IBM QRadar Other Advice

DAX Paulino
Cybersecurity Practice Lead at a tech services company with 201-500 employees
My advice is to take your time. It depends on your network, on what you want to gather information from. Make sure that the networking and the cybersecurity teams are working towards a common goal. The solution is very much worth it. You can gather all the information that you need as long as you know first what you need. This solution is mainly for the Security Operations Center, so there are just three or four users. But it's one of the key tools for us to identify threats and attacks. The users are security operations analysts and threat hunters. In our case, deployment and maintenance requires just a few people. They are the network administrators and our cybersecurity engineers. At the moment we have no plans to increase usage. If the company grows, usage should grow as well. The company is growing but, as of the moment, we are planning for expansion. That's why the solutions that we carry are already built for expansion for the next three to five years. I would rate QRadar at eight out of ten. It's not perfect and the big issues would be the price and it that it takes some time to understand it. But so far, it's one of the best solutions out there. View full review »
BALA
Program Manager at a tech services company
I would rate this solution eight and a half out of ten. View full review »
Vulnera08667
Vulnerability Manager at a tech services company with 51-200 employees
Just spec it correctly and it will do its job for you. It has an active community. IBM patches the product regularly when problems are picked up. I haven’t heard about a lot of problems from other people using the product. View full review »
Vulnera08667
Vulnerability Manager at a tech services company with 51-200 employees
Just spec it correctly and it will do its job for you. It has an active community. IBM patches the product regularly when problems are picked up. I haven’t heard about a lot of problems from other people using the product. When we only have four hours to respond, an hour can make a difference in waiting for support. View full review »
Vulnera08667
Vulnerability Manager at a tech services company with 51-200 employees
QRadar, as a product, might be very straightforward, but to fully understand the product you would need to go for the QRadar training. IBM's training for QRadar is very expensive but it really helps you use the product to its full potential. Before I went to the training, I only used about ten percent of its capability. I would recommend going for the training on the product. In terms of the number of users, it's not users logging in every day and doing stuff on QRadar. It's a handful of people from the team monitoring QRadar. We could be managing, for example, 50 or 70 customers through one dashboard and about ten people would be monitoring it. The users have a specific role. The amount of staff required for deployment or maintenance depends on the type of update or patch that's being deployed. For deployment of a new patch it, it could take anything from an hour to about ten hours. It depends on the patch, how big the patch is, and if you've gone through a testing phase or not. So there are multiple dependencies on how long it would take. An average, for me, would be three hours to do certain deployments. Currently it's being used quite widely. The only downfall of this product would be its price. I wouldn't recommend it for a small company. For larger companies I know it's being widely used. View full review »
Cyberspecial9875
Cyber Security Specialist at a manufacturing company with 1,001-5,000 employees
The solution functions very well. It is amazing but there are some bugs with it. The unknown bugs can just come up with the adaptor with the data stored in Qradar. On a scale from one to 10, ten being the best, I would rate this product an eight out of 10. View full review »
Larbi Belmiloud
Security Engineer at a tech services company with 11-50 employees
The first advice I give my customers before buying SIEM is: "You should understand the solution well before starting the implementation." If they don't understand the solution, they will never be able to use it correctly. This is the first piece. The second point is that they will resist to the change made to the setup installation. If they look for the solution, QRadar ATM is the best. View full review »
Dameer Siddiqui
Senior Associate Consultant at Skill Orbit (Pvt.) Ltd.
