IBM Security QRadar Reviews

The use cases that are widely used across the globe are related to ransomware phishing, lateral movement, et cetera.

The simple user access model, or the user interface, is something that is very helpful.

The initial setup is not too difficult. 

So far, we have found the product to be stable. 

We've found the solution to be scalable.

The IBM support can be better. It's an aspect that needs improvement. 

In future iterations, I'd like to see an advance in office management, the out-of-the-box use cases that are provided. That needs to be part of the requirement.

It's a stable solution. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

The solution scales well.

We have 45,000 users on the solution right now. 

We do plan to increase usage soon. 

We've dealt with technical support in the past and it was lacking. 

They have provided dedicated time to us, to work on the issue that we are observing right now.

We did not use a different solution. We chose this due to the fact that it's an industry-accepted solution. The use cases are easy to configure in multiple things that we considered important while taking the solution.

The deployment was easy. It wasn't overly complex.

It took me around six months to do the implementation. 

We handled the deployment with the assistance of a vendor partner. 

I can't speak to the exact pricing. I've never looked at its commercial costs. 

We did consider other options before choosing this product.

We are a preferred partner of IBM.

I'd rate the solution at a seven out of ten.

We are a solution provider and QRadar is one of the products that we implement for our customers.

The majority of our clients for IBM products are financial institutions. By law, to be compliant, they are only allowed to run the current version of any solutions that have been procured. Specifically for our area, all of the financial institutions such as banks are mandated to use the latest version.

The use cases include the logging and reporting of servers. These are typically operations servers and critical servers. You can also use it to monitor network devices such as switches, routers, and firewalls.

Endpoints are not included for most of the clients.

The most valuable feature is the integration with the GRD, for banking.

The advanced planning management (APM) features should be included. We are facing an issue where many of the software houses in Pakistan have developed their own in-house. They have integrated the APM tool with their monitoring solution. This feature is attracting clients and I think that it should be included.

We have not faced any issues in terms of stability.

This is a scalable product. 

The support from IBM is okay. I would rate them a four out of five.

The initial setup is not very complex. My team has hands-on experience with the product, which is perhaps why they do not complain about its complexity.

The distributor helped us a lot, which is something that we appreciate.

We implement this product for our clients.

There are competing products but IBM is a well-known brand so for the most part, we offer IBM QRadar to our clients.

Overall, IBM QRadar is very good but no product is perfect.

I would rate this solution a nine out of ten.

I deploy the IBM QRadar for many organizations, and I've been performing analyses for those organizations as well.

These organizations use the tool for monitoring of their environment. It's a basic SIEM product. So we just log each and every data source, perform an analysis, and create rules. We also create advanced use cases to cater the advanced threat(s).

I am unable to pick one, every component is valuable. It is a very good SIEM.

I would like for Yara to be supported by all components. 

I have been working with this product for the last five years.

I think it's a very stable product that provides much more visibility than the other product.

You can scale the architecture of the QRadar easily by adding licenses.

Small to medium-sized organizations would require one to two people for maintenance while man power for large organizations would be determined by the architecture. 

Customer support needs some improvement as there have been a few cases where we were unable to reach them in time.

I didn't find it to be complex. I think IBM QRadar has a more user-friendly GUI that helps your team work easily within it. Deployment for an all in one will take four to five hours but can vary depending on environment size.

Our in-house team assists our customers with deployment. Our customers are the main POC and we are able to deploy into their environment, make necessary integrations, and create the rules.

Licensing can be costly depending on your architecture.

You receive alerts for misconfigurations which allows your administer to easily reconfigure any issues. 

The organizations themselves are able to monitor all of their information regarding their team including what attacks they are facing on a daily bases.

I would rate this an eight out of ten.

IBM QRadar is used to help our customers collect information. It collects the information from other tools on the firewall, network devices, cyber tools with both Carbon Black, Cortex, Cynet, and Darktrace.

It's a complete platform.

The interface is good.

They have more than 100 features.

It is not easy to use.

The updates are not very easy. It is very complex. I would like to see the update process simplified.

When I said "it is not easy to use", I mean that QRadar is not for beginners.
Needs high competence and skyll to use it in a satisfactory way to really help customers.
The complexity is not a flaw, but it si a necessary quality for QRadar to be a truly effective tool in a Cyber environement.

We have used IBM QRadar within the last twelve months.

IBM QRadar is a stable solution.

It's a scalable platform.

Technical support is good.

Positive

Pricing is good.

I would rate IBM QRadar an eight out of ten.

We primarily use QRadar for monitoring and preparing use cases. 

This solution is deployed on-prem. 

The most important and valuable feature of QRadar is how useful it is for preparing use cases. It's also easy to use. 

The GUI of QRadar should be improved. 

I have been using IBM QRadar for one year. 

QRadar is stable. 

This solution is scalable. 

I have contacted IBM's technical support—it was great. They are very knowledgeable. 

QRadar is very easy to install, and I can do it myself. The time period will depend on the organization itself, since it depends on the environment and the number of servers and endpoints. 

I implemented this solution myself. 

I pay for licensing yearly. 

I also evaluated a lot of SIEM solutions, but I like LogRhythm and QRadar. 

I rate QRadar an eight out of ten. I would recommend QRadar, as well as LogRhythm, to others considering implementation. 

We use IBM QRadar for user behavior analytics and incident handling.

The features that I have found most valuable are that it is very stable, easy to get going, and easy to manage. It is also easy to review all incidents.

The only problem is that if you have too many events that occur, then the storage capacity becomes a problem. We would need to increase the storage capacity.

I have been using IBM QRadar for four years.

We have three customers using it and these customers have 100 to 300 users.

Getting support sometimes takes time.

The initial setup was quite straightforward.

We had the complete deployment and it was up and running in half a day.

You can implement it by yourself.

I would recommend IBM QRadar to other people who want to start using it.

On a scale of one to ten, I would give QRadar a nine.

I use IBM QRadar for user behavior analytics, and mostly incident handling.

The solution is easy to use, manage, and review all incidents.

If you have too many events that occur, then the storage capacity becomes a problem. You need to have more storage.

I have been using IBM QRadar for approximately four years.

The solution is very stable.

We have approximately three customers and the total users that are using it would be approximately 200.

The initial installation was straightforward, we were able to have it running in half a day.

I do the implementation and maintenance of the solution.

There are different types of subscriptions available. We were on an annual subscription, but our customers typically choose the two years subscription option.

I would recommend this solution to others.

I rate IBM QRadar a nine out of ten.

The main tool for this operation center for collectings events from different devices, whatever server or network devices, such as switches and routers. It handles anything related to data that can be harmful related to security. Those events can be mapped to promote the threat, it creates another event for promoted threats.

We are a service provider and we provide services to our customers. We use IBM QRadar for many types of businesses, such as banks and telecom. It has a good reputation.

IBM QRadar has a margin for development, for out-of-the-box use cases. It can be enhanced with better support and automate the use cases for that.

I have been using IBM QRadar for approximately two years.

I have found IBM QRadar to be stable.

IBM QRadar is scalable.

The technical support of IBM QRadar is good.

IBM QRadar is the best SAN solution we have used compared to the others.

We manage the installation of the solution. It is not something difficult, it is reasonable. It is not that easy for anyone to do, it needs a technical team.

The implementation needs a technical team and we have two engineers for the implementation and maintenance.

There is a license to use this solution, which is paid annually. However, there are subscription options available.

I recommend this solution to others.

I rate IBM QRadar an eight out of ten.