We performed a comparison between IBM Security QRadar and Seceon Open Threat Management Platform based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"The initial setup is very simple and straightforward."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"It's quite scalable. We have upgraded some solutions from 1000 APS up to 3500 APS to 5000 APS. It's a good solution, they have no scalability issues."
"It has a lot of good correlation rules. From a customer's point of view, it is one of the best solutions because you don't need to create correlation rules from scratch. You just review them and customize them as you want."
"The most valuable feature is the integration with the GRD, for banking."
"It is a bit easier to use than other products, such as Splunk or ELK Elasticsearch."
"Blocks of predefined conditions can be used to configure detection rules without having to write complicated script."
"An engineer can live-monitor all the flow happening in real-time. This would help us a lot while investigating a case, and it would even help us with preventive actions."
"It's hard for me to pinpoint any one feature that's most valuable because it is all about consuming logs and analyzing them. We started using QRadar UBA because we needed something that could analyze Linux authentication information. Other products take care of the Windows platform."
"What's most valuable in IBM QRadar User Behavior Analytics is its higher availability than other tools."
"The solution is very cost-effective compared to Splunk and LogRhythm."
"I like that it's an AI-based platform. The most valuable feature is that it's a comprehensive solution. Most tools in the marketplace are comprised of miscellaneous items. They fail to provide real-time remediation features. However, with Seceon Open Threat Management Platform, anything you can think of in cybersecurity, like auto-remediation, real-time response, and even on-premise components, is available in a single platform. So, it's perfect for finance and healthcare who don't want to share their data with a third party like the cloud. You can have this on-premise as well. So, the expenditure will be lower as less human intervention is required."
"The algorithm used in Seceon OTM is clear and logical, categorizing events as needed. This helps us identify and respond to threats effectively."
"We only recently started using Seceon, so we aren't taking advantage of all its features yet. We have enabled some proactive alerts about utilization and bottlenecks from high traffic."
"The most valuable features are behaviour analytics, threat intelligence, endpoint detection, and response features."
"Seceon Open Threat Management Platform notifies only genuine alerts. It offers plenty of options that are suitable for MSPs."
"The solution is stable."
"You can use different solutions in a single platform which is very easy and attractive for customers."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"The AI capabilities must be improved."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"The only challenge with products like IBM is the EPS. You just have to be really on the events per second, as that's where the cost factor becomes a huge issue."
"I would suggest QRadar release any documentation or give an online demo, like videos on YouTube. It would increase publicity and public appeal."
"The solution lacks vendor support."
"The only problem is that if you have too many events that occur, then the storage capacity becomes a problem. We would need to increase the storage capacity."
"I would like to see some artificial intelligence and alternative solutions."
"There should be an extension where we can get the reports. This could be an extension to the dashboard with the Guardian or another product with limited technology, for example IPS. Now, we only have IBM. Basically, it needs more and more integration models."
"Pricing model could be more cost-effective."
"The solution is difficult to understand in the beginning and has complex management configurations that can be improved."
"The product could be improved by including sandboxing capabilities in the next release."
"It would be better if they offered global coverage."
"We are at the client’s end, offering services. They don’t know about security rules and benchmarks. We are working on the discovery and remediation but we don’t really have the intelligence that was available while working with other tools. Human working is also very essential for the solution. The automatic session is impossible to play since it needs to touch Redfin for further analysis. No one has breached our clients."
"It is a standalone solution now. They need to make it into a cloud-based subscription model. It needs more compatibility for co-managed solutions. It can also have more threats and deeper integration with Microsoft."
"The dashboard has always been an issue."
"The SOP they provided wasn't great. They offered training over Sherp Virtualization, and the Seceon leadership visited our location to explain everything in detail, but the documentation and training could be better. It isn't as effective as it could be. There's some room for improvement there."
"The product should improve the triggering rate."
"The management console could use some enhancements."
More Seceon Open Threat Management Platform Pricing and Cost Advice →
IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews while Seceon Open Threat Management Platform is ranked 25th in Security Information and Event Management (SIEM) with 10 reviews. IBM Security QRadar is rated 8.0, while Seceon Open Threat Management Platform is rated 8.4. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Seceon Open Threat Management Platform writes "Has the ability to categorize alerts and reporting dashboards are useful". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Fortinet FortiSIEM, whereas Seceon Open Threat Management Platform is most compared with Securonix Next-Gen SIEM, Fortinet FortiSIEM, Splunk Enterprise Security, ManageEngine Log360 and Elastic Security. See our IBM Security QRadar vs. Seceon Open Threat Management Platform report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.