# IBM QRadar SIEM Reviews **Vendor:** IBM **Category:** [Security Information and Event Management (SIEM) Software](https://www.g2.com/categories/security-information-and-event-management-siem) **Average Rating:** 4.4/5.0 **Total Reviews:** 335 ## About IBM QRadar SIEM Outsmart threats with an end-to-end award-winning security suite; proven to prevent, endure and recover from both known & unknown IT hazards faced by SoCs in the modern-day. ## IBM QRadar SIEM Pros & Cons **What users like:** - Ease of Use (23 reviews) - Integrations (19 reviews) - Features (18 reviews) - Easy Integrations (15 reviews) - User Interface (15 reviews) - Monitoring (14 reviews) - Insights (13 reviews) - Log Management (13 reviews) - Threat Detection (13 reviews) - Customer Support (10 reviews) **What users dislike:** - UX Improvement (11 reviews) - Expensive (9 reviews) - Cost (7 reviews) - Dashboard Issues (7 reviews) - Time-Consuming (7 reviews) - Complexity (6 reviews) - Limited Features (6 reviews) - Missing Features (6 reviews) - Poor Interface Design (6 reviews) - Poor Reporting (6 reviews) ## IBM QRadar SIEM Reviews ### 1. It’s very good tool for monitoring the alerts **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** June 02, 2021 **What do you like best about IBM QRadar SIEM?** Dashboard is very good and offense writing is easy compare to other SIEM products and ease of use when checked with other products **What do you dislike about IBM QRadar SIEM?** Nothing much but UI can be modifies a little bit more **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Regular issues like threats and log details ### 2. QRadar the best SIEM **Rating:** 4.5/5.0 stars **Reviewed by:** Simeone C. | Cybersecurity Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** November 18, 2024 **What do you like best about IBM QRadar SIEM?** The scalability of the platform allows seamless integration with different products, enabling efficient correlation of events from different log sources. **What do you dislike about IBM QRadar SIEM?** Initial implementation and customisation can be challenging and require significant time and expertise to adapt the system to the specific needs of the organisation. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** By analysing large amounts of data in near real time, QRadar identifies both known and unknown threats. ### 3. QRadar's Strengths: Impact of Intuitive Interface and Easy Integration **Rating:** 4.0/5.0 stars **Reviewed by:** Andrea S. | Cyber Security Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** October 07, 2024 **What do you like best about IBM QRadar SIEM?** One of Qradar's strenghts is certainly the intuitive user interface, which can help less experienced users move more easily within SIEM pages. One other good thing is the scalability and easy integration with most of the products on the market, which is critical for correlating events from different log source types. **What do you dislike about IBM QRadar SIEM?** The main problem encountered in 5 years of product is the the technical support received from IBM in case of major problems. Working in cyber security, I believe that response times are a fundamental point, in a world where even a few minutes can make the difference **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Working in a Cyber Security Operating Center with IBM QRadar Siem i can monitoring a lot of different types of host oncustomer's infrastrcuture. ### 4. Best SIEM tool I've worked with for complex environments **Rating:** 4.5/5.0 stars **Reviewed by:** Filipe C. | Mid-Market (51-1000 emp.) **Reviewed Date:** April 22, 2024 **What do you like best about IBM QRadar SIEM?** - AQL language have the same syntax as SQL, making it easy and fast to create fine grained searches; - AQL also makes it easy to create Dashboards, really helpful to our clients; - Rule creation is easy enough to understand and implement; - Integration with IBM X-Force is fundamental to our operation; - New UI's visual builder makes it super easy to search for events and flows; - Easy to setup multiple domains for everyday use in multiple environments; - IBM's employees provide great support; **What do you dislike about IBM QRadar SIEM?** - New UI (QRadar UI (v2.32.0)) have less features than the old one, we can't search for offenses as easily: we can't search for offenses that started in an specific date, only predefined timeranges (hour, 12h, 7d, 30d etc); - Pulse only allows to edit a dashboard if you're the one who created it. All admins should be allowed to edit them; - We can't create notes on an offense from the new UI, notes are really helpful; - Report building is terrible, clumsy and slow, and not a lot of customization; **What problems is IBM QRadar SIEM solving and how is that benefiting you?** QRadar was our SIEM choice for it's leading position in the industry, it's easy to setup new Log Sources and it's documentation is a great resourse, although sometimes difficult to find (like API and AQL docs). We're using it to sell our SOC as a Service solution and all clients are satisfied with the tool. ### 5. QRadar- an ideal SIEM solution **Rating:** 5.0/5.0 stars **Reviewed by:** Siddharth Ranjan S. | Senior System Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** September 20, 2024 **What do you like best about IBM QRadar SIEM?** The features like advanced threat detection, user friendly UI, scalability, AI powered automation etc. are good offerings from QRadar. And I like these features. **What do you dislike about IBM QRadar SIEM?** I found some difficulties in the initial setup , customization limitation, delayed response time when load is high. If the organization size is small, then cost to acquire QRadar license can be high which makes it inaccesible. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** IBM Security QRadar SIEM is solving log management, risk management, incident response, threat detection etc. And prevention is better than cure. It is good to remain alerted before threat agent could do any harm. ### 6. Collect and parsing log **Rating:** 4.5/5.0 stars **Reviewed by:** Guido I. | Senior Security Consultant, Computer & Network Security, Mid-Market (51-1000 emp.) **Reviewed Date:** November 19, 2024 **What do you like best about IBM QRadar SIEM?