IBM QRadar Software Reviews
- Highest Rating
- Lowest Rating
- Review Length
Showingreviews based on the current filters.
Apr 03 2019
What is most valuable?One of the most valuable features is its ability to integrate with other solutions. In our current setup, we need a holistic view of our network to provide better service… more »
How has it helped my organization?With QRadar we managed to focus on the more critical incidents that we have experienced. As a result, we have managed to decrease the most critical incidents, most… more »
What needs improvement?The first area for improvement is the cost. It's a little bit too expensive for us. Also, initially it was difficult to understand or to grasp, but once you get the hang… more »
What's my experience with pricing, setup cost, and licensing?It's too expensive. The licensing is also a little bit difficult to understand because you have to license it per event and per number of flows. So you have to understand… more »
Which solution did I use previously and why did I switch?We did not use any solutions before QRadar.
What other advice do I have?My advice is to take your time. It depends on your network, on what you want to gather information from. Make sure that the networking and the cybersecurity teams are… more »
Which other solutions did I evaluate?We did evaluate some, like LogRhythm. We found that LogRhythm was more difficult to understand because it was a little bit too static. I believe they have already improved… more »
Apr 17 2019
What is most valuable?First, the dashboard is a valuable feature. There is a single dashboard that gives us a complete overview of what is happening around the globe. We are able to follow the devices that are connected to… more »
How has it helped my organization?This solution has improved our organization by allowing us to promote vertical security as an added service for our customers. It has also improved our integration with other applications. Previously… more »
What needs improvement?With the transition to a modern IT operation center, I think that many of the devices are going to be mobile. Somebody may not be at the NOC (Network Operations Center), data center, or SOC (Security… more »
What's my experience with pricing, setup cost, and licensing?The solution is a subscription-based model. It is a yearly subscription from my understanding. In terms of additional costs, it depends on the subscription that you choose. There are plenty of options… more »
What other advice do I have?I would rate this solution eight and a half out of ten.
Which other solutions did I evaluate?Yes, for each project we discuss which product to choose, and decide depending on what suits our needs. SolarWinds is one of the solutions that we use for our NOC operations. We had internal… more »
Learn what your peers think about IBM QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,141 professionals have used our research since 2012.
Mar 31 2019
What is most valuable?The most valuable feature is the QRadar Vulnerability Manager which provides vulnerability scans. In addition, I like the way QRadar generates alerts.
How has it helped my organization?Instead of logging in to multiple devices and checking the logs, QRadar gives us one centralized point for comparing data against each other and rules to make sure that you don't miss anything. It… more »
What needs improvement?It would be good if the program allowed certain profiles to only see certain customer information.
What's my experience with pricing, setup cost, and licensing?QRadar is quite expensive. It wouldn't be worth it for a small business unless, through a third-party company, they used it in a software-as-a-service type of arrangement, rather than buying the… more »
Which solution did I use previously and why did I switch?We went with QRadar because it's a more well-known product. I was only using the AlienVault Community Edition, a free version. It wasn't a fully-paid version I was using at the time. IBM QRadar was… more »
What other advice do I have?QRadar, as a product, might be very straightforward, but to fully understand the product you would need to go for the QRadar training. IBM's training for QRadar is very expensive but it really helps… more »
Apr 29 2019
Alerts and correlates the aggregate events or offenses we receive through all the applications we use
How has it helped my organization?IBM QRadar has improved my organization by introducing many functions. It collects logs from all of our systems in the organization and has functioned very well. It alerts and correlates the aggregate events or offenses we receive through… more »
What needs improvement?There is one problem with QRadar in regards to the add-on apps. The apps can be frustrating. For example, when I add a big app like one of the add-ons for resiliency, add-on applications for QRadar, these applications require different… more »
What's my experience with pricing, setup cost, and licensing?The licensing is every year. There are additional costs, such as the cost associated with the different hardware required for implementation and deployment. Along with the add-on apps, these are all additional costs, and they require… more »
Which solution did I use previously and why did I switch?I've used Alien Vault, McAfee, and Splunk.
