IBM QRadar

4.1
(23)
Optimized for quick response

IBM QRadar

Work for IBM QRadar?

Learning about IBM QRadar?

We can help you find the solution that fits you best.

IBM QRadar Reviews

Chat with a G2 Advisor
Write a Review
Filter Reviews
Filter Reviews
  • Ratings
  • Company Size
  • User Role
  • Industry
Ratings
Company Size
User Role
Industry
Showing 23 IBM QRadar reviews
LinkedIn Connections
IBM QRadar review by Alice W.
Alice W.
Validated Reviewer
Verified Current User
Review Source
content

"Good product for monitoring and safety"

What do you like best?

I like the security provided by IBM QRadar because it quickly detects and reveals any possible threat, uses an advanced Sense Analitics engine to correlate and normalize such data and identifies security attacks. It also consolidates network flow data and record events

What do you dislike?

As it detects several threats, it also creates many false alarms, which leads to greater sources of records. By creating specific reports you can make them somewhat confusing and difficult. The tool is not the simplest there is

Recommendations to others considering the product:

I recommend it is a complete software for a complete security administration and implementation, provides the best security and good monitoring

What problems are you solving with the product? What benefits have you realized?

We have noticed improvements in security since it meets most of SIEM's needs, we could also correlate the data of a console more easily and better. Just this we sought to solve with this software and therefore we follow the recommendation of an expert in this type of software

Sign in to G2 to see what your connections have to say about IBM QRadar
IBM QRadar review by MohanRaj K.
MohanRaj K.
Validated Reviewer
Review Source
content

"Review"

What do you like best?

We'll get the alerts when it is necessary. Detects threats, identifies and prioritizes potential incidents which has happen. This tool has automatic response, contains threats also. It makes sure that the most important events are to be highlighted. This is having good integration of log sources. It correlates the data. One of the best thing in this is it collects the logs.

What do you dislike?

This doesn't work well in the nutanix virtualization (Acropolis). It require fairly high resources for this machines. If we make variable login expiration would be appreciated. For this installation process is plugins. It is easy to use. Having good price which is efficient. Having good integration services.

What business problems are you solving with the product? What benefits have you realized?

IBM QRadar is using for to monitor the logs of the Cisco Firewall and several AIX Logs.

Business problems addressed include identification of security risk and automation for response to aid into taking prompt action to find the sources of security by using the log data and new network traffic data, making investigations possible and prompt.

What Security Information and Event Management (SIEM) solution do you use?

Thanks for letting us know!
IBM QRadar review by Luke T.
Luke T.
Validated Reviewer
Review Source
content

"It offers clear and precise reports."

What do you like best?

QRadar offers very clear and accurate reports so it provides reliability in terms of its use and vulnerability detection, as well as how to act in terms of network analysis.

What do you dislike?

It is an advantage as it provides security to the organization in terms of vulnerabilities that can compromise both the network and equipment causing damage by giving material and leakage of information of high importance.

Recommendations to others considering the product:

It is recommended and always before implementing the product should be counted as well as revisions in a way that can cover profitability in terms of its use as well as financial expenses in implementation and use of the product, is a security solution of high caliber , with good support however it is not so easy to use since it is not so intuitive but that if it is powerful and guarantees a strong experience in services.

What problems are you solving with the product? What benefits have you realized?

QRadar is an important element in the analysis to make the right decisions in terms of vulnerabilities, its functionalities and interface guarantee to the end users the maximum potential to face in case of potential attacks that may generate lost electronic equipment as well as possible information leakage.

IBM QRadar review by Mark A.
Mark A.
Validated Reviewer
Review Source
content

"QRadar Newbie."

What do you like best?

I like the discussed inter-operability between QRadar and other data sources that can be used as feeds or a database. I also like that it can be tailored to any environment with not too much effort if the environment is mature.

What do you dislike?

We have run into a timestamp issue whereby QRadar timestamps an event when it receives the data and creates an alert based on that timestamp vs when the event actually happened on the Network.

Recommendations to others considering the product

Have a mature environment that is well documented, a well organized process flow for Security as a whole and well defined roles and responsibilities. It's always good to have done your homework on any product as it relates to your environment so as to have the ability to identify any gaps in either process flow or data sources availability/use in QRadar.

What business problems are you solving with the product? What benefits have you realized?

We are implementing QRadar to better consolidate and cross correlate data to one console.

IBM QRadar review by Administrator in Information Technology and Services
Administrator in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source
content
Business partner of the vendor or vendor's competitor, not included in G2 scores.

"IBM SECURITY QRADAR SIEM"

What do you like best?

