IBM QRadar Archived Reviews (More than two years old)

Filter by:Reset all filters
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Consultant
Sr SIEM Consultant at a tech services company with 51-200 employees
Jan 29 2018

What is most valuable?

* Correlation Rule Engine, built-in use cases: QRadar has the highest number of built-in use cases among any SIEM on the market. There are many built-in rules that are… more»

How has it helped my organization?

As a Professional Services consultant, I have heard many reports of how QRadar SIEM has quickly identified offenses which the users were unaware of previously. In addition… more»

What needs improvement?

Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules.

What's my experience with pricing, setup cost, and licensing?

Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.

Which solution did I use previously and why did I switch?

We had limited experience with RSA enVision, LogRhythm, and HPE ArcSight. QRadar is much easier and takes less time to implement and maintain.

What other advice do I have?

Every SIEM tool has a certain degree of complexity, especially where use cases and rules are concerned. I advise using Professional Services so your SIEM is configured by… more»

Which other solutions did I evaluate?

We did not evaluate any other options.
Vendor
IT Director at MyEyeDr.
Aug 30 2017

What is most valuable?

It has the ability to summarize all the other security products and give us a one-stop-shop dashboard. IBM has added a new UBA (User Behavior Analytics) app to QRadar that uses the cognitive abilities of Watson to detect and prioritize user… more»

How has it helped my organization?

It has improved our ability to research and detect anomalous behavior and activity within our network. It has really helped us in our ability to research active threats. We saw the threats when we implemented it, and we saw that we had all… more»

What needs improvement?

I'm anxious to see the Watson integration. We just finished an upgrade of our appliance so that we can be eligible to do the Watson integration. I'm anxious to see how that works.

Which solution did I use previously and why did I switch?

We weren't previously using a different solution. As security becomes more and more important, we added different security components from IBM, with QRadar being the last one. We needed some way to see all the data, all the information, and… more»

What other advice do I have?

We try to do everything all at once. Find the right partner to help you do the implementation. When picking a vendor, we look for the support, the ease of the installation, and the future of the product.
Learn what your peers think about IBM QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
419,360 professionals have used our research since 2012.
Consultant
Security Consultant at Dimension Data
Apr 10 2017

What is most valuable?

The most valuable features are all the implementations, the plug-ins, and the User Behavior Analytics (UBA). All that stuff is really cool. We are using the solution a lot on the customer side. We… more»

How has it helped my organization?

Maybe the best way it helped our organization is that QRadar is well prepared for PoCs. When you are doing PoCs, you just install the solution and you can show it to the customer. It has great… more»

What needs improvement?

We thought about what was missing and it was the analysis of the user behavior. However, with the User Behavior Analytics (UBA), it's much less complicated. I recently attended a conference… more»

Which solution did I use previously and why did I switch?

We had McAfee, but we are ending our use of it. There are only some small implementations that are running with it. We are no longer developing with it. I think in the future, we will switch to… more»

What other advice do I have?

Definitely try it. Do a PoC with a customer. You can get the value for the customer quickly. It's great.

Which other solutions did I evaluate?

We have a security department in the Czech Republic. We are basically only implementing IBM security products.
Vinod Shankar
Consultant
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Jun 28 2015

What do you think of IBM QRadar?

Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar. Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM players and have made themselves relevant in the SIEM market. We have worked on both the products and feel that this comparison is a good way to start the discussion rolling on features of both the products and how they approach the problem of Security Information & Event Management. Okay, let’s get started!!! ArcSight vs QRadar Subject ArcSight QRadar Product Birth Year 2000, ArcSight SIEM came into the market and incidentally this was the only product they have…
Vendor
Security Solution Architect with 1,001-5,000 employees
Jan 15 2015

What is most valuable?

IBM Qradar is * Ease of install . Its effectively redhat6.5 with an app on top. * Automatic log source identification * Inbuilt rules and reports are comprehensive so out of the box the system does… more»

How has it helped my organization?

IBM Qradar has great data reduction. We have several hundred million log records arrive on various of the platforms daily and have been able to tune them to alert on important things well. Very few… more»

What needs improvement?

Room for improvement - IBM Qradar: * Graphing on the system is a tad course. Analytics now requires really high quality graphing to assist in pinpointing anomalies. * Need for multiple Java versions… more»

Which solution did I use previously and why did I switch?

* We were using SPLUNK. Licensing does not allow you to expose Splunk screens to customers (we are an ISP and IT service provider). * Mcafee Nitro was too expensive * Arcsight takes too long to… more»

What other advice do I have?

* First gather your requirements * From that build a business case. * Understand that no matter what technology you choose the technology area is 15% of the effort. Your processes are 85%. No… more»

Which other solutions did I evaluate?

* Mcafee Nitro * Juniper STRM * AlienVault. Note. We would probably have used AlienVault but there was no representation in Asia Pacific at the time * TrustWave

What is IBM QRadar?

The IBM QRadar security and analytics platform is a lead offering in IBM Security's portfolio. This family of products provides consolidated flexible architecture for security teams to quickly adopt log management, SIEM, user behavior analytics, incident forensics, and threat intelligence and more. As an integrated analytics platform, QRadar streamlines critical capabilities into a common workflow, with tools such as the IBM Security App Exchange ecosystem and Watson for Cyber Security cognitive capability.

With QRadar, you can decrease your overall cost of ownership with an improved detection of threats and enjoy the flexibility of on-premise or cloud deployment, and optional managed security monitoring services.

Also known as
QRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar
IBM QRadar customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.

BUYER'S GUIDE
Download our free IBM QRadar Report and get advice and tips from experienced pros sharing their opinions.