IBM QRadar Reviews

Filter by:Reset all filters
industry
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
rating
Filter Unavailable
GlobalSe999a
Real User
Global Security Engineering and Operations Director at a health, wellness and fitness company with 10,001+ employees
Apr 09 2017

What is most valuable?

* The ability to correlate data across our global enterprise in near real time * The ability to integrate a lot of third-party solutions * The... more»

How has it helped my organization?

The solution has improved the efficiency of our security team. These improvements prevent the need for more proactive security activities. The... more»

What needs improvement?

Room for improvement is more in relation to a lot of the features, the automation of incidents themselves, and being able to automate workflow... more»

Which other solutions did I evaluate??

We have used other solutions, but that was years ago. We've had QRadar for four years. Before that, it was the Symantec solution. The landscape... more»

What other advice do I have??

When picking a vendor, the most important thing is partnership. I honestly have nothing but good things to say about the IBM relationship that... more»
SeniorSe6fa8
Real User
Senior security analyst at a financial services firm with 1,001-5,000 employees
Apr 12 2017

What is most valuable?

Some of the most valuable things that I get from QRadar are the custom parsers. A lot of the syslog items I get pushed to QRadar, instead of... more»

How has it helped my organization?

I think it has improved our organization by the speed at which I can run queries compared to other software that I've used in the past. It's a... more»

What needs improvement?

I'd like to see it being able to be integrated with more security products. I'm a big Guardian user; it's nice for the bidirectional. I can do... more»

Which other solutions did I evaluate??

It was easy to know we needed a new solution; when you have Symantec's DLP that's really crappy and they end-of-life it, you've got to start... more»

What other advice do I have??

Make sure you understand how many log sources you have in your environment. Kind of get an idea of how many per second you're going to be... more»
Find out what your peers are saying about IBM, Splunk, Micro Focus and others in Security Information and Event Management (SIEM).
291,818 professionals have used our research since 2012.
Willem Albertus Potgieter
Real User
Vulnerability Manager at a tech services company with 51-200 employees
Jul 05 2017

What is most valuable?

The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it... more»

How has it helped my organization?

Normally, an offense comes in and an offense is something negative, it triggers when certain events don't comply with the rules, to put it... more»

What needs improvement?

I would like to see a more user-friendly product. I would like them to make it more user-friendly. At this stage, you need to use a lot of... more»

What's my experience with pricing, setup cost, and licensing??

IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much.

What other advice do I have??

Just spec it correctly and it will do its job for you. It has an active community. IBM patches the product regularly when problems are picked... more»
Willem Albertus Potgieter
Real User
Vulnerability Manager at a tech services company with 51-200 employees
Jun 17 2018

What is most valuable?

The threat protection network is the most valuable feature because when you get an offense, you can actually trace it back to where it... more»

How has it helped my organization?

Normally, an offense comes in and an offense is something negative, to put it plainly, that impacted your environment. Once it comes through,... more»

What needs improvement?

I would like to see a more user-friendly product. I would like them to make it much more user-friendly. At this stage, you need to use a lot of... more»

Which other solutions did I evaluate??

We used Splunk in the past and we are using both products at the same time.

What other advice do I have??

Just spec it correctly and it will do its job for you. It has an active community. IBM patches the product regularly when problems are picked... more»
Petr Hejda
Consultant
Security Consultant at Dimension Data
Apr 10 2017

What is most valuable?

The most valuable features are all the implementations, the plug-ins, and the User Behavior Analytics (UBA). All that stuff is really cool. We... more»

How has it helped my organization?

Maybe the best way it helped our organization is that QRadar is well prepared for PoCs. When you are doing PoCs, you just install the solution... more»

What needs improvement?

We thought about what was missing and it was the analysis of the user behavior. However, with the User Behavior Analytics (UBA), it's much less... more»

Which other solutions did I evaluate??

We had McAfee, but we are ending our use of it. There are only some small implementations that are running with it. We are no longer developing... more»

What other advice do I have??

Definitely try it. Do a PoC with a customer. You can get the value for the customer quickly. It's great.
SeniorMa339e
Real User
Senior Manager at a pharma/biotech company with 1,001-5,000 employees
Apr 06 2017

What is most valuable?

Its technology is quite new and it has a predefined set of templates that can be readily used for our business, so we don't have to innovate... more»

How has it helped my organization?

Security: We do have cloud services. It's very difficult to control cloud vendors, when it is for security. But this tool conducts an... more»

What needs improvement?

This tool is more suited for the technical industries or it's more specific for technical security. However, now since new laws are coming out... more»

Which other solutions did I evaluate??

We were not previously using a different solution. IBM approached us with best practices and they conducted a survey. They control our... more»

What other advice do I have??

The solution seems to be very promising on paper, i.e., in theory, some things look good but practically, after we apply the solution in the... more»
Securityf530
Real User
Security Manager at a pharma/biotech company with 1,001-5,000 employees
Mar 23 2017

What is most valuable?

The search capability (I've used other solutions) and data consolidation are some of the key features.

How has it helped my organization?

For this organization, it was the first log management solution. So, it definitely gave us the ability to search through the data when we had... more»

What needs improvement?

I want to see a three-dimensional perspective of the data. I don't want to see just an event perspective of the data. I want to be able to... more»

Which other solutions did I evaluate??

We didn't have a previous solution. We kind of inherited it as part of another acquisition from IBM, and then we scaled it up to meet our capacity.

What other advice do I have??

From an analytics perspective, it's a good tool. But you have to have the resources to own it. It's not only about buying it. It's not only... more»
Horacio Agustin Lo Brutto
Real User
Senior System Administrator at a tech services company with 11-50 employees
Apr 13 2017

What is most valuable?

In my understanding, the best features are: * DSMs (Device Support Modules), * Device auto-discovery, and * Hundreds of rules and reports... more»

How has it helped my organization?

I have implemented QRadar in a big airline company, where they needed to get all their security information in one place. It helped in reducing... more»

What's my experience with pricing, setup cost, and licensing??

The pricing and licensing policies are really competitive. These solutions are not for a really small business, but having just one license... more»

Which other solutions did I evaluate??

I had the opportunity to use other SIEM solutions, but no one can provide what QRadar does, i.e., in terms of its simplicity, support or... more»

What other advice do I have??

You should ask the sales representative to give you the Excel sheet to calculate EPS. Keep in mind that the firewalls, proxies and networking... more»
See 43 More IBM QRadar Reviews

Articles

User Assessments By Topic About IBM QRadar

Find out what your peers are saying about IBM, Splunk, Micro Focus and others in Security Information and Event Management (SIEM).
291,818 professionals have used our research since 2012.

IBM QRadar Questions

IBM QRadar Projects By Members

IBM QRadar Consultants

What is IBM QRadar?

The IBM QRadar security and analytics platform is a lead offering in IBM Security's portfolio. This family of products provides consolidated flexible architecture for security teams to quickly adopt log management, SIEM, user behavior analytics, incident forensics, and threat intelligence and more. As an integrated analytics platform, QRadar streamlines critical capabilities into a common workflow, with tools such as the IBM Security App Exchange ecosystem and Watson for Cyber Security cognitive capability.

With QRadar, you can decrease your overall cost of ownership with an improved detection of threats and enjoy the flexibility of on-premise or cloud deployment, and optional managed security monitoring services.

Also known as
QRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar
IBM QRadar customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.

BUYER'S GUIDE
Not sure which Security Information and Event Management (SIEM) solution is right for you?

Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about IBM, Splunk, Micro Focus, and more!

Sign Up with Email