** We use IBM Qradar to collect log for our customer, log have different server, computer , switch, firewall ecc and in this way we have one Siem that help us to collect and extend data retention of customer log, create different use case and generate offense for malicious activity **What do you dislike about IBM QRadar SIEM?** the cost of this solution is more expensive compare with competitor **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Collect all type of log and for our customer that have different system is the best solution ### 7. Qradar - A Complete SIEM Platform **Rating:** 5.0/5.0 stars **Reviewed by:** Yugandhar S. | Enterprise (> 1000 emp.) **Reviewed Date:** May 16, 2024 **What do you like best about IBM QRadar SIEM?** Qradar is easy to handle tool. Qradar provides a good log or flow search experience. It is easy to handle the offenses as correlation works great and we are able to see any previous offense from the same attacker. **What do you dislike about IBM QRadar SIEM?** There is only one thing which I dislike about Qradar is its dashboard experience. Qradar has very old fashioned dashboard. They added pulse for better dashboards but they discontinued it. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Qradar is a complete SIEM tool platform which provides great correlation of the events so that we can get concrete offenses rather than false positives. Multiple search filters allow us to get data more accurately and precisely. Using its UEBA we can generate offenses related to user or behaviour anomalies. ### 8. A must have SIEM tool - IBM Qradar **Rating:** 5.0/5.0 stars **Reviewed by:** Vanitha S. | Enterprise (> 1000 emp.) **Reviewed Date:** April 06, 2024 **What do you like best about IBM QRadar SIEM?** Qradar acts as a one stop solution to manage, correlate and investigate all the network, application events. The product makes it easy to remediate threats while maintaining the bottom line. IBM Qradar offers a vast insights of all the activities happening across our network. The tool also enables to identify the abnormalities in the user behaviour analytics. The eas of implementation and integration with other platforms is a feather in one's cap for Qradar. **What do you dislike about IBM QRadar SIEM?** As a ardent customer of IBM Qradar for past five years, there is nothing to dislike about the product. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** The tool enables our organization to be more efficent in identifiying the abnormalities and act upon it before hand. IBM Qradar SIEM acts as a one place stop solution for our Security Operations team for everything right from monitoring to acting upon the offense. ### 9. accurate tool **Rating:** 4.0/5.0 stars **Reviewed by:** George G. | manager, Enterprise (> 1000 emp.) **Reviewed Date:** December 02, 2024 **What do you like best about IBM QRadar SIEM?** Accurate tech- seemless integration for analysts **What do you dislike about IBM QRadar SIEM?** time consuming for initial set up but then it was easy to add on **What problems is IBM QRadar SIEM solving and how is that benefiting you?** ingesting security events and providing advanced analytics t osecurity team ### 10. Is it really protecting our organization? **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Banking | Small-Business (50 or fewer emp.) **Reviewed Date:** June 01, 2023 **What do you like best about IBM QRadar SIEM?** In addition to its advanced threat detection capabilities, IBM Security QRadar SIEM offers a range of features that make it a popular choice among organizations. One notable aspect is its centralized log management functionality. **What do you dislike about IBM QRadar SIEM?** Complexity of Implementation as we have found the initial implementation and setup of QRadar SIEM to be complex and time consuming process. The platform's rich feature set and extensive configuration options may require experienced personnel or additional training to fully utilize its capabilities **What problems is IBM QRadar SIEM solving and how is that benefiting you?** One of the significant challenges in is managing and analyzing security event logs from various sources. QRadar SIEM provides a centralized platform for collecting, storing, and analyzing logs from network devices, servers, applications, and endpoints and There it is benefiting us ### 11. Best for Log Management **Rating:** 4.0/5.0 stars **Reviewed by:** Raja Gowtham R. | Technical Engineer, Financial Services, Enterprise (> 1000 emp.) **Reviewed Date:** November 30, 2023 **What do you like best about IBM QRadar SIEM?** The log management is the best in class and the alerting anf notication features makes it much more userful. The API integration features makes easy of integrating Saas based applicatins.The daily use of the cusitimed user frienly dashboard is one of the best feature in the tool . **What do you dislike about IBM QRadar SIEM?** Cost of increasing an EPS is higer and there is a need of manual maintainance such as log clearance.Event drops becaus of the over flow is one of the main dislike in Qradar **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Going forward as an organization lots of technologies have been implemented such as servers, firewalls, WAF, and end-user machines and there are many tools involved, even though every tool has its own dashboard as a security admin monitoring everything on a daily basis is complicated and by using Qradar each and very logs has been integrated and this is really helpful for our organization to monitor the overall events and by defining specific rule sets we are able to get notified during an abnormal behavior which is then revised and the necessary security measures have been taken. ### 12. It was an amazing journey with IBM Security QRAdar SIEM... **Rating:** 4.5/5.0 stars **Reviewed by:** Muhammed Abdullah A. | Vice President & Head of Information Security Division, Enterprise (> 1000 emp.) **Reviewed Date:** October 13, 2023 **What do you like best about IBM QRadar SIEM?