Probably the most comprehensive and powerful SIEM we’ve seen...We’ve seen with the added benefit of many next-gen features and superlative correlation...Excellent price for a very flexible SIEM with lots of features... Easy installation, configuration and management... Very fast search, quick and easy log source integration, easy and clear report and rule preparation, etc...

What do you dislike?

Qradar running stable can become inconsistent when we install some extention to qradar ...

is it possible cross query in two events and than match the same property and than two other events merges and than create new table/search/report from these matched events?

Recommendations to others considering the product:

You should definitely try it before deciding on any siem product...

What problems are you solving with the product? What benefits have you realized?

It meets almost all our needs for siem.

IBM QRadar review by Brandon B.
Brandon B.
Validated Reviewer
Verified Current User
Review Source
content

"IBM QRadar "

What do you like best?

Honestly the best thing about IBM QRadar is the support. It's a very complex tool and can be very daunting to newer admins. But an email here or there or a ticket can get almost any question possible answered in a friendly and professional manner.

What do you dislike?

It's a very complex tool and can be daunting for new admins not familiar with it. Depending on the situation there can be a bit of a steep learning curve.

Recommendations to others considering the product:

Try the new free 50 eps version of QRadar to test it in a small environment.

What problems are you solving with the product? What benefits have you realized?

Security visibility

IBM QRadar review by Anjali V.
Anjali V.
Validated Reviewer
Review Source
content

"QRadar :NextGen security Tool"

What do you like best?

This tool has very intelligent Inbuilt correlation mechanism which takes variety of alerts/event information and gives insights which help analysts to take proper actions. It will tell you in advance about the threats and impact by analyse all the information in real time.

What do you dislike?

The architecture of the product is very detailed and complex. Filter property is not detailed clearly.

Recommendations to others considering the product:

Yes this product offers a lot of features and worth in spending for security.

What problems are you solving with the product? What benefits have you realized?

Using Qradar to save our systems from malicious activities and critical data leak.

IBM QRadar review by samir c.
samir c.
Validated Reviewer
Review Source
content

"Qradar is a very good product"

What do you like best?

Qradar is very simple to use

we can integrate it with different log sources

I like that we can install application on Qradar (pulse, users behavior...)

What do you dislike?

qradar dosn't support some IBM product (IBM switch and IBM domino) for exemple

Qradar can't be integrated with TSM

What problems are you solving with the product? What benefits have you realized?

we get our PCI-DSS certificate using Qradar

we use Qradar every day to resolve network issues

IBM QRadar review by Joe A.
Joe A.
Validated Reviewer
Verified Current User
Review Source
content

"Undecided"

What do you like best?

Nothing particular. Layout is similar to other SIEM applications.

What do you dislike?

searching is not intuitive. Quick filter doesn't offer any tips or command/syntax help.

What problems are you solving with the product? What benefits have you realized?

We haven' identified business problems to solve yet.

IBM QRadar review by Poonam K.
Poonam K.
Validated Reviewer
Review Source
content

"IBM QRadar SIEM"

What do you like best?

1. Detecting anomalies in the network

2. Speed of alert generation and notification

3. Customized rule development

What do you dislike?

1. IBM Customer Service Support

2. Cost of product compared to others in the industry

Recommendations to others considering the product:

1. Consider pricing compared to other products in the Gartner Magic Quadrant for SIEM

2. Consider integration with legacy devices

What problems are you solving with the product? What benefits have you realized?

Security Incident and Event Monitoring. It has significantly automated incident resolution.

IBM QRadar review by Administrator in Financial Services
Administrator in Financial Services
Validated Reviewer
Review Source
content

"QRadar Review - Rick Jesse"

What do you like best?

Ease of use. The ability to quickly find information. Rules are fairly straight forward to create and/or edit.

What do you dislike?

Auto detecting log sources are sometimes inaccurate, leading to duplicate and sometimes triplicate log sources. DSMs have a lot of issues with parsing for certain log sources, and there is a lack of some common DSMs. Specific reports can be difficult to create, the time series reports specifically give us the most issues.

What business problems are you solving with the product? What benefits have you realized?

We are using QRadar as both a logger and SIEM. Detecting and Alerting of malicious activity has been the biggest benefit.

IBM QRadar review by Juan Carlos Q.
Juan Carlos Q.
Validated Reviewer
Review Source
content

"Qradar buena solución monitorización."

What do you like best?

Es una herramienta muy util en monitorización de sistemas de alerta temprana.

What do you dislike?

En mi opinion da la sensacion de estar muy limitado, no ofrece nada diferente.

Recommendations to others considering the product:

Un buen sistema de monitorización. Es aceptable.

What problems are you solving with the product? What benefits have you realized?

Analisis de eventos para generar alertas y reportes.

IBM QRadar review by Consultant
Consultant
Validated Reviewer
Review Source
content
Business partner of the vendor or vendor's competitor, not included in G2 scores.

