We performed a comparison between IBM Security QRadar and Splunk User Behavior Analytics based on real PeerSpot user reviews.
Find out in this report how the two User Entity Behavior Analytics (UEBA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I think the QDI is very good."
"The solution is easy to use, manage, and review all incidents."
"The most valuable features are the AI assistant, which is good at detecting known types of behavior."
"The playbook engine is flexible and allows for the graphical visualization of processes, enabling the implementation of dynamic playbooks for incident response or testing."
"The most valuable thing about QRadar is that you have a single window into your network, SIEM, network flows, and risk management of your assets. If you use Splunk, for instance, then you still need a full packet capture solution, whereas the full packet capture solution is integrated within QRadar. Its application ecosystem makes it very powerful in terms of doing analysis."
"The scalability is awesome, because QRadar includes other solutions in the same console."
"The most valuable feature is the QRadar Vulnerability Manager which provides vulnerability scans. In addition, I like the way QRadar generates alerts."
"One of the most valuable features is its ability to integrate with other solutions. IBM has a lot of solutions and we have managed to make it work with IBM BigFix and MaaS360, and even Microsoft."
"The solution is fast, flexible, and easy to use."
"The most valuable feature is the ability to search through a large amount of data."
"The solution is definitely scalable."
"The most valuable feature is being able to take data and put it into other systems so that we could see the output, and to see where we need to apply our focus."
"The most valuable features are the indexing and powerful search features."
"Splunk is more user-friendly than some competing solutions we tried."
"The product is at the forefront of auto-remediation networking. It's great."
"This intelligent user behavior analytics package is easy to configure and use while remaining feature filled."
"Technical support could be improved by a bit."
"The product does not have a team for investigating malware."
"The IBM support can be better."
"The tool is very complicated. One place for improvement would be to have a more user-friendly interface. Having better support in Spanish would be cool."
"I would like to see a better GUI."
"I think that the search speed of this solution could be improved."
"The whole process for support is something that needs to be improved."
"QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month."
"The price of Splunk UBA is too high."
"We want to have an automated system for bot hunting that enables us to detect anomalies predictively based on historical data. It would be helpful if Splunk included process mining as an alternative option. We have a threat workflow, but it would be useful if we could supplement that with some process mining capabilities over time."
"We'd like the ability to do custom searches."
"The correlation engine should have persistent and definable rules."
"They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases."
"The initial setup was complex because some of the configurations that we required needed customization."
"The solution is much more expensive than relative competitors like ArcSight or LogRhythm. It makes it hard to sell to customers sometimes."
"There are occasional bugs."
More Splunk User Behavior Analytics Pricing and Cost Advice →
IBM Security QRadar is ranked 1st in User Entity Behavior Analytics (UEBA) with 198 reviews while Splunk User Behavior Analytics is ranked 2nd in User Entity Behavior Analytics (UEBA) with 17 reviews. IBM Security QRadar is rated 8.0, while Splunk User Behavior Analytics is rated 8.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Splunk User Behavior Analytics writes "Easy to configure and easy to use solution that integrates with many applications and scripts ". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Cortex XSIAM, whereas Splunk User Behavior Analytics is most compared with Darktrace, Microsoft Defender for Identity, Varonis Datalert, Cynet and Exabeam Fusion SIEM. See our IBM Security QRadar vs. Splunk User Behavior Analytics report.
See our list of best User Entity Behavior Analytics (UEBA) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.