IBM QRadar Competitors and Alternatives

The top IBM QRadar competitors are
  • Splunk
  • LogRhythm NextGen SIEM
  • ArcSight
  • ELK Logstash
  • AlienVault
  • McAfee Enterprise Security Manager (McAfee ESM)
  • Fortinet FortiSIEM (AccelOps)
  • RSA NetWitness Logs and Packets (RSA SIEM)
Read reviews of IBM QRadar competitors and alternatives
ChrisSmith1
Real User
Information Security Architect at a healthcare company with 1,001-5,000 employees
Nov 20 2017

What is most valuable?

I believe the most valuable feature for us has been that we have all the logs together. We can query them, we can find all kinds of different situations that are going on in our... more»

How has it helped my organization?

Quicker ability to troubleshoot the problem, find the problem, get it fixed, and get the customers back up and using our system.

What needs improvement?

I'm sure there are always areas, in stability and scaling, that need improvement. I don't have anything right off that I can say I know needs improvement right at this point.

What other advice do I have?

Really figure out what you want it to do for you, because it is very flexible and can be used for many different purposes. Determine what you want to use it for, and then get the... more»
Splunk Logo
Splunk
MD Alam
Real User
System Administrator at Abdullah Al-Othaim Markets
Apr 15 2018

What is most valuable?

Searches logs from all devices and gives valuable information to the organisation, so it can drill down on all reports... more»

How has it helped my organization?

Alerts when a server is malfunctioning, monitors external attacks, and takes action to stop spreading viruses.

What needs improvement?

Make it easy to use and the cost cheaper. This will help all organisations to implement Splunk.

What's my experience with pricing, setup cost, and licensing?

Make it cheaper to help small organisations implement it easier.

Which other solutions did I evaluate?

We are using OpManager to monitor server logs.

What other advice do I have?

I have been using Splunk to increase my security experience.
reviewer619134
Real User
Direct Sales Director at a tech services company with 501-1,000 employees
May 11 2017

What is most valuable?

Full packet capture: A must in an SOC Possibility to investigate incidents based on logs and raw packets, such as... more»

How has it helped my organization?

We can monitor all traffic to/from our company. It is possible to track end user behaviour. With RSA NetWitness... more»

What needs improvement?

Integration with external tools should be built-in, such as an external sandbox for files. We can import data using... more»

What's my experience with pricing, setup cost, and licensing?

Prepare use cases, i.e., what to do and how. Collect information about EPS for logs and total bandwidth for packets.... more»

Which other solutions did I evaluate?

For full packet capture, we had Blue Coat Security Analytics. We switched because in NetWitness, we have everything... more»

What other advice do I have?

* Don’t rush. Prepare use cases for packets and logs as it is a very important part of deployment and future use. * Use... more»

Sign Up with Email