2017-03-30T06:20:00Z

What is your primary use case for IBM Security QRadar?

Miriam Tover - PeerSpot reviewer
  • 1
  • 478
PeerSpot user
119

119 Answers

EG
Real User
Top 5
2024-02-14T15:19:56Z
Feb 14, 2024

The tool helps with infrastructure, application, and network monitoring.

Search for a product comparison
Ayoub Jaaouani - PeerSpot reviewer
Real User
Top 10
2024-02-14T13:55:48Z
Feb 14, 2024

We utilize the product for our Security Operations Center operations. Additionally, we extend its use to our customers, employing it for tasks such as threat hunting, investigation, and triage analysis.

DL
Real User
Top 10
2023-11-01T09:03:55Z
Nov 1, 2023

I use IBM Security QRadar in my company as it provides features like SIEM, SOAR, and QNI.

Frank Eargle - PeerSpot reviewer
Real User
Top 5
2023-10-30T16:51:57Z
Oct 30, 2023

I've got use cases where we monitor positive controls wherein something doesn't allow something to happen. It alarms when somebody changes the control.

MG
Real User
Top 20
2023-10-24T14:16:11Z
Oct 24, 2023

I use IBM Security QRadar in my company for authentication of users and to block the access of a user to the internet. In my company, we have only used the basic version of the solution, and currently, we don't have a license for the product since we didn't renew it. The basic version of the solution fits my company's basic requirements.

Anto Sebastin - PeerSpot reviewer
Real User
Top 10
2023-07-17T10:46:06Z
Jul 17, 2023

The product is a threat detection and response solution. It is useful for consultants or security analysts. It is an incident management tool.

Learn what your peers think about IBM Security QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
YS
Reseller
Top 20
2023-04-14T10:25:00Z
Apr 14, 2023

Our clients who are implementing or trying to implement a Security Operations Center use the IBM QRadar SIEM solution. This solution helps automate incident processing and provides visibility into the incident management process.

CV
Real User
Top 5
2023-02-13T20:28:45Z
Feb 13, 2023

My use case for IBM QRadar User Behavior Analytics is to consolidate all the logs and events from a different tool so that I can see the alerts from that other tool on the dashboard. My company connects the Windows event logs to the Xfinity router deployed on the main server, but I have to make some configurations to detect activities. My team is working on reinforcing IBM QRadar User Behavior Analytics features since the solution has not been used for a while because there's a new generation of engineers in my company. My team has to reconfigure almost every screen, including IBM QRadar User Behavior Analytics.

Jairo Willian Pereira - PeerSpot reviewer
Real User
Top 5
2022-12-22T15:32:02Z
Dec 22, 2022

Checks the quantity (and quality) of use cases for a specific sector (financial, for example) and connectors.

Mohamed Elprince - PeerSpot reviewer
Real User
Top 10
2022-12-13T09:33:47Z
Dec 13, 2022

Our primary use case is in the banking industry in two banks here in Egypt. We generally are monitoring the user behavior of the employees, For example, working after working hours, and signing into the machines after working hours.

Yaw Agyare - PeerSpot reviewer
Real User
Top 10
2022-11-09T17:18:54Z
Nov 9, 2022

Our primary use case for the solution is providing visibility for what occurs in our security system and IT assets. So all our event logs and information from a setting and criticality level go there. Additionally, there's AI used to trigger alerts when things are going bad, and then we can action them.

YE
Real User
Top 20
2022-09-30T13:51:58Z
Sep 30, 2022

Our company includes 20 senior engineers and analysts who use the solution to detect viruses on Windows servers and critical assets. We also track user activity such as connections during travel. We have many use cases and playbooks in our portfolio.

Farid Lalayev - PeerSpot reviewer
Real User
Top 10
2022-09-07T08:32:30Z
Sep 7, 2022

We are using IBM QRadar for log reviews, particularly logs that come and go from the IPS, firewall, etc. We have different dashboards for different technologies such as our firewall, IPS, and domains for our main website, so we use IBM QRadar to observe the logs from our website, and we try to make internal and external connections for better domain security.