** It is a robust, versatile, highly customizable, business driven security solution. It really helped us to establish and operate 24x7x365 Security Operation Center (SOC). One of its feature call DMS Editor where anyone can manipulate log source type or new template/type creation. It is comparatively easy to use as well as run on non-windows operating system. It is also easy to implement, integration with multiple system. Due its robustness, the frequency of use is quite impressive. It would specially mentioned the SI "Secbounty, India" and local partner "Zara Zaman Technology Ltd" for their tremendous efforts as well as support to make this project successful. IBM has very robust customer support including lots online manual, reference, guidance. **What do you dislike about IBM QRadar SIEM?** It is a bit costly, though to get best support and servies, cost is inevitable. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** We have mendatory regulatory as well as audit requirement for 24x7 Security Opertion Center (SOC) and QRadar SIEM is the backbone of SOC. Moreover, from security perspective view as well as incident response & digital forensic, it is one of the essential requirement for such solution which accelarated our Team as well as Organization. ### 13. Siem since the implementation and exploitation of the application **Rating:** 4.0/5.0 stars **Reviewed by:** cristian c. | Implementation Leader and SSGG Cybersecurity, Mid-Market (51-1000 emp.) **Reviewed Date:** June 26, 2024 **What do you like best about IBM QRadar SIEM?** easy deployment and integration with your collectors **What do you dislike about IBM QRadar SIEM?** When integrating equipment that is not natively registered, parcing is cumbersome. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Critical equipment alerts and active monitoring, benefiting possible attacks or vulnerabilities to the monitored systems ### 14. QRadar is complex, but extremely capable. **Rating:** 4.0/5.0 stars **Reviewed by:** Skye D. | Small-Business (50 or fewer emp.) **Reviewed Date:** October 26, 2023 **What do you like best about IBM QRadar SIEM?** The most helpful and important parts of QRadar has to be the integrations it supports. Most major software solutions and log sources are easy to integrate using existing readily available modules. It was good to be involved in the development of QRadar, and IBM was always receptive to feedback. **What do you dislike about IBM QRadar SIEM?** The interface was very aged, but was being actively developed. QRadar has been around for longer than other SIEMs, and it shows in both good ways and bad ways. When compared to other SIEMs I am familiar with, QRadar was complex and not easy to understand without some training and experience. However, the capabilities of the system balance this barrier to entry. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** It allows the consolidation of logs in the first instance, which by itself is invaluable for compliance purposes. It goes further to allow the analysis of these logs, looking for anomolies and potential security threats. Generally, this is the role of a SIEM, but QRadar does do an excellent job of this. ### 15. Qradar Working experience in corporate **Rating:** 3.5/5.0 stars **Reviewed by:** Tirth P. | Security Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** April 14, 2024 **What do you like best about IBM QRadar SIEM?** Dashbord and Layout for understanding for anynon tech user. **What do you dislike about IBM QRadar SIEM?** No same time when the networking traffic is incress that time This tools is not working proparly. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** When we identifying our cloud networking and security that time qradar is helping to in our organization for incressing our detection. ### 16. Powerful and flexible SIEM tool **Rating:** 5.0/5.0 stars **Reviewed by:** Thiago S. | Small-Business (50 or fewer emp.) **Reviewed Date:** September 11, 2023 **What do you like best about IBM QRadar SIEM?** The IBM Security Qradar SIEM has been helping the organization with visibility and protection due to its incredible event correlation function and the ability to integrate with other tools. The capability to receive large amounts of events simultaneously and correlate all logs into alerts has been helpful for creating offenses for subsequent analysis by the SOC team and handling the alert. It is an extremely intuitive tool with great flexibility for creating alerts. It is also simple to make adjustments for creating exceptions in cases of False Positives. The large number of applications for integration with third-party tools helps to further enhance the intelligence and visibility of the environment with a centralized and unique console. Certainly, Qradar is an essential tool for having a secure corporation. **What do you dislike about IBM QRadar SIEM?** I think there should be some additional conditions for creating an alert, for example, the "OR" and "THEN" conditions would certainly help in using specific rules. I also believe there should be improvements for creating and exporting reports directly from the Console. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Your ability to provide great visibility and correlation helps the Information Security team conduct research and respond quickly to an incident, helping the organization stay secure and have traceability of events. ### 17. perfect harmony **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Oil & Energy | Mid-Market (51-1000 emp.) **Reviewed Date:** April 02, 2024 **What do you like best about IBM QRadar SIEM?** simple and professional. its range is wide enough for all teams. **What do you dislike about IBM QRadar SIEM?** almost perfect, there is no problem.wincollect operation is sometimes a problem **What problems is IBM QRadar SIEM solving and how is that benefiting you?** logs on servers and active network devices, accurate events with advanced integrations. ### 18. SIEM with many options but very raw in other parts **Rating:** 3.5/5.0 stars **Reviewed by:** Kauan O. | Small-Business (50 or fewer emp.) **Reviewed Date:** November 28, 2023 **What do you like best about IBM QRadar SIEM?** Among the advantages is the ease of creating rules, in implementation, and the number of options for use. **What do you dislike about IBM QRadar SIEM?** He mainly falters in the graphics section due to some information, ending up opening several tabs, which makes you go from one to another to end up getting information to conclude the offense. