IBM QRadar Competitors and Alternatives 2019

Get our free report covering Splunk, LogRhythm, and other competitors of IBM QRadar.
311,143 professionals have used our research since 2012.
Read reviews of IBM QRadar competitors and alternatives
Vinod Shankar
Consultant
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Jul 06 2017

What is most valuable?

Flexible Deployment Architecture – This is where the Open Source roots really start to flex their muscles when it comes... more»

How has it helped my organization?

A jack-of-all trades: The best thing about AlienVault USM is it being a “Jack-of-All Trades” solution. It provides... more»

What needs improvement?

This product is jack-of-all trades, but master of none. As mentioned in the good, being a jack-of-all trades is well... more»

What's my experience with pricing, setup cost, and licensing?

One of the areas where AV USM benefits is price. It is affordable while offering a whole lot of SIEM features. This... more»

Which solutions did we use previously?

Customization: Again, this is one point where AlienVault outshines the competition in capability of customization. We... more»

What other advice do I have?

Product Vision Stagnation: This may not be much of an issue for potential users of AV USM. However, it is important to... more»
david hourani
Real User
Lead Splunk Architect at a financial services firm with 10,001+ employees
Jan 31 2017

What is most valuable?

Correlation and data normalization via CEF: The speed of ArcSight's correlation engine, together with data enrichment, makes it a great tool for... more»

What needs improvement?

Ease of use, access and simplicity: HPW ArcSight makes it hard to capitalize on reports without the use of the console. Other SIEM tools have... more»

What's my experience with pricing, setup cost, and licensing?

Price is fair compared to other SIEMs (Splunk, QRadar, etc.). It's not the go-to product if you are looking for something cheap. Go for... more»

Which solutions did we use previously?

We did not have a previous solution.

What other advice do I have?

My first advice is "be patient". It takes a lot of time to deploy an ArcSight infrastructure, but the result is worth it. Technically, it’s a... more»
Omar Sánchez (Mr.Tech)
Consultant
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services
Oct 21 2018

What is most valuable?

The dashboard centralizes the daily routine. We used to do this by hand. Now, we go through daily checklists, using the dashboard and setting up the alarms. It helps us to cut down the time on this routine. I am a cybersecurity director. I... more»

How has it helped my organization?

Manually, it used to take us a whole day to do strong monitoring. Now, it takes a maximum of two hours because of this product. It creates a single pane of glass. Plus, it gives us the liberty to do more in terms of use cases, especially... more»

What needs improvement?

The Web Application Firewall will send you too much information because it's more dedicated to security than a normal firewall.
Rohit Mazumdar
Real User
Security Specialist at a tech services company with 201-500 employees
Jul 04 2017

What is most valuable?

In the investigation panel, you can drill down to any specific metadata values for any event source.

How has it helped my organization?

The custom dashboard and correlation alerts in this solution improved our incident response process.

What needs improvement?

Sometimes the investigation panel and reporting engine work very slowly.

What's my experience with pricing, setup cost, and licensing?

If you get a good discount on the product, or if you feel you need a less expensive solution compared to QRadar or... more»

Which solutions did we use previously?

We used Envision. It was outdated, so we switched to this solution.

What other advice do I have?

It's very simple to implement. The only problem is with the high availability mode for VLC. If you want this, work with... more»
Vagner Araujo Silva
Real User
Information Security Analyst at a tech services company with 501-1,000 employees
May 11 2017

What is most valuable?

The easy interface is the most valuable feature.

How has it helped my organization?

Through correlation rules, it finds malware that compromised the computer that anti-virus and other security solutions... more»

What needs improvement?

I had a couple of problems collecting Windows events. The local plugin should be easier to use, because when ESM is... more»

What's my experience with pricing, setup cost, and licensing?

The product is worth the price. There are other cheaper tools in the market, but it is harder to work with them.

Which solutions did we use previously?

I used different solutions, but for different clients.

What other advice do I have?

Stay focused, read the documentation, plan it well, and the project will be a success.
Get our free report covering Splunk, LogRhythm, and other competitors of IBM QRadar.
311,143 professionals have used our research since 2012.

Sign Up with Email