NetIQ Sentinel Competitors and Alternatives

Read reviews of NetIQ Sentinel competitors and alternatives
Av.logo.icon type
AlienVault
F0283eec e8b7 452d 80bb f53c9afca1fb avatar
Real User
Security Architecture and Operations Lead at a university with 1,001-5,000 employees
Jan 25 2017

What is most valuable?

The NIDS/HIDS features have probably been the best features for us in our environment. We've had some open-source options and, while they work, it isn't the same as having commercial support. SIEM is the second-most useful feature.

How has it helped my organization?

We've been able to professionally generate alerts for IDS, SIEM and vulnerabilities where we didn't have those capabilities before.

What needs improvement?

Reporting still needs a lot of work, especially on the vulnerability side. Vulnerability management UI could be improved as well. Vulnerability reports are clunky and difficult to manage. The layout is not really professional or intuitive and... more»
Damian scott avatar 1432837163?1432837161
Consultant
Sr SIEM Consultant at a tech services company with 51-200 employees
Jan 29 2018

What is most valuable?

* Correlation Rule Engine, built-in use cases: QRadar has the highest number of built-in use cases among any SIEM on the market. There are many built-in rules that are enabled by default and easily tunable to meet the specific needs of each... more»

How has it helped my organization?

As a Professional Services consultant, I have heard many reports of how QRadar SIEM

What needs improvement?

Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules.
21282df1 3d06 4286 a77a 2e380ecd138b avatar?1454423526
Real User
Information Security Analyst at a tech services company with 501-1,000 employees
Jul 04 2016

What do you think of McAfee Enterprise Security Manager (McAfee ESM)?

Valuable Features The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available. It's also very easy to use. • Improvements to My Organization It's easy to create reports for compliance and for detecting different kinds of attacks and breaches through correlations. This makes the client devices to be more secure. • Room for Improvement The disk space needed for events is not clear. In all clients, we had at least more than 100GB free that we could not use. • Use of Solution I've used it for two-and-a-half years. • Deployment Issues The disk space sizing is very hard and when the version was updated to 9.4 the space needed to store events was cut by half, making it harder to explain to clients who now needed...
Splunk logo
Splunk
1035dc28 12ce 4481 82cd 37440c1c249e avatar
Real User
Foundation Technology Specialist at a insurance company with 1,001-5,000 employees
May 26 2017

What is most valuable?

The ability to rapidly diagnose problems in production and non-production, across hundreds of log files, is the most valuable feature.

How has it helped my organization?

MTTR is drastically reduced, because the developers and other IT support staff have instant access to log events. People costs are saved by not having to involve the domain developers from multiple teams, when tracing a problem that spans... more»

What needs improvement?

Official training, even CBT, is expensive so not many people are able to get certified. This leads/causes the users to make use of the most basic functionality only. It is a challenge to manage the environment in such a way, that one’s log,... more»

Sign Up with Email