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Respond to incidents, manage the network, and deal with cases involving suspicious connections. ### 19. Very practical to use **Rating:** 4.0/5.0 stars **Reviewed by:** Everton N. | Enterprise (> 1000 emp.) **Reviewed Date:** October 13, 2023 **What do you like best about IBM QRadar SIEM?** IBM's SIEM is a very powerful tool, easy to use and adapt, I'm using it in my current job and I'm learning a lot because the community and support offered by IBM are very good. **What do you dislike about IBM QRadar SIEM?** Unfortunately, the cost to obtain certification is very high considering the exchange rates. The dollar and real relationship gets in the way a little. I think that more attractive prices for users in Brazil could attract more users. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Bug fixes that currently affect the QRadar SIEM that I use at work. ### 20. Very functional **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Retail | Enterprise (> 1000 emp.) **Reviewed Date:** November 14, 2023 **What do you like best about IBM QRadar SIEM?** The performance is very good, as it is a local appliance, it ends up having a gain compared to other players, very easy to create use cases and filtering with simple language. **What do you dislike about IBM QRadar SIEM?** There aren't many intuitive dashboards, all views have to be built manually. Its interface doesn't help much, some discontinued items are not removed from the tool, only information appears that you must click elsewhere. There is a great demand to support the environment's infrastructure. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** This brings visibility to the environment, we use it as the basis for the SOC, the UBA user behavior analysis is very rich and helps a lot in security insights ### 21. Qradar Assessment **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.) **Reviewed Date:** November 28, 2023 **What do you like best about IBM QRadar SIEM?** Ease in management and creation of rules. Allows integration with various apps. **What do you dislike about IBM QRadar SIEM?** I have no negative points to highlight. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Help in identifying threats related to the organization. ### 22. IBM QRadar: A Powerful and User-Friendly SIEM Solution **Rating:** 5.0/5.0 stars **Reviewed by:** Phani K. | SOC Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** July 24, 2023 **What do you like best about IBM QRadar SIEM?** The things I like about IBM QRadar was it has Powerful threat detection and response capabilities and User-friendly interface and QRadar is a scalable solution that it can be deployed on-premises or in the cloud, and it can be scaled up or down as needed.The things that I find most helpful was the ability to correlate data from multiple sources, The ability to automate threat response & The ability to integrate with other security solutions **What do you dislike about IBM QRadar SIEM?** Things that I find least helpful about IBM Security QRadar SIEM was The lack of a built-in threat intelligence feed, The lack of a centralized dashboard this can make it difficult to get a complete view of all security events,The lack of integration with other security solutions this can make it difficult to get a single view of the security posture of an organizat **What problems is IBM QRadar SIEM solving and how is that benefiting you?** QRadar SIEM help organization solve a variety of security problems, including Incident detection and response, QRadar help organization detect and respond to security incidents more quickly and effectively. By correlating data from multiple sources, QRadar can provide a complete picture of an incident, which can help analysts to identify the root cause and take action to mitigate the damage, QRadar can help organizations to assess and manage their security risk. By identifying and tracking threats, QRadar can help organizations to take steps to mitigate those threats and reduce their overall risk exposure ### 23. "Empowering Your Security Team with IBM QRadar SIEM's Advanced Analytics" **Rating:** 4.5/5.0 stars **Reviewed by:** Sriram P. | Technical Manager, Enterprise (> 1000 emp.) **Reviewed Date:** January 26, 2023 **What do you like best about IBM QRadar SIEM?** Advanced threat detection capabilities: IBM Security QRadar SIEM uses a combination of correlation, behavioral analysis, and machine learning to detect and prioritize potential security threats in real-time. **What do you dislike about IBM QRadar SIEM?** High costs: The cost of purchasing and maintaining IBM Security QRadar SIEM can be high, especially for smaller organizations. and High resource requirements: IBM Security QRadar SIEM can be resource intensive and may require significant hardware resources to run effectively. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Comprehensive security visibility: QRadar SIEM collects and correlates data from a wide range of sources, including network, endpoint, and cloud, providing a holistic view of the organization's security posture. Automated incident response: The platform can automatically respond to security incidents through its built-in incident response framework, enabling security teams to take immediate action to contain and mitigate threats. Compliance and regulatory support: QRadar SIEM supports compliance with a wide range of regulations and standards, including PCI DSS, HIPAA, and SOC 2. ### 24. Review of IBM QRadar SIEM **Rating:** 5.0/5.0 stars **Reviewed by:** Madan K. | SOC Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** August 24, 2023 **What do you like best about IBM QRadar SIEM?** Do you like best about ibm security QRadar SIEM is central log management is very effective, but the assimilation of the data and ability to make the data actionable is somewhat lacking as Alerting and actual monitoring does not have all of the feature and customization required to be an actual SIEM. **What do you dislike about IBM QRadar SIEM?** OEM support is really poor, there is no default parser for the Oracle 19C which got released in 2021. No proper SLA is being followed for support cases raised.also it has some issues with historical investigation. