IBM QRadar Reviews
GlobalSe999a
Real User
Global Security Engineering and Operations Director at a health, wellness and fitness company with 10,001+ employees
Apr 09 2017
What is most valuable?
* The ability to correlate data across our global enterprise in near real time * The ability to integrate a lot of third-party solutions * The... more»How has it helped my organization?
The solution has improved the efficiency of our security team. These improvements prevent the need for more proactive security activities. The... more»What needs improvement?
Room for improvement is more in relation to a lot of the features, the automation of incidents themselves, and being able to automate workflow... more»Which solutions did we use previously?
We have used other solutions, but that was years ago. We've had QRadar for four years. Before that, it was the Symantec solution. The landscape... more»What other advice do I have?
When picking a vendor, the most important thing is partnership. I honestly have nothing but good things to say about the IBM relationship that... more»1 comment
SeniorSe6fa8
Real User
Senior security analyst at a financial services firm with 1,001-5,000 employees
Apr 12 2017
What is most valuable?
Some of the most valuable things that I get from QRadar are the custom parsers. A lot of the syslog items I get pushed to QRadar, instead of... more»How has it helped my organization?
I think it has improved our organization by the speed at which I can run queries compared to other software that I've used in the past. It's a... more»What needs improvement?
I'd like to see it being able to be integrated with more security products. I'm a big Guardian user; it's nice for the bidirectional. I can do... more»Which solutions did we use previously?
It was easy to know we needed a new solution; when you have Symantec's DLP that's really crappy and they end-of-life it, you've got to start... more»What other advice do I have?
Make sure you understand how many log sources you have in your environment. Kind of get an idea of how many per second you're going to be... more»
Find out what your peers are saying about IBM, Splunk, Micro Focus and others in Security Information and Event Management (SIEM).
301,063 professionals have used our research since 2012.
Willem Albertus Potgieter
Real User
Vulnerability Manager at a tech services company with 51-200 employees
Jul 05 2017
What is most valuable?
The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it... more»How has it helped my organization?
Normally, an offense comes in and an offense is something negative, it triggers when certain events don't comply with the rules, to put it... more»What needs improvement?
I would like to see a more user-friendly product. I would like them to make it more user-friendly. At this stage, you need to use a lot of... more»What's my experience with pricing, setup cost, and licensing?
IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much.What other advice do I have?
Just spec it correctly and it will do its job for you. It has an active community. IBM patches the product regularly when problems are picked... more»Willem Albertus Potgieter
Real User
Vulnerability Manager at a tech services company with 51-200 employees
Jun 17 2018
What is most valuable?
The threat protection network is the most valuable feature because when you get an offense, you can actually trace it back to where it... more»How has it helped my organization?
Normally, an offense comes in and an offense is something negative, to put it plainly, that impacted your environment. Once it comes through,... more»What needs improvement?
I would like to see a more user-friendly product. I would like them to make it much more user-friendly. At this stage, you need to use a lot of... more»Which solutions did we use previously?
We used Splunk in the past and we are using both products at the same time.What other advice do I have?
Just spec it correctly and it will do its job for you. It has an active community. IBM patches the product regularly when problems are picked... more»
Petr Hejda
Consultant
Security Consultant at Dimension Data
Apr 10 2017
What is most valuable?
The most valuable features are all the implementations, the plug-ins, and the User Behavior Analytics (UBA). All that stuff is really cool. We... more»How has it helped my organization?
Maybe the best way it helped our organization is that QRadar is well prepared for PoCs. When you are doing PoCs, you just install the solution... more»What needs improvement?
We thought about what was missing and it was the analysis of the user behavior. However, with the User Behavior Analytics (UBA), it's much less... more»Which solutions did we use previously?
We had McAfee, but we are ending our use of it. There are only some small implementations that are running with it. We are no longer developing... more»What other advice do I have?
Definitely try it. Do a PoC with a customer. You can get the value for the customer quickly. It's great.
Omar Sánchez (Mr.Tech)
Consultant
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services
Oct 21 2018
What is most valuable?