What other advice do I have?The solution functions very well. It is amazing but there are some bugs with it. The unknown bugs can just come up with the adaptor with the data stored in Qradar. On a scale from one to 10, ten being the best, I would rate this product an… more »
Jun 23 2019
What is most valuable?The first feature that I love to demonstrate for my customers is the fact that the vulnerability manager is integrated in QRadar SIEM. This lets us stop and detect vulnerability. The reports provide many methods to fix it. The circumvention method and the patch method is perfected very well in the QRadar area. The second valuable feature is when we get events and make the correlation or rules. In… more »
What needs improvement?The interface is very old. IBM should remake it into a more modern interface. I think this is the only thing they should improve on. Another feature that would be nice is if it's possible to integrate some of the application style and configuration that is currently not easy to set up in the product. If it's possible to do that, it would be a major improvement. In fact, I never got a road map to… more »
What other advice do I have?The first advice I give my customers before buying SIEM is: "You should understand the solution well before starting the implementation." If they don't understand the solution, they will never be able to use it correctly. This is the first piece. The second point is that they will resist the change made to the setup installation. If they look for the solution, QRadar ATM is the best. I would rate… more »
Apr 12 2019
What is most valuable?The most valuable feature of IBM QRadar is its slow control and even activation. I also like the post notifications on the screen.
How has it helped my organization?We have integrated IBM QRadar with our firewall and some services that we use. When the logs are about to get full of SQL, IBM QRadar makes a notification. The admin knows that they're about to get… more »
What needs improvement?The quoting and the dashboard session could be improved. It should be more user-friendly. Otherwise, the overall functionality of IBM QRadar is superb. A better GUI and reporting both would be good… more »
What's my experience with pricing, setup cost, and licensing?We do licensing on a yearly basis. It's for deployment. If the client wants more services, we support the license. There are no other costs for the product.
What other advice do I have?I would recommend IBM QRadar because of the security features and the organization. I can recommend the security. Security is nowadays an essential part of IBM QRadar. IBM QRadar is probably the best… more »
Which other solutions did I evaluate?When I joined the company we were already partners with IBM. I didn't have much experience with other products.
Jun 19 2019
What is most valuable?The most valuable feature is user-behavior analytics, where it will create logs based on the users' behavior and report suspicious events or other anomalies. I am working with the data analytics so it is a very good one for what I am doing.
How has it helped my organization?This solution provides me with various alarms, and I have found security issues with some of my other products. We also have some special correlation rules that give me information about mail servers, websites, and other user behavior.
What needs improvement?There is a lot of manual configuration required in order for the product to run smoothly, and I think that it could be made more automatic. There is no need for so much manual configuration. For example, it should be able to automatically… more »
What other advice do I have?There are many good products and solutions on the market, but for implementation and maintenance, I can say that the most important thing is local support. We do not have any issues with this product, and we have seen the benefits of it. It… more »
Which other solutions did I evaluate?I am familiar with products from other vendors, such as McAfee. We specifically evaluated Splunk, which is a good solution but there is no local partner in Turkey for support. Having a local partner is very important to us. We chose this… more »
Mar 21 2019
What is most valuable?This solution has many valuable features but I especially like the Log Manager feature.
How has it helped my organization?We do R&D for IBM QRadar and we are also a cybersecurity solution based company. We provide solutions for our clients like banking, government agencies, and other non-government organizations. Our clients test in our labs and we try to… more »
What needs improvement?I think QRadar is very complex. It's a distributed system and IBM QRadar has an all-in-one solution which is not like that distributed solution but it's a good product. IBM needs to consider the user interface because if we compare it with… more »
What's my experience with pricing, setup cost, and licensing?Licensing is very expensive, IBM QRadar is a very expensive solution. If you want to minimize costs then IBM QRadar is not for you.
What other advice do I have?I would rate it an eight out of ten. Not a ten because of the complex interface.
See 19 More IBM QRadar Reviews
Read Archived Reviews
What is IBM QRadar?
The IBM QRadar security and analytics platform is a lead offering in IBM Security's portfolio. This family of products provides consolidated flexible architecture for security teams to quickly adopt log management, SIEM, user behavior analytics, incident forensics, and threat intelligence and more. As an integrated analytics platform, QRadar streamlines critical capabilities into a common workflow, with tools such as the IBM Security App Exchange ecosystem and Watson for Cyber Security cognitive capability.
With QRadar, you can decrease your overall cost of ownership with an improved detection of threats and enjoy the flexibility of on-premise or cloud deployment, and optional managed security monitoring services.
Also known asQRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar
IBM QRadar customers
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Download our free IBM QRadar Report and get advice and tips from experienced pros sharing their opinions.
- What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
- Which is the best SIEM solution for a government organization?
- What Is SIEM Used For?
- What is the difference between IT event correlation and aggregation?
- Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
- What are the must-haves for a SIEM solution?
- What is the difference between SIEM and SOAR platforms?
- What is the difference between log management and SIEM?
- Are you using a SIEM platform with AWS Cloudwatch?
- What is your SIEM buying cycle like?