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** It is follow the proactive approach with provide to find threat before they get severe and remove by help of analysis of the offenses. That will provide deep visibility on the log and flow to get what happening in infrastructure. ### 25. Collectively admiring **Rating:** 5.0/5.0 stars **Reviewed by:** KANNAN T. | SOC Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** June 07, 2023 **What do you like best about IBM QRadar SIEM?** The user interface is simpler and has enamourous of plugin. The threat intelligence is fantastic. As a beginners in monitoring area i feel very easy and seamless. **What do you dislike about IBM QRadar SIEM?** As a beginner i dont feel any hurdle while working with such best UI. By the process if i face any difficulties i will definitely go ahead and put a feedback and get it resolved. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** The intergrated features which is available in IMB QRadar called ibm xforce exchange. Which helps a analyst to furthermore analyse the reputation and the detail activity of a particular ip. ### 26. Excellent SIEM **Rating:** 4.5/5.0 stars **Reviewed by:** Jonathan S. | IT Security Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** May 12, 2021 **What do you like best about IBM QRadar SIEM?** It is a very complete tool that includes the Zero Trust cybersecurity model, in addition to being incorporated with many products on the market as well as its easy handling and the components that can be incorporated. This tool has a high level of analysis of the offenses with the use of X-Force and Watson, also the generation of the graphical relationships of these offenses are very structured and allows a greater vision of each event. **What do you dislike about IBM QRadar SIEM?** Nothing so far the tool is excellent and meets all requirements, but It could improve its graphical interface by adapting to new technologies so that it has a more user-friendly design, as well as improve the reporting that allows more customization in them, as well as the more dynamic dashboard. **Recommendations to others considering IBM QRadar SIEM:** It is an excellent tool that has many elements that complement the management of security events. I recommend it for all types of organizations since it helps a lot with the management and monitoring of the entire infrastructure to prevent security incidents and maintain an adequate level of risk and have a broader vision of the network infrastructure and services. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** With the implementation of the solution, the adjustment of security policies has been drastically improved, as well as the monitoring and discarding of false positives in a faster and more efficient way. It has also helped us to monitor users and measure their level of risk, as well as vulnerability scans scheduled on specific dates to systems and network equipment to initiate mitigation plans for these vulnerabilities and to be able to correct them according to their level of criticality. ### 27. Honest review of an awesome SIEM solution. **Rating:** 5.0/5.0 stars **Reviewed by:** Stephan v. | Tenable Guru and SentinelOne Pre-sales Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** August 24, 2023 **What do you like best about IBM QRadar SIEM?** I love that fact that QRadar is vendor acnostic. You can literally pull data from any data source and have QRadar ingest, correlate and then graphically present whatever your trying to report or monitor. **What do you dislike about IBM QRadar SIEM?** Not much not to like. You can do so much. Actually sometimes too much and you get lost in all it's features. But that's not really a negative. I would just like to see better plugin management. To try and prevent the above scenario. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** QRadar makes it possible for us to ingest data from multiple sources. Sometimes hundreds or thousands and then easy build a report that is easy understandable. Makes reporting alit easier. ### 28. Qradar SIEM evaluation **Rating:** 5.0/5.0 stars **Reviewed by:** SHUBHAM KUMAR J. | Senior Security Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** August 08, 2023 **What do you like best about IBM QRadar SIEM?** Qradar is more simpler and user friendly then in comparison to RSA netwitness or any other tool and in this creation of use cases or device integration is also easy **What do you dislike about IBM QRadar SIEM?** Although there is nothing to dislike over here , because all integration of devices or use cases creation documents are easily available on internet so i can say there nothing to dislike over here. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** This SIEM is helping our client by analyzing the raw and meta deta and creating incidents against it and also helps in deep dive of malware analysis . Qradar graphical interpretation helps our L1 analyst to detect logs variation ### 29. Ease of working with the tool **Rating:** 5.0/5.0 stars **Reviewed by:** Wagner Rodrigo D. | head cyber, Enterprise (> 1000 emp.) **Reviewed Date:** January 17, 2024 **What do you like best about IBM QRadar SIEM?** Ease of making integrations, robust documentation. **What do you dislike about IBM QRadar SIEM?** I would like more apps for integrations. I don't like the dashboards. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** I have no problems with Qradar SIEM. ### 30. Best SIEM for our network needs! **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Security and Investigations | Mid-Market (51-1000 emp.) **Reviewed Date:** August 24, 2023 **What do you like best about IBM QRadar SIEM?** IBM Security QRadar SIEM is very easy to configure. When this product was first demonstrated to us, we easily understood how it works and how it can help us in our network. All events and incidents are easy to analyze because of this tool. **What do you dislike about IBM QRadar SIEM?** Right now, we are still trying to enjoy this product and we haven't found anything to dislike yet. Just make sure to properly fine tune this SIEM and make sure all devices that forward logs have sufficient value. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** With IBM Security QRadar SIEM, we can easily identify events and findings in our network. We can easily detect if there are threats and because of this, we can mitigate all or most of them in a short period of time. ### 31. Qradar review **Rating:** 3.5/5.0 stars **Reviewed by:** Junaid S. | Information Security Analyst, Small-Business (50 or fewer emp.) **Reviewed Date:** August 14, 2023 **What do you like best about IBM QRadar SIEM?** I have been using qradar since February 2022, great tool to use and the thing I like the most about qradar is coalescing and group by functionality. **What do you dislike about IBM QRadar SIEM?** The interface is quite messy need to improve dashboards as well. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** I think coalescing function helps me alot in incident response. ### 32. Product is largely distributed and very flexible **Rating:** 3.5/5.0 stars **Reviewed by:** Syed Saud u. | Supervisor Cyber Security Solutions , Mid-Market (51-1000 emp.) **Reviewed Date:** August 22, 2023 **What do you like best about IBM QRadar SIEM?** customization and network visualization are exceptional, uses strong analytical techniques like user behaviour and machine learning analytics for log analysis.. **What do you dislike about IBM QRadar SIEM?** Technological enhancements can be done like extending APIs for detection component management and log collection from S3 buckets or any software installation, Data source or log source configuration can also be enhanced via API support. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Network visualization and network level troubleshoot in verifying interface level configurations helps in forensic with the past logs help in retrospective log analysis. ### 33. Immediate support and appropriate solutions **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.) **Reviewed Date:** November 21, 2023 **What do you like best about IBM QRadar SIEM?** Apps that allow improving the use of logs. **What do you dislike about IBM QRadar SIEM?** Improve the reports. The graphical presentation and flexibility are not good. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Visibility of incidents through logs. ### 34. IBM Security QRadar SIEM **Rating:** 5.0/5.0 stars **Reviewed by:** taha j. | Assistant manager information security, Mid-Market (51-1000 emp.) **Reviewed Date:** August 15, 2023 **What do you like best about IBM QRadar SIEM?** IBM Security QRadar SIEM is very helped full to searching the incident and its dashboard has shown al the event and incident our all team like the IBM Security QRadar SIEM. **What do you dislike about IBM QRadar SIEM?** nothing is dislike in IBM Security QRadar SIEM our team always like the IBM Security QRadar SIEM **What problems is IBM QRadar SIEM solving and how is that benefiting you?** to give the free training to all bcz if people train in their will be more jobs is created . ### 35. Experience with IBM Security QRadar SIEM **Rating:** 4.5/5.0 stars **Reviewed by:** Mudit K. | Cyber Security Consultant, Enterprise (> 1000 emp.) **Reviewed Date:** September 21, 2023 **What do you like best about IBM QRadar SIEM?** It is a great tool which can be used for threat monitoring, detection and response. It is User Friendly **What do you dislike about IBM QRadar SIEM?** The tool's reporting and cost could be better for small or mid size companies **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Gives better visibility of security alerts across different platforms ### 36. QRadar is easy to use. **Rating:** 5.0/5.0 stars **Reviewed by:** Muhammad Ashar A. | Network Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** August 22, 2023 **What do you like best about IBM QRadar SIEM?** Integration of Log Sources is very simple as compare to other SIEM. **What do you dislike about IBM QRadar SIEM?** Reporting features of QRadar is not very good as compare to other SIEM solution. Other SIEM solution providing very good formats for reporting. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Analyzing the network behaviour by anaylizng the payloads. Identify web attacks, malicious IPs, etc ### 37. Best SIEM **Rating:** 5.0/5.0 stars **Reviewed by:** Prashant M. | Cyber Security Analyst, Small-Business (50 or fewer emp.) **Reviewed Date:** April 28, 2023 **What do you like best about IBM QRadar SIEM?** IBM QRadar is very easy to use, we will easily manage our dashboard according to us. Easy to create rules and building blocks. **What do you dislike about IBM QRadar SIEM?** DSM update alert comes frequently and its not going away after the TAC help. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** IBM QRadar helps us in monitoring the real-time alerts; from here we will easily monitor our whole infra, create rules according to our requirements. ### 38. System/Security Engineer **Rating:** 4.5/5.0 stars **Reviewed by:** MAHESH D. | System Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** August 11, 2023 **What do you like best about IBM QRadar SIEM?** Providing Advanced threat intelligence and Analytics capabilities; Log Management and Event Collection. Integration Capability. **What do you dislike about IBM QRadar SIEM?** Its Complexity Customixation difficulty Limited feature **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Providing Advanced threat intelligence and Analytics capabilities; Log Management and Event Collection. Integration Capability. Realtime Event correlation Collecting and analyzing necessary security event data. Investigation Easiness. ### 39. Alert handling tool - SIEM **Rating:** 5.0/5.0 stars **Reviewed by:** Brijveer S. | SOC Analyst, Enterprise (> 1000 emp.) **Reviewed Date:** June 03, 2023 **What do you like best about IBM QRadar SIEM?** 1) User friendly 2) Has advanced treat detection capabilities 3) CRE works effectively and helps to get logs in well classified form 4) Makes workflow easy and compatible **What do you dislike about IBM QRadar SIEM?** When working on huge ammount of data or when we check query for long time period then it lags a bit and sometimes stop responding. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** It is helping to keep environment clean by alerting each and every event for every particular time across the organisation. ### 40. SOC Analyst **Rating:** 2.5/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.) **Reviewed Date:** November 28, 2023 **What do you like best about IBM QRadar SIEM?** Help in flows at network, help in incidents **What do you dislike about IBM QRadar SIEM?** Interface, maybe can be more intuitive IU **What problems is IBM QRadar SIEM solving and how is that benefiting you?** UEBA for analysis users ### 41. In terms of SIEM, I consider this one of the best on the market. **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Financial Services | Enterprise (> 1000 emp.) **Reviewed Date:** October 18, 2023 **What do you like best about IBM QRadar SIEM?** Its robustness and features such as log grouping, as well as user and network behavioral analysis apps **What do you dislike about IBM QRadar SIEM?** There is no SaaS usage option for the tool **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Compliance with audits ### 42. Review for SIEM tool IBM Qradar **Rating:** 5.0/5.0 stars **Reviewed by:** Muhammad T. | Information Security Intern, Mid-Market (51-1000 emp.) **Reviewed Date:** May 25, 2023 **What do you like best about IBM QRadar SIEM?** It's use full very friendly and easiet tool use for person or Cyber Security Analyst it's desig to Event and Logs analysis in one certerlized platform **What do you dislike about IBM QRadar SIEM?** Facing for someone trouble shoot during the deployment or generate the Regex **What problems is IBM QRadar SIEM solving and how is that benefiting you?** IBM Qradar to solve in different asset logs to generate in different platform to cover in a single platform ### 43. An Easy to Implement SIEM Solution **Rating:** 4.0/5.0 stars **Reviewed by:** Jatin . | Security Analyst, Enterprise (> 1000 emp.) **Reviewed Date:** December 07, 2022 **What do you like best about IBM QRadar SIEM?** I have worked on multiple SIEM solutions and find Qradar easy among them to onboard log sources. Also, it supports a wide range of log sources integration as Out of Box. Though the custom rule set present is not that useful, creating new rules is easy compared to other SIEMs. **What do you dislike about IBM QRadar SIEM?** The UI is not very friendly for security guys. Also the search query language is complicated to work with. While searching data for long durations, Qradar becomes irresponsive. Difficult to understand how event buffer works; hence often observe event drops. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** The SIEM solutions help gather logs from various tools used across the organization and perform correlation on them to check for any abnormal or malicious behavior. They also alert analysts to avoid any significant compromise or breach. ### 44. Very user friendly tool interface with Ease in Administration **Rating:** 4.5/5.0 stars **Reviewed by:** Abdul M. | Enterprise (> 1000 emp.) **Reviewed Date:** May 12, 2023 **What do you like best about IBM QRadar SIEM?** Seamless interface with Log sources. Out of the box support to many log sources. Good dashboard creation tools. **What do you dislike about IBM QRadar SIEM?** Search queries should be made more simpler. Syntax needs to be available on demand **What problems is IBM QRadar SIEM solving and how is that benefiting you?** High volume data ingestion. Mitigating the hassle of managing logs ### 45. Deep dive into what's happening in your network! **Rating:** 5.0/5.0 stars **Reviewed by:** Robert J. L. | Senior Vice President of Security Certification Development, Enterprise (> 1000 emp.) **Reviewed Date:** April 18, 2023 **What do you like best about IBM QRadar SIEM?** Very easy to dive deep into a situation to view how incidents are linked. **What do you dislike about IBM QRadar SIEM?** Can be overwhelming if you have no training. Realy requires training or you will get lost. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** The best thing I like about QRadar is that it can automatically launch other tools when an incident happens ### 46. Powerful Tool for Security Monitoring and Analysis **Rating:** 5.0/5.0 stars **Reviewed by:** Khaled M. | SOC Analyst, Enterprise (> 1000 emp.) **Reviewed Date:** April 08, 2022 **What do you like best about IBM QRadar SIEM?** Threat intelligence is a powerful tool. The use case manager helps to analyze active rules and events. Also helps to understand why offense triggers. AQL helps to find the logs easily. I like the app's pulse. Very powerful apps. Get an overview of the whole network at a glance. **What do you dislike about IBM QRadar SIEM?** Every feature is useful. The use case manager helps to tune the rule. Also, MITRE ATT@CK helps to use APT. The concept of reference set needs to describe more easily. continuous Flows make the Processor slow. Facing problem in getting TAXXI Feed. **Recommendations to others considering IBM QRadar SIEM:** Great product for threat detection and recommended support from support Forum. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** Find the vulnerability of our servers. Also aware of the malicious IPs using x-force exchange. The use case manager helps to fine-tune the rules. UBA helps to find out unusual activity of users. Reference Set helps to find malicious IPs like cryptocurrency mining, botnet etc. ### 47. Good SIEM product to use with impressive threat intel feeds **Rating:** 3.5/5.0 stars **Reviewed by:** PRANAV S. | Head - PMO - Managed Detection and Response Group, Mid-Market (51-1000 emp.) **Reviewed Date:** November 23, 2022 **What do you like best about IBM QRadar SIEM?** The threat intel feeds integrated with QRadar is excellent and very insightful. The GUI of the tool is also really impressive and is well constructed for analysts. **What do you dislike about IBM QRadar SIEM?** The license cost is really expensive and customisation requests and use cases that that are required to be configured cost extra each time. Support team take a long time to respond. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** IBM QRadar is a useful SIEM tool that helped add to our portfolio of offerings along with our MDR services. It also gives good insights into latest cyber threats and log types for monitoring team. ### 48. Rapid Threat Hunting and SIEM Solution **Rating:** 5.0/5.0 stars **Reviewed by:** Azar N. | Information Security Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** February 14, 2023 **What do you like best about IBM QRadar SIEM?