IBM QRadar Software Reviews

IBM QRadar is the #3 ranked solution of our top Log Management tools. It's rated 4.2 out of 5 stars, and is most commonly compared to Splunk - IBM QRadar vs Splunk

Filter by:
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
DAX Paulino
Real User
Cybersecurity Practice Lead at a tech services company with 201-500 employees
Apr 03 2019

What is most valuable?

One of the most valuable features is its ability to integrate with other solutions. In our current setup, we need a holistic view of our network to provide better service… more »

How has it helped my organization?

With QRadar we managed to focus on the more critical incidents that we have experienced. As a result, we have managed to decrease the most critical incidents, most… more »

What needs improvement?

The first area for improvement is the cost. It's a little bit too expensive for us. Also, initially it was difficult to understand or to grasp, but once you get the hang… more »

What's my experience with pricing, setup cost, and licensing?

It's too expensive. The licensing is also a little bit difficult to understand because you have to license it per event and per number of flows. So you have to understand… more »

Which solution did I use previously and why did I switch?

We did not use any solutions before QRadar.

What other advice do I have?

My advice is to take your time. It depends on your network, on what you want to gather information from. Make sure that the networking and the cybersecurity teams are… more »

Which other solutions did I evaluate?

We did evaluate some, like LogRhythm. We found that LogRhythm was more difficult to understand because it was a little bit too static. I believe they have already improved… more »
BALA
Real User
Program Manager at a tech services company
Apr 17 2019

What is most valuable?

First, the dashboard is a valuable feature. There is a single dashboard that gives us a complete overview of what is happening around the globe. We are able to follow the devices that are connected to… more »

How has it helped my organization?

This solution has improved our organization by allowing us to promote vertical security as an added service for our customers. It has also improved our integration with other applications. Previously… more »

What needs improvement?

With the transition to a modern IT operation center, I think that many of the devices are going to be mobile. Somebody may not be at the NOC (Network Operations Center), data center, or SOC (Security… more »

What's my experience with pricing, setup cost, and licensing?

The solution is a subscription-based model. It is a yearly subscription from my understanding. In terms of additional costs, it depends on the subscription that you choose. There are plenty of options… more »

What other advice do I have?

I would rate this solution eight and a half out of ten.

Which other solutions did I evaluate?

Yes, for each project we discuss which product to choose, and decide depending on what suits our needs. SolarWinds is one of the solutions that we use for our NOC operations. We had internal… more »
Learn what your peers think about IBM QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,141 professionals have used our research since 2012.
Vulnera08667
Reseller
Vulnerability Manager at a tech services company with 51-200 employees
Mar 31 2019

What is most valuable?

The most valuable feature is the QRadar Vulnerability Manager which provides vulnerability scans. In addition, I like the way QRadar generates alerts.

How has it helped my organization?

Instead of logging in to multiple devices and checking the logs, QRadar gives us one centralized point for comparing data against each other and rules to make sure that you don't miss anything. It… more »

What needs improvement?

It would be good if the program allowed certain profiles to only see certain customer information.

What's my experience with pricing, setup cost, and licensing?

QRadar is quite expensive. It wouldn't be worth it for a small business unless, through a third-party company, they used it in a software-as-a-service type of arrangement, rather than buying the… more »

Which solution did I use previously and why did I switch?

We went with QRadar because it's a more well-known product. I was only using the AlienVault Community Edition, a free version. It wasn't a fully-paid version I was using at the time. IBM QRadar was… more »

What other advice do I have?

QRadar, as a product, might be very straightforward, but to fully understand the product you would need to go for the QRadar training. IBM's training for QRadar is very expensive but it really helps… more »
Real User
Cyber Security Specialist at AEC
Apr 29 2019

How has it helped my organization?

IBM QRadar has improved my organization by introducing many functions. It collects logs from all of our systems in the organization and has functioned very well. It alerts and correlates the aggregate events or offenses we receive through… more »

What needs improvement?

There is one problem with QRadar in regards to the add-on apps. The apps can be frustrating. For example, when I add a big app like one of the add-ons for resiliency, add-on applications for QRadar, these applications require different… more »

What's my experience with pricing, setup cost, and licensing?

The licensing is every year. There are additional costs, such as the cost associated with the different hardware required for implementation and deployment. Along with the add-on apps, these are all additional costs, and they require… more »

Which solution did I use previously and why did I switch?

I've used Alien Vault, McAfee, and Splunk.

What other advice do I have?

The solution functions very well. It is amazing but there are some bugs with it. The unknown bugs can just come up with the adaptor with the data stored in Qradar. On a scale from one to 10, ten being the best, I would rate this product an… more »
Larbi Belmiloud
Real User
Security Engineer at a tech services company with 11-50 employees
Jun 23 2019

What is most valuable?

