IBM QRadar Valuable Features

DAX Paulino
Cybersecurity Practice Lead at a tech services company with 201-500 employees
One of the most valuable features is its ability to integrate with other solutions. In our current setup, we need a holistic view of our network to provide better service. Therefore, integration with our security tools and infrastructure is a must. We managed to get our NGFW, Endpoint Security, network servers, compliance tools and others to integrate with QRadar which enables our team to better understand what is happening in our network and respond accordingly. View full review »
BALA
Program Manager at a tech services company
First, the dashboard is a valuable feature. There is a single dashboard that gives us a complete overview of what is happening around the globe. We are able to follow the devices that are connected to the network. The second thing is the customization that we have done. For example, if there is an account login made in Tokyo then we will immediately get an alert. View full review »
Vulnera08667
Vulnerability Manager at a tech services company with 51-200 employees
The most valuable feature is the QRadar Vulnerability Manager which provides vulnerability scans. In addition, I like the way QRadar generates alerts. View full review »
Learn what your peers think about IBM QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
438,725 professionals have used our research since 2012.
Omar Sánchez (Mr.Tech)
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services
They do have a way to pre-configure or have pre-configurations for companies that are starting and they don't know too much about SIEM or working with SIEMs. The solution uses SIEM to get the information to the managers so I will say that they have an ongoing boarding process that is very good if you are starting because it already has what you need to start up. In addition, they have more HIPAA. It's a pre-order on QRadar, so when we go to the process of selecting our use cases, they go by building blocks. QRadar links it to building blocks so we don't have too much to cut on it. View full review »
Larbi Belmiloud
Security Engineer at a tech services company with 11-50 employees
The first feature that I love to demonstrate for my customers is the fact that the vulnerability manager is integrated in QRadar SIEM. This lets us stop and detect vulnerability. The reports provide many methods to fix it. The circumvention method and the patch method is perfected very well in the QRadar area. The second valuable feature is when we get events and make the correlation or rules. In IBM, we can implement our customer's rules. We can have very clear status threats and severity of antigens. The other fact I love about IBM is that we can integrate many other tiers solutions, such as Carbon Black and other plans. View full review »
Dameer Siddiqui
Senior Associate Consultant at Skill Orbit (Pvt.) Ltd.
The most valuable feature of IBM QRadar is its slow control and even activation. I also like the post notifications on the screen. View full review »
SenSec321
Senior Security Architect at a tech services company with 10,001+ employees
QRadar has somewhat of a new structure recently from last gen. They have moved from the standard UI based infrastructure. There are multiple aspects coming in which are actually plugin and play kind of stuff, we don't have to write rules, we don't have to create dashboards and all. For example, on the dashboard we have user behavior analytics. And, it is very helpful for us to use customization and build from scratch. View full review »
QRadar677
B.T. Güvenlik Yöneticisi at a recruiting/HR firm with 10,001+ employees
The most valuable feature is user-behavior analytics, where it will create logs based on the users' behavior and report suspicious events or other anomalies. I am working with the data analytics so it is a very good one for what I am doing. View full review »
D.M.Hashim-Ul- Alom
Senior Server Security Engineer
This solution has many valuable features but I especially like the Log Manager feature. View full review »
Nimesh Bhatia
IT Security and Business Development Manager at a tech services company with 51-200 employees
The securing of data is the most important feature because nowadays as cloud has come in, it is especially challenging to secure. We are actually planning for Palo Alto to be a better option because IBM needs better security for their cloud. View full review »
Reviewer258
Managing Director at a tech services company with 1,001-5,000 employees
The most valuable feature is that it is a one stop solution for many things. It is a manager for vulnerability, functionality, packet filtering, packet analysis and log analysis. View full review »
Daniel Sichel
User at a healthcare company with 5,001-10,000 employees
This solution provides amazing visibility into the network and endpoints. The ability to correlate point in time and things happening over time is priceless in today's threat environment. The rules can look for things both from log sources and from data traversing your network which is unique in the SIEM world and makes QRadar a consistent magic quadrant leader. The QNI file hash in-flight search is helpful. The ability to transition from microscopic to macroscopic view, instantly, is very good. View full review »
QRadar6777
Chief Technology Officer at a tech services company with 51-200 employees
Provided that the report is prebuilt and I can find what I am looking for, the reporting is the most valuable feature in this solution. The reports are very good and very presentable. View full review »
Muhammad Adeel
Senior Security Engineer at dig8labs
The most valuable feature is the DSM Editor. The custom parsing tool is very nice, outstanding. I have used McAfee's SIEM and LogRhythm as well, but because of this feature of QRadar, I don't think their solutions are good. Customizing it is very easy and it has a user-friendly interface. View full review »
Onyegbule Uche
Technical Consultant at Activedge Technologies
The most valuable features would have to be the products' ability to customize vulnerability management settings and the ability to customize integration functions. View full review »
Phillip Okemwa
Senior Information Security Analyst at a financial services firm with 501-1,000 employees
QNI is the most valuable feature. View full review »
reviewer916710
Information Security Manager at a comms service provider with 1,001-5,000 employees
The most valuable features are the diversity of logs type that enable us to monitors what is going on from different perspectives and reduces the likelihood that we will miss important attempts. There are different events and flows, and there is diversity from getting the information from different sources. We can also see that there are no false positives. It is well-tuned and the rules are covering everything that we need. View full review »
Dr Trust Tshepo Mapoka
Senior Cybersecurity Consultant at CIA Botswana
The vulnerability management aspect is the most valuable feature. IBM QRadar is the only SIEM solution with integrated vulnerability management. That's why most clients are flocking to it. API integration is very easy. View full review »
Harshit Jaiswal
Security Consultant at Varutra Consulting
* IBM Resilient Incident * IBM Threat Intelligence * IBM QRadar is easy to use. View full review »
Marketdir9846
Marketing Director at a aerospace/defense firm with 1-10 employees
Vulnerability detection is the most valuable feature. It's the tool that finds the threats. View full review »
Shaikh Jamal Uddin
Senior Information Security Consultant at Secure Coat
Providing real-time visibility for threat detection and prioritization - QRadar SIEM provides contextual and actionable surveillance across the entire IT infrastructure, helping organizations detect and remediate threats often missed by other security solutions. These threats can include inappropriate use of applications; insider fraud; and advanced, “low and slow” threats easily lost in the “noise” of millions of events.. View full review »
Senio9887
Senior Information Security Analyst at a tech services company with 501-1,000 employees
The ability to add extensions is the most valuable feature. For example, extensions that provide valuable test ports. View full review »
MohamedAfeilal
General Manager at New System Engineering
The most valuable feature is that it reports a very small number of false positives. It is a very optimized engine. View full review »
Mika Suomu
Cloud Security Architect at Nordcloud Oy
* It's easy to set up. * There are a lot of great out-of-the-box features included. * It's a state-of-the-art product for security information and event management (SIEM). View full review »
Rajeev MM
Senior Analyst at a tech services company with 201-500 employees
It's user-friendly when compared to other products. New users can easily understand the product. It integrates very easily with other solutions. The solution is flexible. We can add anything to it, as it is a good companion to other tools. View full review »
Yong Chen
Security Consultant at a tech services company with 11-50 employees
I like the API and it's easy to use. View full review »
Nizar Hedhili
General Manager at Global Solutions Services
* DSM parsing * Log correlation * X-Force connectivity * Ease of DSM customisation * Multiple reports View full review »
Vik Solem
President, Consultant, Trainer at MEI Security
The searching capability is good. View full review »
Learn what your peers think about IBM QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
438,725 professionals have used our research since 2012.