If you were talking to someone whose organization is considering IBM QRadar User Behavior Analytics, what would you say?
How would you rate it and why? Any other tips or advice?
QRadar is not perfect. It's a good security monitoring product that can provide threat intelligence, but it cannot do it alone. You need to integrate with many other things, such as IBM Orchestrator. Also, you need to have X-Force. After these kinds of things are integrated, it works a little bit better. I would rate this solution a six out of ten.
I would rate IBM QRadar User Behavior Analytics an eight out of ten.
I like IBM QRadar User Behavior Analytics. I would rate it an eight of ten. It still needs a lot of improvement, but its main advantage is that it's fully integrated with a SIEM system, and it's free of charge.
What advice would I give? I want the certification to be very honest. I typically like the hands-on with QRadar, they're quite different. On a scale of one to ten, I would rate IBM QRadar User Behavior Analytics a seven. I have used other solutions, like LogRhythm, for a few use cases like ransomware detection, etc.. and there were less false positives there. With the ransomware especially, it was very thin there. We actually have very few use cases and there were lots of false positives with QRradar. If I compare the AI function and the logarithms I think it needs some improvement. It is a complex product compared to LogRhythm.
I would rate this solution an eight out of ten.
Our customers are satisfied with the product and they are not looking for anything else. I would recommend the product. On a scale of one to ten I would rate IBM QRadar User Behavior Analytics a seven.
If you are only looking at IBM, make sure to evaluate the product thoroughly. Make sure to see the complete list they offer, like more of the competitive features. Explore the options available on the market. It doesn't really integrate well with other products. I would rate it a three out of ten. It is missing key features.
IMB should reduce the pricing, or reduce some of the features for a more economical solution for the customer. I would rate it an eight out of ten. They should reduce the pricing.
How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.