We performed a comparison between IBM Security QRadar and Securonix UEBA based on real PeerSpot user reviews.
Find out what your peers are saying about IBM, Splunk, Rapid7 and others in User Entity Behavior Analytics (UEBA)."It has a good integration with the artificial intelligence engine of Watson."
"The solution can scale."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"It has improved comprehensive visibility for what is going on in the perimeters, and on the inside, as well."
"Customer service is very good and very helpful."
"The most valuable feature is the integration with the GRD, for banking."
"The product provides a complete platform for ingesting the log, doing the correlations and handling the runtime."
"Blocks of predefined conditions can be used to configure detection rules without having to write complicated script."
"One of the most valuable features is UEBA. It's pretty helpful for us to make sure of our thresholds for any of our clients."
"Their user and entity behavior analysis algorithms are the most valuable features."
"The feature dashboard is very well organized and intuitive to use. It organizes information on a timeline which is exactly what we need for insider threat future-analysis."
"Search capability and indexing still lag behind competitors. We also need to see improved rule based access controls and rule/event tuning."
"I'd like them to improve the offense. When QRadar detects something, it creates what it calls offenses. So, it has a rudimentary ticketing system inside of it. This is the same interface that was there when I started using it 12 years ago. It just has not been improved. They do allow integration with IBM Resilient, but IBM Resilient is grotesquely expensive. The most effective integration that IBM offers today is with IBM Resilient, which is an instant response platform. It is a very good platform, but it is very expensive. They really should do something with the offense handling because it is very difficult to scale, and it has limitations. The maximum number of offenses that it can carry is 16K. After 16K, you have to flush your offenses out. So, it is all or nothing. You lose all your offenses up until that point in time, and you don't have any history within the offense list of older events. If you're dealing with multiple customers, this becomes problematic. That's why you need to use another product to do the actual ticketing. If you wanted the ticket existence, you would normally interface with ServiceNow, SolarWinds, or some other product like that."
"IBM Security QRadar lacks automated response. With this feature, there's no need to visit VirusTotal or other sites for IP reputation. There should be a small plug-in where users can click to retrieve details about the reputation and organization of public IP."
"Some of the cloud apps need improvement."
"The threat intelligence functionality can be better. In addition, it can have more monitoring capabilities."
"IBM QRadar Advisor with Watson could be more user-friendly. You need some skills and understanding of what you're looking at, especially if you're going to draw down specific information."
"You can scale IBM QRadar User Behavior Analytics, but it has room for improvement."
"IBM QRadar has a margin for development, for out-of-the-box use cases. It can be enhanced with better support and automate the use cases for that."
"When compared to others, if you look at the integration aspect, I believe that some aspects of integration can be enhanced."
"The area that needs improvement is reporting."
"There is room for improvement in the algorithms. Although I said that we have a very solid starting point - our existing library is already very comprehensive - we constantly find areas where we need to develop new algorithms. That is common across platforms. Any vendor with a solid starting point would still need to continue to evolve."
IBM Security QRadar is ranked 1st in User Entity Behavior Analytics (UEBA) with 198 reviews while Securonix UEBA is ranked 14th in User Entity Behavior Analytics (UEBA) with 3 reviews. IBM Security QRadar is rated 8.0, while Securonix UEBA is rated 10.0. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Securonix UEBA writes "Inbuilt detection algorithms, attentive technical support, and reasonably priced". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Securonix UEBA is most compared with Splunk User Behavior Analytics, ArcSight Analytics and Securonix Next-Gen SIEM.
See our list of best User Entity Behavior Analytics (UEBA) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
All three security solutions are defined and different smartness they hold it all depends on how is your requirement.
Securonix UEBA is a Hadoop bases UEBA technology tool the tools understand the infrastructure and users and then work accordingly. (Wide Customer industry support) (Average cost)
IBM QRadar is a SIEM with all in the composite tool can bring in UEBA and other security solution. (Wide Customer industry support) (Average cost)
Exabeam is a mathematical bases security solutioning tool, it learns infra and then provides a solution, it's a bit noisy in some instances. (Medium Customer industry support) (Costly)
If you tell us what exactly you require or how id your infra set up, then it would good to suggest a tool.