a long time trying to understand the architecture, as it is quite challenging."
"The solution lacks some maturity."
"In terms of what could be improved, I would say the script which we have to create for custom actions. QRadar needs to improve that feature. Additionally, QRadar has to provide the playbooks designing features."
"IBM Security QRadar’s GUI could be improved."
"The user interface needs improvement."
Datadog is ranked 2nd in Log Management with 137 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Datadog is rated 8.6, while IBM Security QRadar is rated 8.0. The top reviewer of Datadog writes "Very good RUM, synthetics, and infrastructure host maps". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Datadog is most compared with Dynatrace, Azure Monitor, New Relic, AWS X-Ray and AppDynamics, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh and LogRhythm SIEM. See our Datadog vs. IBM Security QRadar report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.