Jacob_Koithra - PeerSpot reviewer
Real User
Top 5
2022-08-03T13:57:00Z
Aug 3, 2022

We use the blocking mode and spam mode for the IPS - XGS 5000 series and use of QRadar as a SIEM Solution for logging and monitoring network security, security analysis, and monitoring for network-related attacks. The playbook is defined with identified use cases. IPS acted as an inline to the firewall. It helped to track and sniff the packet and match the details. It helped to reduce the insider and outsider attacks. The traffic is analyzed and helped users to know the patters and access level in the network and resource being used.

EM
Real User
Top 20
2022-07-27T20:23:37Z
Jul 27, 2022

The UBA component is something that is there. However, it's something that honestly hasn't been leveraged as much. It's probably not a UBA feature like the ones we’ve used in the past. In any case, the UBA feature is there. You can look at the users and look at any risky activity or use cases. I tend to look at it. However, it's not my main source in terms of leveraging it as a UBA.

willie.Na. - PeerSpot reviewer
Real User
Top 5
2022-06-21T05:59:23Z
Jun 21, 2022

Our primary use case is logging for any anomalous traffic in terms of access times and deviations when users are in different groups within the AD. When a user deviates from their functionality, it's flagged in the UBA and for VPN traffic. I also use it for geolocation functionality. We are partners of IBM and I'm a system engineer.

KM
Real User
Top 5
2022-06-07T16:25:00Z
Jun 7, 2022

We analyze all our authentication traffic in QRadar UBA using the solution's AI module to detect and understand uncommon authentication patterns. There is also the rule logic, but we don't use that much. Instead, we mostly rely on AI to do that. In that respect, I wouldn't say we are using the product to the fullest extent because we only have the AI and what the CM is providing. We have a suite of security products, and QRadar UBA is only one source of information that we rely on. QRadar UBA collects information on 16,000 employees in the company, including when they log in and out or when they launch applications. We have a team of 10 security analysts who go into the solution to check the alarms. IBM has set the solution up so that we only need to react to the alarms. The UBA will flag it if someone does something weird, and our security team will investigate the anomaly to see if that was valid or malicious. We are currently on QRoC — short for QRadar for Cloud — so it's the latest and greatest solution. It was originally on a private cloud, but we moved to the public cloud three years ago.

Lokesh Puthalapattu - PeerSpot reviewer
Real User
Top 5
2022-05-01T05:38:22Z
May 1, 2022

Currently, we are using only Amazon Web Services for monitoring. We have CloudTrail, GuardDuty, Avast, and some Kubernetes security we have installed on Amazon AWS. By getting these logs, we have created the uses for these components.

Elshaday Gelaye - PeerSpot reviewer
Real User
Top 10
2022-03-30T06:32:00Z
Mar 30, 2022

We use QRadar to collect logs and monitor user activity and traffic from one network to another. The SOC team is in a room watching the logs from the tool live most of the time. QRadar monitors all internet activity and the output of every device configured to send a log. All traffic from various networking devices passes through the QRadar servers, and we can view it live. We have two data centers, and QRadar is deployed in one. It comes with two physical appliances to allow failover capability. There's a management interface that binds them together, and we set up an interface for each device connected to the network that sends a log.

LD
MSP
2022-02-24T08:07:00Z
Feb 24, 2022

I am an integrator of this solution, my customers use this as a SIEM solution for log management.

QI
Real User
2022-02-22T10:00:00Z
Feb 22, 2022

I'm an administrator. I have been leading the security operation center for the past four years. I have more than 12 members or SOC analysts for our 24/7 operations. I have been pitching the solutions to multiple customers, and I have also designed, implemented, and administered customer projects and completed them at the specified timeline. We have many use cases. The most common use cases are related to insights into any threats from the inside and outside. I have also configured X-Force with QRadar, and we are getting all the feeds showing malware-based IPs, etc. I also have designed some anomaly-based rules in case anyone has logged in from outside Pakistan. Most of the rules are custom-based.

UzairKhan - PeerSpot reviewer
Real User
2022-02-03T11:13:30Z
Feb 3, 2022

We are a solution provider and QRadar is one of the products that we implement for our customers. The majority of our clients for IBM products are financial institutions. By law, to be compliant, they are only allowed to run the current version of any solutions that have been procured. Specifically for our area, all of the financial institutions such as banks are mandated to use the latest version. The use cases include the logging and reporting of servers. These are typically operations servers and critical servers. You can also use it to monitor network devices such as switches, routers, and firewalls. Endpoints are not included for most of the clients.