I would recommend IBM QRadar because of the security features and the organization. I can recommend the security. Security is nowadays an essential part of IBM QRadar. IBM QRadar is probably the best possible solution in the market. I would rate it an eight out of 10. View full review »
SenSec321
Senior Security Architect at a tech services company with 10,001+ employees
There are new things that are coming up in QRadar, such as AI to IBM Watson. This is going to create a huge impact in these types of solutions, because we don't have an artificial intelligence coming in. There are other tools that have artificial intelligence, but IBM QRadar getting integrated with artificial intelligence is the next step. It should be noted that the QRadar type products are actually changing their strategy. they will move on to the next stage that is called "Threat Hunting." Instead of waiting for some attack to happen and getting an alert, the new solutions will try to find out those suspicious activities in your network or environment and resolve it before it creates havoc. View full review »
QRadar677
B.T. Güvenlik Yöneticisi at a recruiting/HR firm with 10,001+ employees
There are many good products and solutions on the market, but for implementation and maintenance, I can say that the most important thing is local support. We do not have any issues with this product, and we have seen the benefits of it. It is easily configured and installed, and we have a local team to support it. It does have issues in terms of user experience, however. I would rate this solution an eight out of ten. View full review »
D.M.Hashim-Ul- Alom
Senior Server Security Engineer
I would rate it an eight out of ten. Not a ten because of the complex interface. View full review »
Damian Scott
Sr SIEM Consultant at a tech services company with 51-200 employees
Every SIEM tool has a certain degree of complexity, especially where use cases and rules are concerned. I advise using Professional Services so your SIEM is configured by trained professionals. View full review »
Nimesh Bhatia
IT Security and Business Development Manager at a tech services company with 51-200 employees
I would advise someone considering this solution to evaluate several solutions, compare them, and if there is an option for customization check with the solution provider, and then go for it. I would rate it a seven out of ten. It's a good solution, we've used it for a long time, but then there are a few issues with security. View full review »
SrSecAnalyst918
Sr. Security Analyst with 1,001-5,000 employees
Research, and don’t be afraid to do a few PoCs. Also, make sure you have a team for the tool. Most solutions require a team, so if you cannot apply a team towards the tool then hopefully you can use one of the managed SIEM options. View full review »
Reviewer258
Managing Director at a tech services company with 1,001-5,000 employees
If you are a medium to large size enterprise, you can surely consider IBM as one of the major contenders for your selection. If you are a small enterprise, QRadar may be too much for you, it may be too complex. When deciding on a solution, we always consider: * Cost-benefit * Shelf-life of the solution * Security of the solution View full review »
Srijan-Sivakumar
Director of Market Enabling Solutions at a tech services company with 51-200 employees
I would rate it a seven out of 10. I have had some challenges integrating this solution. Each organization is looking for security. If you have a SIEM tool, you can integrate it with all of your security devices, and get all your security logs. This console gives you the entire view, which makes life easier and allows you to take precautionary measures. People who handle only four or five security devices spread across the globe should go with this SIEM tool. View full review »
NetworkS3978
Network Security Engineer at a health, wellness and fitness company with 10,001+ employees
The most important criteria when selecting a vendor: stability. The security space is tough. Unlike a lot of other spaces, IBM will not be bought anytime soon as a 100 year-old company. View full review »
Muhammad Adeel
Senior Security Engineer at dig8labs
Overall, it's much better than other products. In terms of increasing its usage, I have suggested to my organization that it tell customers to use it, its capacity and capabilities, with other tools like Watson. View full review »
Mathieu Dorckel
Cybersecurity Engineer Consultant at a tech services company with 501-1,000 employees
Think scalability and make sure your product can be integrate into QRadar. View full review »
Onyegbule Uche
Technical Consultant at Activedge Technologies
I think this product adds significant value to organizations seeking a scalable, security integration tool. It does a great job of identifying, classifying, prioritizing, remediating, and mitigating software vulnerabilities. It's a good solution On a scale of 1 - 10, 10 being the best, I give this product a rating of 9. View full review »
Phillip Okemwa
Senior Information Security Analyst at a financial services firm with 501-1,000 employees
I would advise someone considering this solution to write down your use cases and evaluate them with the vendor. Evaluate the best solution based on your use cases because you are the ones who are going to use it. The vendor will try and implement and leave you with your problems. If the solution meets your requirements and solves most of your problems, you're good to go. QRadar is the best solution we have. The only challenge is that IBM has been a closed enterprise. It should be more open to integrating with other providers at an enterprise level. We're a bank and the core banking system integration is not always straightforward and there is no integration between IBM and these products. If IBM could open up and provide a way of integrating it seamlessly, without charging more for it, that would make a big difference. I would rate it an eight out of ten. View full review »
MazenHindawi
Network and Security Technical Team Leader at a wholesaler/distributor with 201-500 employees
IBM needs to invest more into the collaboration with other vendors. If you want to go to IBM, do not just go for QRadar. You need QRadar and all the products that surround QRadar, especially BigFix, because the product is ten times stronger with it. Most important criteria when selecting a vendor: * The technical features of the solution. * The people in my region at the vendor. * The perspective of the project manager on the customer side. * Data involved and time of the implementation. * The needs of the customer. * The cost of the project. * Training involved. View full review »
James Davenport
IT Director at MyEyeDr.
