IBM QRadar Software Reviews
Apr 03 2019
What is most valuable?One of the most valuable features is its ability to integrate with other solutions. In our current setup, we need a holistic view of our network to provide better service… more»
How has it helped my organization?With QRadar we managed to focus on the more critical incidents that we have experienced. As a result, we have managed to decrease the most critical incidents, most… more»
What needs improvement?The first area for improvement is the cost. It's a little bit too expensive for us. Also, initially it was difficult to understand or to grasp, but once you get the hang… more»
What's my experience with pricing, setup cost, and licensing?It's too expensive. The licensing is also a little bit difficult to understand because you have to license it per event and per number of flows. So you have to understand… more»
Which solution did I use previously and why did I switch?We did not use any solutions before QRadar.
What other advice do I have?My advice is to take your time. It depends on your network, on what you want to gather information from. Make sure that the networking and the cybersecurity teams are… more»
Which other solutions did I evaluate?We did evaluate some, like LogRhythm. We found that LogRhythm was more difficult to understand because it was a little bit too static. I believe they have already improved… more»
Apr 17 2019
What is most valuable?First, the dashboard is a valuable feature. There is a single dashboard that gives us a complete overview of what is happening around the globe. We are able to follow the devices that are connected to… more»
How has it helped my organization?This solution has improved our organization by allowing us to promote vertical security as an added service for our customers. It has also improved our integration with other applications. Previously… more»
What needs improvement?With the transition to a modern IT operation center, I think that many of the devices are going to be mobile. Somebody may not be at the NOC (Network Operations Center), data center, or SOC (Security… more»
What's my experience with pricing, setup cost, and licensing?The solution is a subscription-based model. It is a yearly subscription from my understanding. In terms of additional costs, it depends on the subscription that you choose. There are plenty of options… more»
What other advice do I have?I would rate this solution eight and a half out of ten.
Which other solutions did I evaluate?Yes, for each project we discuss which product to choose, and decide depending on what suits our needs. SolarWinds is one of the solutions that we use for our NOC operations. We had internal… more»
Find out what your peers are saying about IBM, Splunk, LogRhythm and others in Security Information and Event Management (SIEM). Updated: January 2020.
390,810 professionals have used our research since 2012.
Jun 17 2018
What is most valuable?The threat protection network is the most valuable feature because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why.
How has it helped my organization?Normally, an offense comes in and an offense is something negative, to put it plainly, that impacted your environment. Once it comes through, you can then see from the QRadar log sources, who or what… more»
What needs improvement?I would like to see a more user-friendly product. I would like them to make it much more user-friendly. At this stage, you need to use a lot of widgets to do your searches. To advance searches, you… more»
Which solution did I use previously and why did I switch?We used Splunk in the past and we are using both products at the same time.
What other advice do I have?Just spec it correctly and it will do its job for you. It has an active community. IBM patches the product regularly when problems are picked up. I haven’t heard about a lot of problems from other… more»
Which other solutions did I evaluate?I wasn't completely part of the whole process when they chose a product. I know they evaluated AlienVault, which unfortunately I do not have any experience with. I'm not able to provide pointers as to… more»
Mar 31 2019
What is most valuable?The most valuable feature is the QRadar Vulnerability Manager which provides vulnerability scans. In addition, I like the way QRadar generates alerts.
How has it helped my organization?Instead of logging in to multiple devices and checking the logs, QRadar gives us one centralized point for comparing data against each other and rules to make sure that you don't miss anything. It… more»
What needs improvement?It would be good if the program allowed certain profiles to only see certain customer information.
What's my experience with pricing, setup cost, and licensing?QRadar is quite expensive. It wouldn't be worth it for a small business unless, through a third-party company, they used it in a software-as-a-service type of arrangement, rather than buying the… more»
Which solution did I use previously and why did I switch?We went with QRadar because it's a more well-known product. I was only using the AlienVault Community Edition, a free version. It wasn't a fully-paid version I was using at the time. IBM QRadar was… more»
What other advice do I have?QRadar, as a product, might be very straightforward, but to fully understand the product you would need to go for the QRadar training. IBM's training for QRadar is very expensive but it really helps… more»
Oct 21 2018
What is most valuable?They do have a way to pre-configure or have pre-configurations for companies that are starting and they don't know too much about SIEM or working with SIEMs. The solution uses SIEM to get the information to the managers so I will say that… more»
What needs improvement?It is not a user-friendly program. It is a very glorified Excel program. I would love to see a more user-friendly version in a future rollout. In addition, the management services team needs some improvement. They are, at times, confused… more»
What's my experience with pricing, setup cost, and licensing?It is a pricey product. It is very expensive.