MT
Real User
2022-01-31T10:42:13Z
Jan 31, 2022

I am a Product Manager. I am managing the inventory and the logs. For R&D purposes, we downloaded various SIEM solutions from the internet to analyze their performance, and QRadar was one of them. I downloaded the Community Edition of QRadar to check its capabilities and see how to integrate various log sources in our network. It is in my lab, and I have tested it with a few hardware devices and a few computers and servers.

BS
Real User
2022-01-13T11:13:20Z
Jan 13, 2022

We are using mixed solutions. We are currently working with IBM solutions and Azure system services. We are using two SIEM solutions: Azure Sentinel and QRadar. Azure Sentinel is covering our cloud-based solutions, and QRadar is covering our on-premise solutions.

MH
Real User
2022-01-12T15:07:00Z
Jan 12, 2022

I deploy the IBM QRadar for many organizations, and I've been performing analyses for those organizations as well. These organizations use the tool for monitoring of their environment. It's a basic SIEM product. So we just log each and every data source, perform an analysis, and create rules. We also create advanced use cases to cater the advanced threat(s).

GR
Real User
Top 10
2022-01-05T08:19:45Z
Jan 5, 2022

IBM QRadar is used to help our customers collect information. It collects the information from other tools on the firewall, network devices, cyber tools with both Carbon Black, Cortex, Cynet, and Darktrace.

AK
Real User
2021-12-27T19:59:00Z
Dec 27, 2021

QRadar is our SIEM solution. Our use cases include authentication between logins, database security, monitoring, and user behavior analytics.

MI
Real User
2021-12-14T14:11:00Z
Dec 14, 2021

We primarily use QRadar for monitoring and preparing use cases. This solution is deployed on-prem.

AI
Real User
2021-11-26T16:15:00Z
Nov 26, 2021

We are users and implementers of this solution.

MB
Real User
2021-11-24T19:38:00Z
Nov 24, 2021

We use IBM QRadar for user behavior analytics and incident handling.

PD
Real User
2021-11-22T10:11:22Z
Nov 22, 2021

I use IBM QRadar for user behavior analytics, and mostly incident handling.

Kamal Abdelrahman - PeerSpot reviewer
Real User
2021-11-17T19:36:07Z
Nov 17, 2021

The main tool for this operation center for collectings events from different devices, whatever server or network devices, such as switches and routers. It handles anything related to data that can be harmful related to security. Those events can be mapped to promote the threat, it creates another event for promoted threats. We are a service provider and we provide services to our customers. We use IBM QRadar for many types of businesses, such as banks and telecom. It has a good reputation.

JM
Reseller
2021-10-04T15:20:38Z
Oct 4, 2021

We use this solution both in our company and those of our clients. We are resellers of QRadar.

JW
Real User
2021-09-24T02:06:16Z
Sep 24, 2021

This is a solution you use when you have many security products that you want to manage in one monitor, one analytic. We are partners with IBM and provide implementation services to our customers. I'm a solution security architect.

BT
Real User
2021-09-21T12:28:09Z
Sep 21, 2021

I use QRadar for cybersecurity defense, operation, and to improve performances.

RR
Real User
2021-09-13T17:11:00Z
Sep 13, 2021

Our primary use case is for monitoring global infrastructure.

PP
Real User
2021-09-07T12:23:57Z
Sep 7, 2021

We primarily use the solution for breach management. We use it for identifying rogue IPs and picking up anomalies in terms of the network traffic coming in. We've seen a year of use cases in terms of breach management and incident management. We find IBM QRadar quite relevant in terms of protecting against potential malicious traffic coming into your organization. Obviously, it is evolved, and where we're utilizing IBM QRadar is to do other analytical capabilities, which include identity and access management. We've got a unique way where we use the platform to generate a view of all your identities and access that is granted within your environment and so forth. We are able to map that using IBM QRadar, which is not a use case that is normally thought about, however, we found from an analytical point of view, this is what we can do because we get all the information we need here.

