2017-03-30T06:20:00Z

What is your primary use case for IBM QRadar?


How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Guest
3636 Answers

author avatar
Top 5LeaderboardReal User

Our primary use case is intrusion prevention and detection. We also use this solution for compliance and assisting in network troubleshooting for IT.

2019-12-05T02:59:00Z
author avatar
Top 20Real User

We use this solution for log correlation and alerting.

2019-07-31T02:22:00Z
author avatar
Top 20Real User

We are a cybersecurity service provider, and I manage the QRadar service for my customers.

2019-06-16T07:23:00Z
author avatar
Real User

Our primary use for this solution is to collect and correlate our logs. We also create appropriate alarms based on the contents of the logs.

2019-06-13T12:36:00Z
author avatar
Top 20Real User

The primary use of the solution in our deployment was for threat detection.

2019-06-13T12:36:00Z
author avatar
Top 5Real User

We are a partner and provide this solution to our customers.

2019-06-06T08:18:00Z
author avatar
Real User

We don't have a business relationship with IBM QRadar, our relationship is a customer relationship. We use IBM QRadar as our primary security solution.

2019-04-29T07:11:00Z
author avatar
Top 10Real User

We are a reseller of this solution. We have numerous uses cases all dependant on the needs of our customers.

2019-04-29T07:11:00Z
author avatar
Real User

Our primary use case for this solution is compliance.

2019-04-17T08:37:00Z
author avatar
Top 5LeaderboardConsultant

I'm the technical consultant here at ActivEdge Technologies. Our primary use case for this solution is for Security Intelligence and Event Monitoring (SIEM) p. We provide protection services models for an organization's networks through a sophisticated technology which permits a proactive security posture. We have a business relationship with IBM QRadar as well as being a partner. We are a partner and we also use this feature. It's an integrated solution. We design it to be compatible with our client's network devices to maintain real-time monitoring through a centralized console. Our clients rely on us to create value.

2019-04-17T08:37:00Z
author avatar
Top 20Real User

Our primary use case for this solution for the management of our security services, and our NOC (Network Operations Center) services.

2019-04-17T08:37:00Z
author avatar
Top 20Consultant

We are partners with IBM. We do simulations for our clients. Then we resolve the issue that they're facing using IBM QRadar.

2019-04-11T06:16:00Z
author avatar
Top 20Reseller

Our primary use case is to get logs mainly from firewalls, although you can also get logs from anything that can forward syslogs. We use it to sort events.

2019-03-31T09:41:00Z
author avatar
Top 20Consultant

We use it to detect security incidents.

2019-03-19T10:11:00Z
author avatar
Top 5LeaderboardReseller

Our primary use case if for security analytics. We do investigation and security analytics, so we collect events and after collecting events we give positive security analytics to clients.

2019-03-10T16:43:00Z
author avatar
Real User

Our primary use case is for the security. We use it to make sure that the data that is being transferred from one company to the other is being done securely.

2019-03-06T07:41:00Z
author avatar
Top 20Real User

We are using it for SIEM, for Security Information and Event Management. We're gathering the logs and doing analytics on how we are going to react to security incidents.

2019-03-06T07:40:00Z
author avatar
Real User

The primary use case is for insurance and product manufacturing. We use it to create rules and Windows firewalls.

2019-02-27T08:57:00Z
author avatar
Consultant

I use it to analyze incidents.

2019-02-26T08:25:00Z
author avatar
Reseller

Our primary use case of this solution is to identify threats.

2019-02-25T08:45:00Z
author avatar
Top 10Real User

Our primary use case of this solution is for our customer's operations.

2019-02-07T12:28:00Z
author avatar
Reseller

It is a requirement for all of the banks to have a security solution in Pakistan. That is the reason most of the banks are using it. In the last one and a half years, Pakistani companies are taking security very seriously, so for that reason, they evaluate these solutions. All in all, it's a good solution.

2019-02-03T08:35:00Z
author avatar
Top 5Real User

We are a telecom company, and we use it for IT systems, for telecom systems and on various different levels of applications. We use it for web servers, routers, firewalls, and other security components. Our SIEM solution serves technical and non technical business units including customer care, engineering, revenue assurance, and anti fraud.

2018-11-15T07:11:00Z
author avatar
Real User

The primary use case for us is the plug and play implementation and it is pretty easy to set it up, and scale up the SIEM. It has a kind of a functionality to it.

2018-10-29T15:46:00Z
author avatar
Consultant

My primary use case is for security monitoring. We activated freeze, proxy and firewalls and we collect data from them. We receive alerts and customize that according to our customer environments.

2018-10-04T17:27:00Z
author avatar
Top 5LeaderboardConsultant

My primary use case for this solution is to monitor security events in our cloud environment.

2018-09-09T05:40:00Z
author avatar
User

* CRM and billing system * 100 multiple technology servers: Windows AD, Linux, HP-UX, etc. * 40 firewall multiple routers * Cisco Nexus switches

2018-09-04T02:41:00Z
author avatar
Vendor

It is under a non-disclosure agreement (NDA).

2018-08-30T10:51:00Z
author avatar
Reseller

Its primary use case is for people who want to manage all of their logs with analytics and correlate that between different security devices whose logs are related. This solution is performing well.

2018-07-22T08:31:00Z
author avatar
Real User

In recent years, our focus has been the third-party integrations. Like most companies, we have several security products. (I hope most other companies are not relying on a single product). The challenge with a SIEM is taking the data produced by a log source and presenting it in a readable manner for technical and non-technical staff. That can be done with custom-built reports or in dashboards. With the IBM Security App Exchange you add a new extension (i.e. download from the App Exchange site) and configure it.

2018-06-28T06:31:00Z
author avatar
Top 20Real User

* Origination process in banks. * Insurance claims on insurance companies.

2018-06-26T12:31:00Z
author avatar
Real User

I used the IBM QRadar product from 2015 until 2017.

2018-06-12T12:14:00Z
author avatar
Real User

SIEM solutions must be business driven. Utilizing a SIEM solution depends on your enterprise goals, from meeting compliance requirements to implementing security controls and identifying the absence of controls. A SIEM solution can also be used to improve your business and increase your sales. With QRadar, you can do all these, even if you are not a security expert. It comes with a set of default rules which makes your life easier, from ransomware attacks to DDoS attacks. Everything can be detected if your logs are properly integrated into QRadar. It gets better with extensions and other rules you install from the IBM Security App Exchange, where you can detect malicious website access (with the intent of ransomware), P2P activity, or someone spamming everything. You can be notified, then you can run scripts to make QRadar take an action. I am a security analyst working with QRadar.

2018-06-11T10:36:00Z
author avatar
Consultant

My use case is the deployment of an X-Force successful connection with a botnet and malware website. An X-Force feed is free with QRadar. I have been using the product for three years now. I used it for six month at an internship to PoC some different SIEM and for two and a half years as an administrator. Now, I am using it as an architect.

2018-06-11T06:45:00Z
author avatar
Real User

We work with it in the banking sector. We had torrent limitations and big banks could join them. It has performed well. However, the limitation is not easy, so the product is not easy. You cannot get the real value of the product unless you combine it with the other products from IBM, like BigFix, the full integration of Vulnerability Management, and so on.

2018-06-03T09:17:00Z
author avatar
Top 5LeaderboardConsultant

Find the malicious activity via filter, don't rely on the rules which trigger the offenses and fix the suspicious activities.

2017-03-30T06:20:00Z
Learn what your peers think about IBM QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,041 professionals have used our research since 2012.