They do have a way to pre-configure or have pre-configurations for companies that are starting and they don't know too much about SIEM or working with SIEMs. The solution uses SIEM... more»What needs improvement?
It is not a user-friendly program. It is a very glorified Excel program. I would love to see a more user-friendly version in a future rollout. In addition, the management services... more»What's my experience with pricing, setup cost, and licensing?
It is a pricey product. It is very expensive.Which solutions did we use previously?
I have used Splunk in the past.
SeniorMa339e
Real User
Senior Manager at a pharma/biotech company with 1,001-5,000 employees
Apr 06 2017
What is most valuable?
Its technology is quite new and it has a predefined set of templates that can be readily used for our business, so we don't have to innovate... more»How has it helped my organization?
Security: We do have cloud services. It's very difficult to control cloud vendors, when it is for security. But this tool conducts an... more»What needs improvement?
This tool is more suited for the technical industries or it's more specific for technical security. However, now since new laws are coming out... more»Which solutions did we use previously?
We were not previously using a different solution. IBM approached us with best practices and they conducted a survey. They control our... more»What other advice do I have?
The solution seems to be very promising on paper, i.e., in theory, some things look good but practically, after we apply the solution in the... more»Securityf530
Real User
Security Manager at a pharma/biotech company with 1,001-5,000 employees
Mar 23 2017
What is most valuable?
The search capability (I've used other solutions) and data consolidation are some of the key features.How has it helped my organization?
For this organization, it was the first log management solution. So, it definitely gave us the ability to search through the data when we had... more»What needs improvement?
I want to see a three-dimensional perspective of the data. I don't want to see just an event perspective of the data. I want to be able to... more»Which solutions did we use previously?
We didn't have a previous solution. We kind of inherited it as part of another acquisition from IBM, and then we scaled it up to meet our capacity.What other advice do I have?
From an analytics perspective, it's a good tool. But you have to have the resources to own it. It's not only about buying it. It's not only... more»Articles
User Assessments By Topic About IBM QRadar
Find out what your peers are saying about IBM, Splunk, Micro Focus and others in Security Information and Event Management (SIEM).
301,063 professionals have used our research since 2012.
IBM QRadar Questions
IBM QRadar Projects By Members
IBM QRadar Consultants
What is IBM QRadar?
The IBM QRadar security and analytics platform is a lead offering in IBM Security's portfolio. This family of products provides consolidated flexible architecture for security teams to quickly adopt log management, SIEM, user behavior analytics, incident forensics, and threat intelligence and more. As an integrated analytics platform, QRadar streamlines critical capabilities into a common workflow, with tools such as the IBM Security App Exchange ecosystem and Watson for Cyber Security cognitive capability.
With QRadar, you can decrease your overall cost of ownership with an improved detection of threats and enjoy the flexibility of on-premise or cloud deployment, and optional managed security monitoring services.
Also known as
QRadar SIEM, QRadar UBA, QRadar on Cloud, QRadarIBM QRadar customers
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Popular Comparisons
Splunk
ArcSight
LogRhythm NextGen SIEM
AlienVault
McAfee Enterprise Security Manager (McAfee ESM)
RSA NetWitness Logs and Packets (RSA SIEM)
ELK Logstash
Fortinet FortiSIEM (AccelOps)
SolarWinds LEM
LogPoint
NetIQ Sentinel
Securonix Security Analytics
Graylog
vRealize Log Insight
RSA enVision
BUYER'S GUIDE
Not sure which Security Information and Event Management (SIEM) solution is right for you?Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about IBM, Splunk, Micro Focus, and more!
Sign in to see all reviews and comparisons. It's free!
By clicking Sign in with LinkedIn™ you agree to let IT Central Station use your LinkedIn profile
and email address in accordance with our Privacy Policy and agree to the Terms of Service.
- Unlimited access to 21000+ reviews from real users
- Your own page to promote your professional skills
- Networking events and peer-to-peer consultations
Already a member? Sign in.
By registering, you agree to our Terms of Service and Privacy Policy.
- Unlimited access to 21000+ reviews from real users
- Your own page to promote your professional skills
- Networking events and peer-to-peer consultations
Already a member? Sign In.