HG
Real User
2021-08-20T09:07:49Z
Aug 20, 2021

We are using IBM QRadar for threat protection and management.

DB
Vendor
2021-08-19T13:53:26Z
Aug 19, 2021

I was initially a reseller before selling the solution from within IBM. I'm currently a freelance security sales consultant.

ST
Real User
2021-08-06T10:41:11Z
Aug 6, 2021

We're a customer, partner, or reseller. We use QRadar on our own internal SOC. We are also a reseller of QRadar for some of the projects. So, we sell QRadar to customers, and we're also a partner because we have different models. We roll the product out to a customer as part of our service where we own it, but the customer is paying. We also do a full deployment that a customer owns. So, we are actually fulfilling all three roles.

OK
Real User
2021-07-29T01:30:00Z
Jul 29, 2021

We use IBM QRadar to monitor security logs across the network.

OO
Real User
2021-07-17T03:01:11Z
Jul 17, 2021

We use IBM QRadar for threat protection.

MK
Real User
2021-07-15T07:35:31Z
Jul 15, 2021

We have a POC environment but have not onboard it to any of our clients.

VK
MSP
2021-07-13T02:01:26Z
Jul 13, 2021

We are using the current version.

OO
Real User
2021-07-03T05:03:58Z
Jul 3, 2021

This product helps to build a strong architecture, which is important to avoid problems.

HH
Real User
2021-06-24T13:07:45Z
Jun 24, 2021

The solution is primarily used for threat detection and response. QRadar can be integrated with other services from IBM such as Watson, among others. The main need is for threat detection, incident response, and dealing with threats or hunting threats. What else? I mean, it's always you're looking for threats. Usually, whoever buys this SIM solution or buys QRadar, for example, is looking for hidden threats and they get the logs to see what's happening within their system. They want a solution that looks very deep inside in order to correlate those logs and see if there's any information that they can get out of those logs or even live packets that are spanning through their networks. Therefore, it's usually threat hunting. That's the main thing, Others might use it to understand the system, and how it's performing overall. However, that's the lesser use case.

RB
Reseller
2021-06-22T12:40:15Z
Jun 22, 2021

We are service providers, and we are always exploring tools to accompany existing tools. I am always searching for the best products to meet my clients' requirements. I always look to understand the technology first, learn what benefits we can get from the product, how competitive is it with other tools such as DarkTrace, and Palo Alto. We are working with this solution, but it is being managed by another vendor. We are service providers. We are providing SOC service and MSSP services for our clients. We are working on various products, not one specific product. We can provide services for any product, in fact, any security solution.

SP
Real User
2021-06-21T07:12:19Z
Jun 21, 2021

This a Security Information and Event Management (SIEM) solution and we use it for many purposes.

JM
Real User
Top 5
2021-06-10T19:34:00Z
Jun 10, 2021

We use the solution for network behavior and log analytics. We wish to procure one for behavior analytics. I am not certain which version we are using. There is a need for a behavior analytics solution in the environment. We use the solution to highlight unusual traffic for a single particular link or even single particular user traffic.

KA
Real User
2021-06-04T12:28:39Z
Jun 4, 2021

IBM QRadar is typically deployed in a SOC environment for security monitoring. It is used for log and packet capturing. It has some supporting technology, such as data leakage prevention and data encryption.

SS
Real User
2021-06-03T10:06:00Z
Jun 3, 2021

There are many use cases for this solution. One example is we are using this solution to monitor user site access to band sites.

PK
Real User
2021-05-25T19:18:32Z
May 25, 2021

We use this solution for advanced threat detection, insider threat monitoring, risk and vulnerability management, and unauthorized traffic detection regarding our network. We can monitor and detect web attacks with it as well. Within our organization, there are roughly 2,000 to 3,000 employees using this solution. As of now, we don't have any plans to increase our usage of IBM QRadar.

Real User
2021-05-22T21:05:45Z
May 22, 2021

We make some special demos that we sell to our customers. We work as a technical support L1/L2 for our customers in these cases as well. The solution allows organizations to check people who work from home or in the office. It can help a company understand who is connected from home. Sometimes people give a login and password to colleagues. The security can see the situation when someone logs in locally, and they can see a remote connection. They can see this is from the login and password. They'd be able to tell if something was shared and could dig deep to figure out if it is a breach or if it is something that has been properly shared.

