Most Helpful Review
Use IBM QRadar User Behavior Analytics? Share your opinion.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Most of the features are good. It is an excellent solution."
"In terms of the most valuable features, the log collections and log processing mechanisms are good. They have good dashboards."
"QRadar shows very effective correlations. If you combine all the logins plus user behavior and the current intelligence, it gives a very good correlation for business. I think it reduces the false positives in user activity monitoring because there is a lot of social information to correlate with other data."
"It has a powerful GUI where you can put together your use cases, and don't have to write your own scripts."
"I really like the feature we have with the logs, that if there are any credit card numbers being used, like a PII, you can just use rejects and you can mask it. This is a really good feature in QRadar."
"The feature that I find the most useful is that IBM QRadar User Behavior Analytics is free of charge. It's a fully free product that can be installed on top of IBM QRadar SIEM."
"It provides many options for searching. I can see devices from different vendors, like Cisco, in one interface, which is good for me."
"Integration is very easy and the reporting is good."
"One of the most valuable features is the ability to report on questionable activity."
"The solution works well when used with other Microsoft solutions."
"The stability of the solution is very good."
"IMB should reduce the pricing, or reduce some of the features for a more economical solution for the customer."
"They have to build more quantitative monitoring, profiling, and make it more predictive."
"From a functionality point of view there are issues sometimes."
"While the interface is easy to use, it could be a little more responsive."
"There should be an extension where we can get the reports. This could be an extension to the dashboard with the Guardian or another product with limited technology, for example IPS. Now, we only have IBM. Basically, it needs more and more integration models."
"The user interface and configurability of IBM QRadar User Behavior Analytics can be improved. It has a lot of pre-configured settings and not many things can be changed. It also needs more integrations. Currently, User Behavior Analytics is integrated only with IBM QRadar. It could have deeper integrations. It can also have more complicated scoring models. Currently, it has a very simple linear scoring model for users."
"We sometimes get an error about the hard drive. Approximately once in two months, we can't find the logs, and they go missing, which is a terrible issue. We are getting support for this issue from our support company."
"The dashboard is pathetic and it takes a long time to perform a search."
"Some of the newer features are not completely there yet... For example, there's a tool that allows you to grade your overall internal security and I don't feel that it's completely accurate."
"It would be ideal if the interface allowed for more granular configurations. For example, if I were to set a rule that is a deviation from the pre-defined rules in the Microsoft product, there's conflict."
"There are occasions where it generates some false positives and you have to embark into figuring it out. You need to find out if it was a true alert or a false positive. It's a little bit cumbersome in that area."
Pricing and Cost Advice
"The price of this solution is a little bit expensive, so if it were cheaper then it would help."
"It's free of charge."
"The price of this product is high."
"I believe we are looking into new licenses. They may be called the E5. Honestly, I don't have it on top of my mind, but I think it's around seven to $10 a user per month."
Questions from the Community
Top Answer: In terms of the most valuable features, the log collections and log processing mechanisms are good. They have good dashboards.
Top Answer: There are more costs in addition to standard licensing; support, building.
Top Answer: They have to build more quantitative monitoring, profiling, and make it more predictive.
Top Answer: The solution works well when used with other Microsoft solutions.
Top Answer: The software is not as advanced as many competitors. It doesn't offer the level of granularity that other software might. It would be ideal if the interface allowed for more granular configurations… more »
out of 38 in User Behavior Analytics - UEBA
Average Words per Review
In User Behavior Analytics - UEBA
Compared 44% of the time.
Compared 24% of the time.
Compared 11% of the time.
Compared 11% of the time.
Compared 10% of the time.
Compared 27% of the time.
Compared 22% of the time.
Compared 12% of the time.
Compared 9% of the time.
Compared 4% of the time.
Also Known As
|IBM QRadar UBA, QRadar UBA, QRadar User Behavior Analytics||Microsoft Advanced Threat Analytics|
The User Behavior Analytics for QRadar (UBA) app is a tool for detecting insider threats in your organization. It is built on top of the app framework to use existing data in your QRadar to generate new insights around users and risk. UBA adds two major functions to QRadar: risk profiling and unified user identities.
Risk profiling is done by assigning risk to different security use cases. Examples might include simple rules and checks such as bad websites, or more advanced stateful analytics that use machine learning. Risk is assigned to each one depending on the severity and reliability of the incident detected. UBA uses existing event and flow data in your QRadar system to generate these insights and profile risks of users.
|Microsoft Advanced Threat Analytics (ATA) provides a simple and fast way to understand what is happening within your network by identifying suspicious user and device activity with built-in intelligence and providing clear and relevant threat information on a simple attack timeline. Microsoft ATA is an on-premises platform to help you protect your enterprise from advanced targeted attacks by automatically analyzing, learning, and identifying normal and abnormal entity (user, devices, and resources) behavior. It detects suspicious activities and malicious attacks with behavioral analytics, adapts to the changing nature of cyber-security threats, focuses on what is important with a simple attack timeline and reduces false positive fatigue.|
Learn more about IBM QRadar User Behavior Analytics
Learn more about Microsoft ATA [EOL]
Information Not Available
|Turkish Airlines, Seoul National University Bundang Hospital, Empa, The Alberta Teachers' Association|
Comms Service Provider39%
Computer Software Company17%
Computer Software Company27%
Comms Service Provider17%
Financial Services Firm7%
No Data Available
IBM QRadar User Behavior Analytics is ranked 13th in User Behavior Analytics - UEBA with 8 reviews while Microsoft ATA [EOL] is ranked unranked in User Behavior Analytics - UEBA with 3 reviews. IBM QRadar User Behavior Analytics is rated 6.8, while Microsoft ATA [EOL] is rated 6.6. The top reviewer of IBM QRadar User Behavior Analytics writes "Stable and solid security intelligence but lacks some functionalities ". On the other hand, the top reviewer of Microsoft ATA [EOL] writes "Good integration, simple to maintain, and very stable". IBM QRadar User Behavior Analytics is most compared with Securonix UEBA, Cynet, LogRhythm Enterprise UEBA, Citrix Analytics and Splunk User Behavior Analytics, whereas Microsoft ATA [EOL] is most compared with Splunk User Behavior Analytics, Varonis Datalert, Securonix UEBA, Rapid7 InsightIDR and Rapid7 InsightVM.
See our list of best User Behavior Analytics - UEBA vendors.
We monitor all User Behavior Analytics - UEBA reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.