We try to do everything all at once. Find the right partner to help you do the implementation. When picking a vendor, we look for the support, the ease of the installation, and the future of the product. View full review »
Trust Mapoka
Managing Director at CIA Botswana
I would rate it an eight out of ten. Not a ten because the configuration part of it should be easier. They tried to integrate everything together to be all in one, but it's not easy to configure. View full review »
Douglas Concepcion
Security Solutions Architect at Micro Strategies
Do your research before implementing it, because it is tough to implement. Most important criteria when selecting a vendor: support. I say this to every vendor. It is not always about pricing, which is nice when we start, but when the crap hits the fan. I want the vendor to be there with me. View full review »
Luis Yndigoyen
Partner at a tech services company with 11-50 employees
Ensure you have the functional skills on BPM and the technical skills on IBM BPM. We used to be IBM partners, but are not anymore. Now, we are Red Hat partners. View full review »
reviewer810204
Lead Security Infrastructure Engineer at a financial services firm with 5,001-10,000 employees
Understand how your analysts need to use SIEM to execute use cases. This platform can collect and normalize data better than just about anything (if you want it to), but it will not be useful if it is not presented in a useful way. View full review »
Marketdir9846
Marketing Director at a aerospace/defense firm with 1-10 employees
This kind of solution is essential. The communication network functions very well. On a scale of one to 10, ten being the best, I would give this product a rating of nine. View full review »
Shaikh Jamal Uddin
Information Security Lead Consultant at Secure Coat
QRadar also supports UBA which is a fantastic feature to detect user's malicious activities. View full review »
Senio9887
Senior Information Security Analyst at a tech services company with 501-1,000 employees
I would rate this solution a six out of ten. View full review »
Mohamed AFEILAL
Director General at New System Engineering
I would recommend this product. It is very simple to install, and not a complicated solution. IBM supplies regular software updates. I would rate this solution an eight out of ten. View full review »
Mika Suomu
Cloud Security Architect at a tech company with 201-500 employees
I highly recommend this product. View full review »
Youssef Boukari
IT Security Manager at a tech services company
It is a good solution. View full review »
senior0997
Senior Field Manager at a tech services company
I would rate it an eight out of ten. View full review »
Rossella Falcone
Sr. Security Engineer at OmnitechIT
I would rate this product eight out of ten. View full review »
Sebastian Osterc
Member at CIFAL Argentina
Most important criteria when selecting a vendor: Our customers need a cross of different units which make up a better solution for them. View full review »
reviewer843297
Manager, Cybersecurity at a tech company with 11-50 employees
The tool gets better value in the hands of an experienced security analyst. View full review »
Yong Chen
Security Consultant at a tech services company with 11-50 employees
I would rate it an eight out of ten. View full review »
Software6a29
Software Trainee at a tech services company with 1,001-5,000 employees
Overall, I love this product. View full review »

Sign Up with Email