We performed a comparison between IBM Security QRadar and Microsoft ATA [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about IBM, Splunk, Rapid7 and others in User Entity Behavior Analytics (UEBA)."It helps us discover any threats with their alerts and tracking."
"The ability to transition from microscopic to macroscopic view, instantly, is very good."
"We get events and make the correlation, or rules. In IBM, we can implement our customer's rules. We can have very clear status threats and severity of antigens."
"The most valuable feature is the QRadar Vulnerability Manager which provides vulnerability scans. In addition, I like the way QRadar generates alerts."
"Provided that the report is prebuilt and I can find what I am looking for, the reporting is the most valuable feature in this solution."
"The playbook engine is flexible and allows for the graphical visualization of processes, enabling the implementation of dynamic playbooks for incident response or testing."
"The best feature of IBM QRadar is visualization which shows you when there's a spike in the system, and this makes you realize that there's something wrong with the log."
"It's hard for me to pinpoint any one feature that's most valuable because it is all about consuming logs and analyzing them. We started using QRadar UBA because we needed something that could analyze Linux authentication information. Other products take care of the Windows platform."
"The solution works well when used with other Microsoft solutions."
"The stability of the solution is very good."
"One of the most valuable features is the ability to report on questionable activity."
"Solution has too many menus that require going to two or three sub-monitors to enter the QRadar."
"Dashboards and reports could provide better visualization of SIEM activity."
"It's resource-intensive."
"The IBM support can be better."
"The whole process for support is something that needs to be improved."
"IBM QRadar Advisor with Watson could be more user-friendly. You need some skills and understanding of what you're looking at, especially if you're going to draw down specific information."
"I have noticed a few things while working on this. After the restart of the server, sometimes, the services misbehave, and you need to manually start or restart the service. I have seen that specifically with the Tomcat service. Sometimes, when you click on log sources, instead of opening the log source extension, it redirects you over the internet."
"Pricing model could be more cost-effective."
"Some of the newer features are not completely there yet... For example, there's a tool that allows you to grade your overall internal security and I don't feel that it's completely accurate."
"It would be ideal if the interface allowed for more granular configurations. For example, if I were to set a rule that is a deviation from the pre-defined rules in the Microsoft product, there's conflict."
"There are occasions where it generates some false positives and you have to embark into figuring it out. You need to find out if it was a true alert or a false positive. It's a little bit cumbersome in that area."
Earn 20 points
IBM Security QRadar is ranked 1st in User Entity Behavior Analytics (UEBA) with 198 reviews while Microsoft ATA [EOL] doesn't meet the minimum requirements to be ranked in User Entity Behavior Analytics (UEBA). IBM Security QRadar is rated 8.0, while Microsoft ATA [EOL] is rated 6.6. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Microsoft ATA [EOL] writes "Easy to define rules but interface needs better granularity and only integrates well with other Microsoft solutions". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Microsoft ATA [EOL] is most compared with .
See our list of best User Entity Behavior Analytics (UEBA) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.