IBM QRadar vs RSA NetWitness Logs and Packets (RSA SIEM)

IBM QRadar is ranked 4th in Security Information and Event Management (SIEM) with 37 reviews vs RSA NetWitness Logs and Packets (RSA SIEM) which is ranked 9th in Security Information and Event Management (SIEM) with 3 reviews. The top reviewer of IBM QRadar writes "Correlates data across our global enterprise and integrates third-party solutions". The top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "We can investigate incidents based on logs and raw packets". IBM QRadar is most compared with Splunk, ArcSight and LogRhythm. RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar and ArcSight. See our IBM QRadar vs RSA NetWitness Logs and Packets (RSA SIEM) report.
Cancel
You must select at least 2 products to compare!
+Add products to compare
Most Helpful Review
Ibm qradar vs. rsa netwitness logs and packets %28rsa siem%29 report from it central station 2018 05 04 thumbnail
Find out what your peers are saying about IBM QRadar vs RSA NetWitness Logs and Packets (RSA SIEM) and others in Security Information and Event Management (SIEM).
270,047 professionals have used our research since 2012.

Quotes From Members Comparing IBM QRadar vs RSA NetWitness Logs and Packets (RSA SIEM)

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Pros
Providing real-time visibility for threat detection and prioritization - QRadar SIEM provides contextual and actionable surveillance across the entire IT infrastructure.Network-Based Anomaly Detection (NBAD): Using NetFlow, JFlow, SFlow, or QFlow (all 7 layers), offenses are detected as a response when a rule is triggered.Improved our organization's TCO.The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why.The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why.The most valuable features are all the implementations, the plug-ins, and the User Behavior Analytics (UBA).The pre-canned rules and reports in this product are a huge plus.Search capabilities are sufficient for most tasks.

Read more »

Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements.Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network

Read more »

Cons
AI is superb but need improvements.Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules.GUI needs to be improved.I would like to see a more user-friendly product.Maybe there should be more custom rules in the exchange. Basically, we are using a lot of threat rules, so maybe they'll develop something like that.QVM is another instance where they need to revise the vulnerability scoring and the proper remediation details.Search capability and indexing still lag behind competitors. We also need to see improved rule based access controls and rule/event tuning.

Read more »

Health monitoring of the event sources and devices.The system architecture is complex and sometimes it’s hard to troubleshoot potential problems.

Read more »

Pricing and Cost Advice
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much.IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much.Most of the time, it is easier and cheaper to buy a new product or the QRadar box.found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.

Read more »

The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).It’s cheaper to run virtual machines in a VMware environment.

Read more »

Ibm qradar vs. rsa netwitness logs and packets %28rsa siem%29 report from it central station 2018 05 04 thumbnail
Find out what your peers are saying about IBM QRadar vs RSA NetWitness Logs and Packets (RSA SIEM) and others in Security Information and Event Management (SIEM).
270,047 professionals have used our research since 2012.
Ranking
RANKING
Views
38,322
Comparisons
26,276
Reviews
37
Followers
2,985
Avg. Rating
8.3
Views
6,371
Comparisons
4,416
Reviews
3
Followers
901
Avg. Rating
7.7
Top Comparisons
Top Comparisons
Splunk logo
Compared 50% of the time.
Micro focus logo
Compared 12% of the time.
Logrhythm
Compared 11% of the time.
See more IBM QRadar competitors »
See more RSA NetWitness Logs and Packets (RSA SIEM) competitors »
Also Known As
Also Known AsQRadar SIEM, QRadar UBA, QRadar on Cloud, QRadarRSA Security Analytics
Website/Video
Website/VideoIBM
  • Vendor 7400 screenshot 1524637054
RSA
  • Vendor 7910 screenshot 1526975413
OverviewQuestionmark icon
Overview

The IBM QRadar security and analytics platform is a lead offering in IBM Security's portfolio. This family of products provides consolidated flexible architecture for security teams to quickly adopt log management, SIEM, user behavior analytics, incident forensics, and threat intelligence and more. As an integrated analytics platform, QRadar streamlines critical capabilities into a common workflow, with tools such as the IBM Security App Exchange ecosystem and Watson for Cyber Security cognitive capability.

With QRadar, you can decrease your overall cost of ownership with an improved detection of threats and enjoy the flexibility of on-premise or cloud deployment, and optional managed security monitoring services.

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

OFFER
Learn more about IBM QRadar
Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
Sample Customers
Sample CustomersClients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.Los Angeles World Airports, Reply
Top IndustriesQuestionmark icon
Top Industries
REVIEWERS
Financial Services Firm
25%
Transportation Company
21%
Pharma/Biotech Company
8%
Comms Service Provider
8%
VISITORS READING REVIEWS
Financial Services Firm
20%
Comms Service Provider
13%
University
6%
Philanthropy
6%
VISITORS READING REVIEWS
Financial Services Firm
20%
Energy/Utilities Company
16%
Comms Service Provider
15%
Retailer
13%
Company SizeQuestionmark icon
Company Size
REVIEWERS
Small Business
25%
Midsize Enterprise
10%
Large Enterprise
65%
VISITORS READING REVIEWS
Small Business
24%
Midsize Enterprise
19%
Large Enterprise
57%
VISITORS READING REVIEWS
Small Business
18%
Midsize Enterprise
20%
Large Enterprise
63%
Ibm qradar vs. rsa netwitness logs and packets %28rsa siem%29 report from it central station 2018 05 04 thumbnail
Find out what your peers are saying about IBM QRadar vs RSA NetWitness Logs and Packets (RSA SIEM) and others in Security Information and Event Management (SIEM).
Download now
270,047 professionals have used our research since 2012.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email