Chetankumar Savalagimath - PeerSpot reviewer
Real User
Top 5Leaderboard
2021-05-15T12:05:17Z
May 15, 2021

We are a product-based organization. We use this solution for a shared SOC service and security audits and compliance.

RP
MSP
2021-04-16T09:36:53Z
Apr 16, 2021

We are a service provider and we are providing the solution as a managed service for multitenancy security.

CM
Real User
2021-03-19T19:57:21Z
Mar 19, 2021

We mostly use the product for PCI compliance.

RU
Real User
2021-03-05T17:23:52Z
Mar 5, 2021

We provide cloud services to the users, and we have our own cloud setup over here. The major use case is when clients require the SOC to be set up. Setting up the SOC itself is a huge investment. A customer has to invest a lot to build up the whole SOC environment, so, rather than the customer investing in the SOC environment and building up the SOC, we provide it as a service. Customers don't need to do any up-front investment. They use our service. We manage their security tools and security environment as per the compliance guidelines that come from the Indian government. We follow all those practices, and we help them procure more for their network and infrastructure.

DS
Real User
2021-03-04T08:07:20Z
Mar 4, 2021

Depending on the organization's needs the solution can monitor different types of security through logs.

JR
Real User
2021-02-19T06:14:15Z
Feb 19, 2021

I am currently working in the Brazilian operation of my company. I have a project in the airline industry in Brazil. This project improves the correlation of logs. There is another company I ticket to improve the solution, they have chosen to correlate the logs. We have SOC, Security Operation Center in Brazil, with 53 employees. We developed all these solutions in Brazil and it is in operation in 34 countries.

DD
Real User
2021-02-11T16:07:00Z
Feb 11, 2021

We are using QRadar as a managed service.

SW
Reseller
2021-02-10T18:53:33Z
Feb 10, 2021

We primarily use the solution for log collection and security incidents as well as event management.

Md Saiful Hyder - PeerSpot reviewer
MSP
Top 20
2021-01-26T10:22:50Z
Jan 26, 2021

We primarily use the solution for some compliance, including military compliance such as PCIDSL, ISO 27001, and ISO 27002, and then some other specifications around them. There are also some industries that need to analyze the log and events, and then build and create some rules to put forward.

AC
Real User
2021-01-24T15:38:21Z
Jan 24, 2021

We used this product as a SIEM, for information security.

JJ
Real User
2021-01-24T11:57:00Z
Jan 24, 2021

IBM QRadar is a FIM component within the security operation center we were deploying in the customer environment. We are managing their cyber defense capability.

AS
Real User
2021-01-14T14:07:47Z
Jan 14, 2021

I am a system integrator. We have installed it on-premises, on the cloud, in distributed environments, and all other environments for our clients.

JN
Real User
2021-01-12T16:38:34Z
Jan 12, 2021

The primary use case of this solution is for monitoring an enterprise data center, globally for 12,000 devices.

Abbasi Poonawala - PeerSpot reviewer
Real User
Top 5Leaderboard
2020-12-24T16:58:24Z
Dec 24, 2020

It is used to dive deep into threat analysis. It is a SIEM solution that can be hooked up with some of the endpoint security or threat discovery solutions such as Forescout, Qualys, Sophos, and MDM. After the endpoint security or threat discovery solution discovers the threat, QRadar takes it further from that point onwards and allows you to go deep into the threat analysis. It has a lot of integrations, such as with CMDB, and it can do the asset classification. It can also tell the CVSS score. These are the capabilities or use cases.

FC
Real User
2020-12-19T07:31:11Z
Dec 19, 2020

We primarily use the solution to develop software, for some device controllers.

JT
Real User
2020-12-10T17:37:00Z
Dec 10, 2020

We have a lot of use cases with IBM QRadar, but our primary use is for monitoring traffic and detecting tricks.

KJ
Real User
2020-12-04T14:16:02Z
Dec 4, 2020

We use QRadar to detect and gather information about any product vulnerabilities and any sort of attack on the network. It's able to help detect suspicious activity that is coming into the system. We are also selling this product.