"Flexible, fast, data-intensive, and evolving at a rapid pace"

What do you like best?

The fact that it natively deals with flows and log sources. The QRadar app exchange is just putting the platform on steroids and expanding its capabilities limitlessly. The correlation and offense engine is very powerful, as is the framework for integrating threat and intel feeds. Tight integration with QVM, Forensics.

What do you dislike?

The dashboards need more visualization options and flexibility.

What problems are you solving with the product? What benefits have you realized?

Orchestrating security incident response around IBM QRadar, with increased identification rates, faster triage, greater visibility into incidents from network flows and other security context sources.

IBM QRadar review by User in Information Technology and Services
User in Information Technology and Services
Validated Reviewer
Review Source
content

"Easy to learn for beginners"

What do you like best?

IBM QRadar is a very good tool for the beginners. It has a good UI which allows us to get the information required easily. The tabs provide an easy overview of the events.

What do you dislike?

It doesn't provide all the details required. The raw data isn't enough for detailed analysis!

What business problems are you solving with the product? What benefits have you realized?

We are able to determine which event is getting triggered more often and are able to check what is happening.

IBM QRadar review by Consultant in Retail
Consultant in Retail
Validated Reviewer
Review Source
content

"Threat analysis at its best"

What do you like best?

It is better than other SIEM out there in the market currently

What do you dislike?

A touch on the costlier side and need to have good back ground in SIEM to use this

Recommendations to others considering the product:

The SIEM system in the market currently with lot more potential to grow in the right direction

What problems are you solving with the product? What benefits have you realized?

Advanced and persistent threat detection

IBM QRadar review by User
User
Validated Reviewer
Review Source
content

"A little complicated to use"

What do you like best?

I love the customization and the interface

What do you dislike?

I dislike the difficulty, I feel like it could be more user friendly

Recommendations to others considering the product

Use it if you’re very comfortable with threat detection

What business problems are you solving with the product? What benefits have you realized?

Solving threat detection. It does detect lots of threats and responds quickly

IBM QRadar review by Consultant
Consultant
Validated Reviewer
Review Source
content
Business partner of the vendor or vendor's competitor, not included in G2 scores.

"Excellent tool"

What do you like best?

The way the tool interacts with the end user is amazing.

What do you dislike?

Less options for now. I guess more update will do the work.

What problems are you solving with the product? What benefits have you realized?

As it is owned by IBM support is good and the security tool works as expected.

IBM QRadar review by User in Hospital & Health Care
User in Hospital & Health Care
Validated Reviewer
Review Source
content

"IBM QRader"

What do you like best?

Security Information and Event Management (SIEM) helps security teams accurately detect and prioritize threats across the enterprise.

What do you dislike?

we are started recently. i dont know what is dislike in ibm qrader.

Recommendations to others considering the product

yes

What business problems are you solving with the product? What benefits have you realized?

security information

IBM QRadar review by Administrator
Administrator
Validated Reviewer
Review Source
content

"Monitor logs in a radar range "

What do you like best?

Can monitor the logs, can check who all accessing servers from which location

What do you dislike?

Nothing much to say, as of now all are good

Recommendations to others considering the product:

Monitor the requests, requestors

What problems are you solving with the product? What benefits have you realized?

Maintaining server logs

IBM QRadar review by Administrator
Administrator
Validated Reviewer
Review Source
content

"Good tool"

What do you like best?

It helps find and apply info easily Its one of the best tools been used

What do you dislike?

There is nothing in particular that is disliked about this

What problems are you solving with the product? What benefits have you realized?

Notable benefits are there it helps in interacting, conveying problem solving

IBM QRadar review by Administrator in Entertainment
Administrator in Entertainment
Validated Reviewer
Review Source
content

"Glad to be using QRadar"

What do you like best?

The ease of searching through massive amounts of data

What do you dislike?

Not easy to deploy log sources especially wincollect, we have never been able to get auto log source creation to work correctly

What problems are you solving with the product? What benefits have you realized?

Compliance and security monitoring

IBM QRadar review by Administrator
Administrator
Validated Reviewer
Review Source
content

"happy with ibm siem tool"

What do you like best?

event querralation. easy to add end points. easy to save events

What do you dislike?

hard to navigate, too many buttons to click

What problems are you solving with the product? What benefits have you realized?

anamoly detection

IBM QRadar review by User
User
Validated Reviewer
Review Source
content

"Needs improvement. "

What do you like best?

Results are fast. Supports hybrid environments.

What do you dislike?

No inverted index. I would like to see this feature.

What problems are you solving with the product? What benefits have you realized?

Suspicious activity.

Kate from G2

Learning about IBM QRadar?

I can help.
* We monitor all IBM QRadar reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.