IBM QRadar Reviews

Global Security Engineering and Operations Director at a health, wellness and fitness company with 10,001+ employees

Apr 09 2017

What is most valuable?

* The ability to correlate data across our global enterprise in near real time * The ability to integrate a lot of third-party solutions * The machine learning pieces with Watson, indicators of compromise, and utilizing that across the value... more»

How has it helped my organization?

The solution has improved the efficiency of our security team. These improvements prevent the need for more proactive security activities. The improvements did not reduce our staff. It's funny, because IBM keeps on having this conversation... more»

What needs improvement?

Room for improvement is more in relation to a lot of the features, the automation of incidents themselves, and being able to automate workflow responses. Overall, I love the product. IBM usually puts good resources and talent behind things.... more»

1 comment

See full review (1035 words) »

SeniorSe6fa8

Senior security analyst at a financial services firm with 1,001-5,000 employees

Apr 12 2017

What is most valuable?

Some of the most valuable things that I get from QRadar are the custom parsers. A lot of the syslog items I get pushed to QRadar, instead of trying to build a custom parser to parse out the information that we need in order to do our... more»

How has it helped my organization?

I think it has improved our organization by the speed at which I can run queries compared to other software that I've used in the past. It's a lot quicker and holds a lot more information. It helps keep a good cognitive overview of our... more»

What needs improvement?

I'd like to see it being able to be integrated with more security products. I'm a big Guardian user; it's nice for the bidirectional. I can do some stuff, like a SQL injection, or if something is happening. But if there were other security... more»

See full review (815 words) »

Download Free Report

Find out what your peers are saying about IBM, Splunk, Micro Focus and others in Security Information and Event Management (SIEM).

Download now

287,566 professionals have used our research since 2012.

Willem Albertus Potgieter

Vulnerability Manager at a tech services company with 51-200 employees

Jul 05 2017

What is most valuable?

The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why.

How has it helped my organization?

Normally, an offense comes in and an offense is something negative, it triggers when certain events don't comply with the rules, to put it plainly, it is something that will have impacted your environment very negatively. Once it comes... more»

What needs improvement?

I would like to see a more user-friendly product. I would like them to make it more user-friendly. At this stage, you need to use a lot of regular expressions to do your searches.

See full review (711 words) »

Willem Albertus Potgieter

Vulnerability Manager at a tech services company with 51-200 employees

Jun 17 2018

What is most valuable?

The threat protection network is the most valuable feature because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why.

How has it helped my organization?

Normally, an offense comes in and an offense is something negative, to put it plainly, that impacted your environment. Once it comes through, you can then see from the QRadar log sources, who or what triggered the offense. For example, if an... more»

What needs improvement?

I would like to see a more user-friendly product. I would like them to make it much more user-friendly. At this stage, you need to use a lot of widgets to do your searches. To advance searches, you must do a lot of Regex expressions.

See full review (698 words) »

Petr Hejda

Security Consultant at Dimension Data

Apr 10 2017

What is most valuable?

The most valuable features are all the implementations, the plug-ins, and the User Behavior Analytics (UBA). All that stuff is really cool. We are using the solution a lot on the customer side. We like the strength of the platform, basically.... more»

How has it helped my organization?

Maybe the best way it helped our organization is that QRadar is well prepared for PoCs. When you are doing PoCs, you just install the solution and you can show it to the customer. It has great benefits because we don't spend a lot of time to... more»

What needs improvement?

We thought about what was missing and it was the analysis of the user behavior. However, with the User Behavior Analytics (UBA), it's much less complicated. I recently attended a conference presentation on machine learning, and it is a great... more»

See full review (673 words) »

See 46 more reviews

Articles

User Assessments By Topic About IBM QRadar

IBM QRadar Questions

IBM QRadar Projects By Members

IBM QRadar Consultants

What is IBM QRadar?

The IBM QRadar security and analytics platform is a lead offering in IBM Security's portfolio. This family of products provides consolidated flexible architecture for security teams to quickly adopt log management, SIEM, user behavior analytics, incident forensics, and threat intelligence and more. As an integrated analytics platform, QRadar streamlines critical capabilities into a common workflow, with tools such as the IBM Security App Exchange ecosystem and Watson for Cyber Security cognitive capability.

With QRadar, you can decrease your overall cost of ownership with an improved detection of threats and enjoy the flexibility of on-premise or cloud deployment, and optional managed security monitoring services.

Also known as

QRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar

IBM QRadar customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.