IBM QRadar Competitors and Alternatives
Read reviews of IBM QRadar competitors and alternatives
Review of Netsurion
Oct 22 2020
What is most valuable?Monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our… more »
How has it helped my organization?EventTracker enables us to keep on top of our work. We're a hospital, so we're 24/7. We don't have enough staff to do that, so they're able to monitor things off-hours, and then even during hours I… more »
What needs improvement?Communication is always something that can be improved, but I feel that any time we've had a communication issue, it's quickly addressed when we bring those up at the monthly meetings. Usually, it's… more »
What's my experience with pricing, setup cost, and licensing?They've been very fair. I think that we've had to push back a little bit here and there on pricing.
Which solution did I use previously and why did I switch?At a previous company, we used a different tool. It was a much more encompassing tool that does a bunch of different event monitoring, correlation, and aggregation. It was a management suite that did… more »
What other advice do I have?The biggest lesson I have learned is that the outsourcing of this service has a dramatic impact on the organization. We can't just keep throwing bodies at it internally, we have to leverage somebody… more »
Review of Devo
Sep 30 2020
What is most valuable?The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get… more »
How has it helped my organization?It has allowed us to have a better handle on how much data we are bringing in for a customer, so we are able to analyze all the things that are important, instead of making decisions about what data… more »
What needs improvement?There is room for improvement in the ability to parse different log types. The breadth of overall log parsers that exists right now is an area that they could improve. Natively, there's more that… more »
Which solution did I use previously and why did I switch?We were using Splunk before Devo, which we still use and have not transitioned off of fully. However, our experience with Devo has been significantly better, especially from a support perspective. The… more »
What other advice do I have?No SIEM deployment is ever going to be easy. You want to attack it in order of priorities for what use cases matter to your business, not just log sources. We are not using the Activeboards as much as… more »
Which other solutions did I evaluate?We evaluated Graylog as well as QRadar as potential options. Neither of those options met our needs or use cases.
Review of FireEye
May 19 2020
What is most valuable?The integration is very useful and very easy. You can have an API connection with any cloud and I am able to do both ways of communication with the help of the API. The local center can help you to address the network. We place a logger… more »
What needs improvement?Helix will do well after the pandemic because everybody will be looking for a cloud solution and it is cloud-native. There are certain changes we are bringing onto our endpoint and our ETP network security. So everything makes an impact on… more »
What's my experience with pricing, setup cost, and licensing?If a customer uses FireEye cloud-based network security solution, Helix is free for them no matter how many logs or EPS they use. But they need a license for third-party logs. Licensing is done per EPS.
Which solution did I use previously and why did I switch?Integrating anything on QRadar is very hard. If you want to upgrade the EPS you have to consider upgrading the appliance but with FireEye, if the customer has to compute, FireEye gives them a file to install on his computer and he can send… more »
What other advice do I have?Don't be afraid. Request a demo or POC. See the features and if you find it interesting, start implementing it for your use cases. I would recommend it because it really works. I would rate it a nine out of 10. We have certain challenges… more »
Review of Exabeam
May 13 2020
Good at security logging in our infrastructure but be prepared for problems if you start with a large implementation
What is most valuable?The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it. It's good at security logging in our infrastructure but not really application logging.
What other advice do I have?We reviewed four different vendors but before we did the evaluation, we took a deep look at our use cases to understand our requirements so we would know the expected use cases and requirements on the system. It's important to know what you want to use it for. For us, it was about security use cases. If you are a new customer, you should think of the use cases that you have. All of the vendors we… more »
Which other solutions did I evaluate?We did a POC with Splunk, IBM QRadar and Securonix and we came to the conclusion that Exabeam was the best option for us. Everybody knows that Splunk is the top product but it's very expensive. The price model is based on the volume of logs of data that you process in the system. It's very unpredictable and expensive compared to other products.
Review of AT&T
Aug 18 2019