The first feature that I love to demonstrate for my customers is the fact that the vulnerability manager is integrated in QRadar SIEM. This lets us stop and detect vulnerability. The reports provide many methods to fix it. The circumvention method and the patch method is perfected very well in the QRadar area. The second valuable feature is when we get events and make the correlation or rules. In… more »

What needs improvement?

The interface is very old. IBM should remake it into a more modern interface. I think this is the only thing they should improve on. Another feature that would be nice is if it's possible to integrate some of the application style and configuration that is currently not easy to set up in the product. If it's possible to do that, it would be a major improvement. In fact, I never got a road map to… more »

What other advice do I have?

The first advice I give my customers before buying SIEM is: "You should understand the solution well before starting the implementation." If they don't understand the solution, they will never be able to use it correctly. This is the first piece. The second point is that they will resist the change made to the setup installation. If they look for the solution, QRadar ATM is the best. I would rate… more »
Dameer Siddiqui
Consultant
Senior Associate Consultant at Skill Orbit (Pvt.) Ltd.
Apr 12 2019

What is most valuable?

The most valuable feature of IBM QRadar is its slow control and even activation. I also like the post notifications on the screen.

How has it helped my organization?

We have integrated IBM QRadar with our firewall and some services that we use. When the logs are about to get full of SQL, IBM QRadar makes a notification. The admin knows that they're about to get… more »

What needs improvement?

The quoting and the dashboard session could be improved. It should be more user-friendly. Otherwise, the overall functionality of IBM QRadar is superb. A better GUI and reporting both would be good… more »

What's my experience with pricing, setup cost, and licensing?

We do licensing on a yearly basis. It's for deployment. If the client wants more services, we support the license. There are no other costs for the product.

What other advice do I have?

I would recommend IBM QRadar because of the security features and the organization. I can recommend the security. Security is nowadays an essential part of IBM QRadar. IBM QRadar is probably the best… more »

Which other solutions did I evaluate?

When I joined the company we were already partners with IBM. I didn't have much experience with other products.
Real User
B.T. Güvenlik Yöneticisi at a recruiting/HR firm with 10,001+ employees
Jun 19 2019

What is most valuable?

The most valuable feature is user-behavior analytics, where it will create logs based on the users' behavior and report suspicious events or other anomalies. I am working with the data analytics so it is a very good one for what I am doing.

How has it helped my organization?

This solution provides me with various alarms, and I have found security issues with some of my other products. We also have some special correlation rules that give me information about mail servers, websites, and other user behavior.

What needs improvement?

There is a lot of manual configuration required in order for the product to run smoothly, and I think that it could be made more automatic. There is no need for so much manual configuration. For example, it should be able to automatically… more »

What other advice do I have?

There are many good products and solutions on the market, but for implementation and maintenance, I can say that the most important thing is local support. We do not have any issues with this product, and we have seen the benefits of it. It… more »

Which other solutions did I evaluate?

I am familiar with products from other vendors, such as McAfee. We specifically evaluated Splunk, which is a good solution but there is no local partner in Turkey for support. Having a local partner is very important to us. We chose this… more »
D.M.Hashim-Ul- Alom
Reseller
Senior Server Security Engineer
Mar 21 2019

What is most valuable?

This solution has many valuable features but I especially like the Log Manager feature.

How has it helped my organization?

We do R&D for IBM QRadar and we are also a cybersecurity solution based company. We provide solutions for our clients like banking, government agencies, and other non-government organizations. Our clients test in our labs and we try to… more »

What needs improvement?

I think QRadar is very complex. It's a distributed system and IBM QRadar has an all-in-one solution which is not like that distributed solution but it's a good product. IBM needs to consider the user interface because if we compare it with… more »

What's my experience with pricing, setup cost, and licensing?

Licensing is very expensive, IBM QRadar is a very expensive solution. If you want to minimize costs then IBM QRadar is not for you.

What other advice do I have?

I would rate it an eight out of ten. Not a ten because of the complex interface.
See 19 More IBM QRadar Reviews

What is IBM QRadar?

The IBM QRadar security and analytics platform is a lead offering in IBM Security's portfolio. This family of products provides consolidated flexible architecture for security teams to quickly adopt log management, SIEM, user behavior analytics, incident forensics, and threat intelligence and more. As an integrated analytics platform, QRadar streamlines critical capabilities into a common workflow, with tools such as the IBM Security App Exchange ecosystem and Watson for Cyber Security cognitive capability.

With QRadar, you can decrease your overall cost of ownership with an improved detection of threats and enjoy the flexibility of on-premise or cloud deployment, and optional managed security monitoring services.

Also known as
QRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar
IBM QRadar customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.

Read Archived Reviews