IBM QRadar Competitors and Alternatives

Get our free report covering Splunk, Elastic, LogRhythm, and other competitors of IBM QRadar. Updated: October 2020.
442,194 professionals have used our research since 2012.

Read reviews of IBM QRadar competitors and alternatives

Mark Lauteren
Real User
Chief Information Officer at ECRMC
Oct 22 2020

What is most valuable?

Monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our… more »

How has it helped my organization?

EventTracker enables us to keep on top of our work. We're a hospital, so we're 24/7. We don't have enough staff to do that, so they're able to monitor things off-hours, and then even during hours I… more »

What needs improvement?

Communication is always something that can be improved, but I feel that any time we've had a communication issue, it's quickly addressed when we bring those up at the monthly meetings. Usually, it's… more »

What's my experience with pricing, setup cost, and licensing?

They've been very fair. I think that we've had to push back a little bit here and there on pricing.

Which solution did I use previously and why did I switch?

At a previous company, we used a different tool. It was a much more encompassing tool that does a bunch of different event monitoring, correlation, and aggregation. It was a management suite that did… more »

What other advice do I have?

The biggest lesson I have learned is that the outsourcing of this service has a dramatic impact on the organization. We can't just keep throwing bodies at it internally, we have to leverage somebody… more »
Jordan Mauriello
Real User
SVP of Managed Security at Critical Start
Sep 30 2020

What is most valuable?

The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get… more »

How has it helped my organization?

It has allowed us to have a better handle on how much data we are bringing in for a customer, so we are able to analyze all the things that are important, instead of making decisions about what data… more »

What needs improvement?

There is room for improvement in the ability to parse different log types. The breadth of overall log parsers that exists right now is an area that they could improve. Natively, there's more that… more »

Which solution did I use previously and why did I switch?

We were using Splunk before Devo, which we still use and have not transitioned off of fully. However, our experience with Devo has been significantly better, especially from a support perspective. The… more »

What other advice do I have?

No SIEM deployment is ever going to be easy. You want to attack it in order of priorities for what use cases matter to your business, not just log sources. We are not using the Activeboards as much as… more »

Which other solutions did I evaluate?

We evaluated Graylog as well as QRadar as potential options. Neither of those options met our needs or use cases.
BiswabhanuPanda
Consultant
Senior Technical Consultant at Hitachi Systems Micro Clinic
May 19 2020

What is most valuable?

The integration is very useful and very easy. You can have an API connection with any cloud and I am able to do both ways of communication with the help of the API. The local center can help you to address the network. We place a logger… more »

What needs improvement?

Helix will do well after the pandemic because everybody will be looking for a cloud solution and it is cloud-native. There are certain changes we are bringing onto our endpoint and our ETP network security. So everything makes an impact on… more »

What's my experience with pricing, setup cost, and licensing?

If a customer uses FireEye cloud-based network security solution, Helix is free for them no matter how many logs or EPS they use. But they need a license for third-party logs. Licensing is done per EPS.

Which solution did I use previously and why did I switch?

Integrating anything on QRadar is very hard. If you want to upgrade the EPS you have to consider upgrading the appliance but with FireEye, if the customer has to compute, FireEye gives them a file to install on his computer and he can send… more »

What other advice do I have?

Don't be afraid. Request a demo or POC. See the features and if you find it interesting, start implementing it for your use cases. I would recommend it because it really works. I would rate it a nine out of 10. We have certain challenges… more »
Real User
Program Coordinator at a financial services firm with 10,001+ employees
May 13 2020

What is most valuable?

The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it. It's good at security logging in our infrastructure but not really application logging.

What other advice do I have?

We reviewed four different vendors but before we did the evaluation, we took a deep look at our use cases to understand our requirements so we would know the expected use cases and requirements on the system. It's important to know what you want to use it for. For us, it was about security use cases. If you are a new customer, you should think of the use cases that you have. All of the vendors we… more »

Which other solutions did I evaluate?

We did a POC with Splunk, IBM QRadar and Securonix and we came to the conclusion that Exabeam was the best option for us. Everybody knows that Splunk is the top product but it's very expensive. The price model is based on the volume of logs of data that you process in the system. It's very unpredictable and expensive compared to other products.
MohamedMohsen
Reseller
Founder & CEO at MnZ Technology Solutions
Aug 18 2019

What is most valuable?

What I like about this product, is that it is a fully-fledged solution. I don't need to buy any complementary products, everything comes in one box.

What needs improvement?

I would like to see an improvement in their threat exchange database because the OTX is not the best thing in the marketplace. There are better solutions. So if they could enhance our feature… more »

What's my experience with pricing, setup cost, and licensing?

The price was good and it matched out budget at that stage.

Which solution did I use previously and why did I switch?

We also used IBM QRadar before, but we did not get proper support and that's why we switched to AlienVault.

What other advice do I have?

If anybody asked me if am I happy with AlienVault, I would say that it is a very good product. Frankly speaking, if anybody asked me about QRadar or ArcSight I will say the same, but it requires lots… more »

Which other solutions did I evaluate?

We looked at ArcSight as an option at the beginning, but the pricing was not what we were looking for. And we don't have the proper channel to sell ArcSight in Egypt. That's why we decided to go to… more »
Get our free report covering Splunk, Elastic, LogRhythm, and other competitors of IBM QRadar. Updated: October 2020.
442,194 professionals have used our research since 2012.