Kamal Abdelrahman - PeerSpot reviewer
Real User
2022-02-15T12:37:14Z
Feb 15, 2022

IBM QRadar User Behavior Analytics has a dedicated application for user behavior analytics and must be installed separately on an application server. It is valuable if you created the setup for the use cases. It needs additional customization to have a good value. You will have to point the solution to the suitable data sources that will feed the user analytics in a good manner. You will have good user behavior analytics, based on the created use cases.

TG
Real User
2020-11-30T14:46:28Z
Nov 30, 2020

The primary use case of this solution is for monitoring the network.

it_user1369023 - PeerSpot reviewer
Real User
2020-11-27T11:20:17Z
Nov 27, 2020

We are using it from the compliance perspective. We need this solution to comply with HIPAA and PCI because our clients require HIPAA and PCI DSS compliance. We also use it for log management, primarily security logs, and to some extent, for operational activities, even though this tool is actually not meant for operational tasks. We do keep track of errors in our appliances like hardware, storage, and network switches through QRadar. The main or core solution is on-premises. There is an extended arm, which is in the cloud as well for cloud integration.

RO
Real User
2020-11-25T19:59:57Z
Nov 25, 2020

We use the solution for a variety of tasks. We use it, for example, for authentication, network-related authentication, user-related tasks, and Windows UNIX servers. It's a lot. There's a ton of use cases. I really can't sync right now about every single use case, however, the main things are authentication and network-related systems and all flavors of UNIX Windows.

SH
Real User
2020-11-16T12:57:27Z
Nov 16, 2020

We are a system integrator and IBM QRadar is one of the security and monitoring products that we implement for our clients. It is used for monitoring applications such as Windows virtual desktop access (VDA) and computer-managed instruction (CMI).

Artur Marzano - PeerSpot reviewer
Real User
2020-11-13T11:30:59Z
Nov 13, 2020

We use this solution for deploying and integrating log sources and use cases. We use it to generate offensives based on normal behavior and suspicious behavior from our security tools, firewalls, and other solutions. We have applied a set of old and new rules to QRAdar that aim to detect persistent abnormalities in our environments. Within our organization, our security operations center and users from our local security team — roughly 10 to 12 users — use QRadar. We plan to expand to other areas of the company so that other people can use QRadar for different use cases. But right now only the security teams use it.

GC
Reseller
2020-11-11T16:49:23Z
Nov 11, 2020

We do not implement this tool ourselves but have experience implementing it for our clients. There are several use cases. The two most important ones are network analysis and UBA.

MM
Real User
2020-10-08T07:25:22Z
Oct 8, 2020

This is a security monitoring product and the primary use case is to detect strange behavior by users. For example, if we have a user that has not used the service for a long time and then all of a sudden, somebody logs in one night. This is not normal and the system will detect it. This is just one example of many use cases.

DP
Reseller
Top 5Leaderboard
2020-09-09T06:28:59Z
Sep 9, 2020

User Behavior Analytics is a part of IBM QRadar. It's a kind of application that can be installed over IBM QRadar SIEM. The primary use case is to detect user behavior anomalies, and through these anomalies, detect and better understand different threats and attacks.

it_user1379427 - PeerSpot reviewer
Real User
2020-07-13T06:55:00Z
Jul 13, 2020

Our primary use case with IBM QRadar User Behavior Analytics is seeing if there are log-ins from the same ID's but from different locations, this is one use case. Or if MAC addresses keep changing, this is another use case. Lastly, if the risk level is high, like with different IP's. These are the three use cases we have.

BB
Real User
2020-06-28T08:51:00Z
Jun 28, 2020

The first thing that we implemented for user behavior was to find out whether somebody is logging in at odd hours. It studies user behavior.

SO
Real User
2020-06-15T07:33:00Z
Jun 15, 2020

We use IBM QRadar for monitoring user behavior in order to baseline the user activity. Then we print use cases around those behaviors to see if anything stands out. We can then see if something is going wrong in the enrollment from a user activity point of view.