Which solution did I use previously and why did I switch?I have used Splunk in the past.
Which other solutions did I evaluate?QRadar needs a lot of fine tuning. I had to schedule meetings with IBM for help. For example, one of the things that we were having difficulties with QRadar is that the detection rules are sent by IBM and we wanted those detection rules. In… more»
Apr 29 2019
Alerts and correlates the aggregate events or offenses we receive through all the applications we use
How has it helped my organization?IBM QRadar has improved my organization by introducing many functions. It collects logs from all of our systems in the organization and has functioned very well. It alerts and correlates the aggregate events or offenses we receive through… more»
What needs improvement?There is one problem with QRadar in regards to the add-on apps. The apps can be frustrating. For example, when I add a big app like one of the add-ons for resiliency, add-on applications for QRadar, these applications require different… more»
What's my experience with pricing, setup cost, and licensing?The licensing is every year. There are additional costs, such as the cost associated with the different hardware required for implementation and deployment. Along with the add-on apps, these are all additional costs, and they require… more»
Which solution did I use previously and why did I switch?I've used Alien Vault, McAfee, and Splunk.
What other advice do I have?The solution functions very well. It is amazing but there are some bugs with it. The unknown bugs can just come up with the adaptor with the data stored in Qradar. On a scale from one to 10, ten being the best, I would rate this product an… more»
Jun 23 2019
What is most valuable?The first feature that I love to demonstrate for my customers is the fact that the vulnerability manager is integrated in QRadar SIEM. This lets us stop and detect vulnerability. The reports provide many methods to fix it. The circumvention method and the patch method is perfected very well in the QRadar area. The second valuable feature is when we get events and make the correlation or rules. In… more»
What needs improvement?The interface is very old. IBM should remake it into a more modern interface. I think this is the only thing they should improve on. Another feature that would be nice is if it's possible to integrate some of the application style and configuration that is currently not easy to set up in the product. If it's possible to do that, it would be a major improvement. In fact, I never got a road map to… more»
What other advice do I have?The first advice I give my customers before buying SIEM is: "You should understand the solution well before starting the implementation." If they don't understand the solution, they will never be able to use it correctly. This is the first piece. The second point is that they will resist the change made to the setup installation. If they look for the solution, QRadar ATM is the best. I would rate… more»
Apr 12 2019
What is most valuable?The most valuable feature of IBM QRadar is its slow control and even activation. I also like the post notifications on the screen.
How has it helped my organization?We have integrated IBM QRadar with our firewall and some services that we use. When the logs are about to get full of SQL, IBM QRadar makes a notification. The admin knows that they're about to get… more»
What needs improvement?The quoting and the dashboard session could be improved. It should be more user-friendly. Otherwise, the overall functionality of IBM QRadar is superb. A better GUI and reporting both would be good… more»
What's my experience with pricing, setup cost, and licensing?We do licensing on a yearly basis. It's for deployment. If the client wants more services, we support the license. There are no other costs for the product.
What other advice do I have?I would recommend IBM QRadar because of the security features and the organization. I can recommend the security. Security is nowadays an essential part of IBM QRadar. IBM QRadar is probably the best… more»
Which other solutions did I evaluate?When I joined the company we were already partners with IBM. I didn't have much experience with other products.
See 38 More IBM QRadar Reviews
User Assessments By Topic About IBM QRadar
IBM QRadar Questions
Read Archived Reviews
What is IBM QRadar?
The IBM QRadar security and analytics platform is a lead offering in IBM Security's portfolio. This family of products provides consolidated flexible architecture for security teams to quickly adopt log management, SIEM, user behavior analytics, incident forensics, and threat intelligence and more. As an integrated analytics platform, QRadar streamlines critical capabilities into a common workflow, with tools such as the IBM Security App Exchange ecosystem and Watson for Cyber Security cognitive capability.
With QRadar, you can decrease your overall cost of ownership with an improved detection of threats and enjoy the flexibility of on-premise or cloud deployment, and optional managed security monitoring services.
Also known asQRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar
IBM QRadar customers
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.