** IBM QRadar is the fastest platform to analyze and detect incidents in real-time. **What do you dislike about IBM QRadar SIEM?** Long deployment time and not available for debian-based operating systems. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** I configure agent and send system logs, then it starts to work, detects all types of incidents. ### 49. SIEM solution at a reasonable cost **Rating:** 5.0/5.0 stars **Reviewed by:** Mohammad Sharukh k. | Content Team Lead, Enterprise (> 1000 emp.) **Reviewed Date:** July 01, 2022 **What do you like best about IBM QRadar SIEM?** 1) Good GUI interface 2) Creating rules/ security usecase/alerts is very easy since we need to select appropriate conditions through drop down 3) Qradar comes at a reasonable cost 4) It works at a very optimum level in case of MSSP environment **What do you dislike about IBM QRadar SIEM?** 1) Dashboard creation is very difficult 2) it needs expertise to handle the Qradar during upgrades **What problems is IBM QRadar SIEM solving and how is that benefiting you?** It is solving the monitoring of cyber security for any client environment. Its one of the finest tools with advance capibiltes like threat intelligence integration, integration with Soar tools, performing detailed analysis of the logs, small level inbuilt ticketing system to assign and work on offenses. ### 50. IBM Security QRadar **Rating:** 4.5/5.0 stars **Reviewed by:** Nitin K. | Technical Support engineer, Enterprise (> 1000 emp.) **Reviewed Date:** July 09, 2022 **What do you like best about IBM QRadar SIEM?** IBM Security QRadar is an SIEM tool by that we can monitor all the alerts generated by the tool. It is a centralized log collector of every security. **What do you dislike about IBM QRadar SIEM?** We need to install an event collector at every place by that we can send logs to the QRadar. **Recommendations to others considering IBM QRadar SIEM:** QRadar is monitor tool basically for the SOC team to monitor all the logs generated by the security tool. Every industry needs an SIEM tool to have visibility to the entire organization. **What problems is IBM QRadar SIEM solving and how is that benefiting you?** We can analyze logs generated by security tools like firewalls, Switch, Email Security, DNS security etc. accordingly we can take action. ## IBM QRadar SIEM Discussions - [What are the challenges you are facing in further improvement of the technology?](https://www.g2.com/discussions/what-are-the-challenges-you-are-facing-in-further-improvement-of-the-technology) - 1 upvote - [Need to know is there any way out to stop unsyncing of devices](https://www.g2.com/discussions/52041-need-to-know-is-there-any-way-out-to-stop-unsyncing-of-devices) - 1 upvote - [How do you compare it with Splunk?](https://www.g2.com/discussions/30589-how-do-you-compare-it-with-splunk) - [How to make qreadar portable](https://www.g2.com/discussions/30181-how-to-make-qreadar-portable) - [can this product integrate with endpoint security.](https://www.g2.com/discussions/29480-can-this-product-integrate-with-endpoint-security) - [View IBM QRadar SIEM pricing details and edition comparison](https://www.g2.com/products/ibm-ibm-qradar-siem/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-29+09%3A17%3A11+-0500&secure%5Bsession_id%5D=21fb05ee-622b-48ae-b2f7-8d7a5fee3692&secure%5Btoken%5D=bff15885a373f1ac022570e1ccffcb7c5c81dbdd4e6b902c4e9a93508632cfd9&format=llm_user) ## IBM QRadar SIEM Features **Automation** - Metadata Management - Artificial Intelligence & Machine Learning - Response Automation - Continuous Analysis **Analysis** - File Analysis - Memory Analysis - Registry Analysis - Email Analysis - Linux Analysis **Activity Monitoring** - Usage Monitoring - Database Monitoring - API Monitoring - Activity Monitoring **Agentic AI - User and Entity Behavior Analytics (UEBA)** - Autonomous Task Execution - Multi-step Planning - Proactive Assistance - Decision Making **Response** - Resolution Automation - Resolution Guidance - System Isolation - Threat Intelligence - Incident Investigation **Cloud Visibility** - Data Discovery - Cloud Registry - Cloud Gap Analytics **Network Management** - Activity Monitoring - Asset Management - Log Management **Functionality** - Multi-Network Capability - Anomaly Detection - Network Visibility - Scalability **Functionality** - Incident Alerts - Anomaly Detection - Continuous Analysis - Decryption **Analysis** - Continuous Analysis - Behavioral Analysis - Data Context - Activity Logging **Security** - Compliance Monitoring - Risk Analysis - Reporting **Records** - Incident Logs - Incident Reports **Security** - Data Security - Data loss Prevention - Security Auditing **Incident Management** - Event Management - Automated Response - Incident Reporting **Incident Management** - Incident Logs - Incident Alerts - Incident Reporting **Remediation** - Incident Reports - Remediation Suggestions - Response Automation **Detection** - Anomaly Detection - Incident Alerts - Activity Monitoring **Administration** - Security Automation - Security Integration - Multicloud Visibility **Management** - Incident Alerts - Incident Case Management - Workflow Management **Identity** - SSO - Governance - User Analytics **Security Intelligence** - Threat Intelligence - Vulnerability Assessment - Advanced Analytics - Data Examination **Generative AI** - AI Text Generation - AI Text Summarization **Agentic AI - Security Information and Event Management (SIEM)** - Autonomous Task Execution - Multi-step Planning - Proactive Assistance - Decision Making **Agentic AI - Cloud Security Monitoring and Analytics** - Autonomous Task Execution - Proactive Assistance - Decision Making **Generative AI** - AI Text Generation - AI Text Summarization ## Top IBM QRadar SIEM Alternatives - [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews) - 4.3/5.0 (387 reviews) - [Rapid7 Next-Gen SIEM](https://www.g2.com/products/rapid7-next-gen-siem/reviews) - 4.4/5.0 (67 reviews) - [Datadog](https://www.g2.com/products/datadog/reviews) - 4.4/5.0 (694 reviews)