VB
Real User
2020-05-12T05:43:00Z
May 12, 2020

Some of these products can be used in any vertical like healthcare, manufacturing, and vehicle. You can use these products in all types of verticals. But I found that there is a limitation in central verticals. These products do not do well in central verticals.

DS
Real User
2019-12-05T02:59:00Z
Dec 5, 2019

Our primary use case is intrusion prevention and detection. We also use this solution for compliance and assisting in network troubleshooting for IT.

VS
Real User
2019-07-31T02:22:00Z
Jul 31, 2019

We use this solution for log correlation and alerting.

AI
Real User
2019-06-16T07:23:00Z
Jun 16, 2019

We are a cybersecurity service provider, and I manage the QRadar service for my customers.

ÖO
Real User
2019-06-13T12:36:00Z
Jun 13, 2019

Our primary use for this solution is to collect and correlate our logs. We also create appropriate alarms based on the contents of the logs.

LB
Real User
2019-06-13T12:36:00Z
Jun 13, 2019

The primary use of the solution in our deployment was for threat detection.

MA
Real User
2019-06-06T08:18:00Z
Jun 6, 2019

We are a partner and provide this solution to our customers.

GO
Real User
2019-04-29T07:11:00Z
Apr 29, 2019

We don't have a business relationship with IBM QRadar, our relationship is a customer relationship. We use IBM QRadar as our primary security solution.

AF
Real User
2019-04-29T07:11:00Z
Apr 29, 2019

We are a reseller of this solution. We have numerous uses cases all dependant on the needs of our customers.

BK
Real User
2019-04-17T08:37:00Z
Apr 17, 2019

Our primary use case for this solution is compliance.

it_user956985 - PeerSpot reviewer
Real User
2019-04-17T08:37:00Z
Apr 17, 2019

Our primary use case for this solution for the management of our security services, and our NOC (Network Operations Center) services.

OU
Consultant
2019-04-17T08:37:00Z
Apr 17, 2019

I'm the technical consultant here at ActivEdge Technologies. Our primary use case for this solution is for Security Intelligence and Event Monitoring (SIEM) p. We provide protection services models for an organization's networks through a sophisticated technology which permits a proactive security posture. We have a business relationship with IBM QRadar as well as being a partner. We are a partner and we also use this feature. It's an integrated solution. We design it to be compatible with our client's network devices to maintain real-time monitoring through a centralized console. Our clients rely on us to create value.

DS
Real User
2019-04-11T06:16:00Z
Apr 11, 2019

We are partners with IBM. We do simulations for our clients. Then we resolve the issue that they're facing using IBM QRadar.

WP
Reseller
2019-03-31T09:41:00Z
Mar 31, 2019

Our primary use case is to get logs mainly from firewalls, although you can also get logs from anything that can forward syslogs. We use it to sort events.

it_user797751 - PeerSpot reviewer
Consultant
2019-03-19T10:11:00Z
Mar 19, 2019

We use it to detect security incidents.

TM
Real User
Top 10
2019-03-10T16:43:00Z
Mar 10, 2019

Our primary use case if for security analytics. We do investigation and security analytics, so we collect events and after collecting events we give positive security analytics to clients.

NB
Real User
2019-03-06T07:41:00Z
Mar 6, 2019

Our primary use case is for the security. We use it to make sure that the data that is being transferred from one company to the other is being done securely.

it_user970365 - PeerSpot reviewer
Real User
2019-03-06T07:40:00Z
Mar 6, 2019

We are using it for SIEM, for Security Information and Event Management. We're gathering the logs and doing analytics on how we are going to react to security incidents.

it_user984276 - PeerSpot reviewer
Real User
2019-02-27T08:57:00Z
Feb 27, 2019

The primary use case is for insurance and product manufacturing. We use it to create rules and Windows firewalls.

YC
Consultant
2019-02-26T08:25:00Z
Feb 26, 2019

I use it to analyze incidents.

DA
Real User
2019-02-25T08:45:00Z
Feb 25, 2019

Our primary use case of this solution is to identify threats.

AS
Real User
2019-02-07T12:28:00Z
Feb 7, 2019

Our primary use case of this solution is for our customer's operations.

RM
Reseller
2019-02-03T08:35:00Z
Feb 3, 2019

It is a requirement for all of the banks to have a security solution in Pakistan. That is the reason most of the banks are using it. In the last one and a half years, Pakistani companies are taking security very seriously, so for that reason, they evaluate these solutions. All in all, it's a good solution.

MA
Real User
2018-11-15T07:11:00Z
Nov 15, 2018

We are a telecom company, and we use it for IT systems, for telecom systems and on various different levels of applications. We use it for web servers, routers, firewalls, and other security components. Our SIEM solution serves technical and non technical business units including customer care, engineering, revenue assurance, and anti fraud.

VP
Real User
2018-10-29T15:46:00Z
Oct 29, 2018

The primary use case for us is the plug and play implementation and it is pretty easy to set it up, and scale up the SIEM. It has a kind of a functionality to it.

it_user927267 - PeerSpot reviewer
Real User
2018-10-04T17:27:00Z
Oct 4, 2018

My primary use case is for security monitoring. We activated freeze, proxy and firewalls and we collect data from them. We receive alerts and customize that according to our customer environments.

OS
Consultant
2018-09-09T05:40:00Z
Sep 9, 2018

My primary use case for this solution is to monitor security events in our cloud environment.

NH
User
2018-09-04T02:41:00Z
Sep 4, 2018

* CRM and billing system * 100 multiple technology servers: Windows AD, Linux, HP-UX, etc. * 40 firewall multiple routers * Cisco Nexus switches

it_user923115 - PeerSpot reviewer
Vendor
2018-08-30T10:51:00Z
Aug 30, 2018

It is under a non-disclosure agreement (NDA).

SS
Reseller
2018-07-22T08:31:00Z
Jul 22, 2018

Its primary use case is for people who want to manage all of their logs with analytics and correlate that between different security devices whose logs are related. This solution is performing well.

it_user398799 - PeerSpot reviewer
Real User
2018-06-28T06:31:00Z
Jun 28, 2018

In recent years, our focus has been the third-party integrations. Like most companies, we have several security products. (I hope most other companies are not relying on a single product). The challenge with a SIEM is taking the data produced by a log source and presenting it in a readable manner for technical and non-technical staff. That can be done with custom-built reports or in dashboards. With the IBM Security App Exchange you add a new extension (i.e. download from the App Exchange site) and configure it.

LY
Real User
2018-06-26T12:31:00Z
Jun 26, 2018

* Origination process in banks. * Insurance claims on insurance companies.

DC
Real User
2018-06-12T12:14:00Z
Jun 12, 2018

I used the IBM QRadar product from 2015 until 2017.

FA
Real User
2018-06-11T10:36:00Z
Jun 11, 2018

SIEM solutions must be business driven. Utilizing a SIEM solution depends on your enterprise goals, from meeting compliance requirements to implementing security controls and identifying the absence of controls. A SIEM solution can also be used to improve your business and increase your sales. With QRadar, you can do all these, even if you are not a security expert. It comes with a set of default rules which makes your life easier, from ransomware attacks to DDoS attacks. Everything can be detected if your logs are properly integrated into QRadar. It gets better with extensions and other rules you install from the IBM Security App Exchange, where you can detect malicious website access (with the intent of ransomware), P2P activity, or someone spamming everything. You can be notified, then you can run scripts to make QRadar take an action. I am a security analyst working with QRadar.

MD
Consultant
2018-06-11T06:45:00Z
Jun 11, 2018

My use case is the deployment of an X-Force successful connection with a botnet and malware website. An X-Force feed is free with QRadar. I have been using the product for three years now. I used it for six month at an internship to PoC some different SIEM and for two and a half years as an administrator. Now, I am using it as an architect.

MH
Real User
2018-06-03T09:17:00Z
Jun 3, 2018

We work with it in the banking sector. We had torrent limitations and big banks could join them. It has performed well. However, the limitation is not easy, so the product is not easy. You cannot get the real value of the product unless you combine it with the other products from IBM, like BigFix, the full integration of Vulnerability Management, and so on.

JS
Consultant
2017-03-30T06:20:00Z
Mar 30, 2017

Find the malicious activity via filter, don't rely on the rules which trigger the offenses and fix the suspicious activities.

IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas...
Download IBM Security QRadar ReportRead more

Related Q&As