We performed a comparison between IBM Security QRadar and Secureworks Taegis ManagedXDR based on real PeerSpot user reviews.
Find out in this report how the two Managed Detection and Response (MDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."
"The case interface is Binary Defense MDR's most valuable feature."
"The most valuable features are the SIEM and the ticketing function; the latter is very smooth and easy to read and understand. We don't have any issues looking at the ticketing information when we're trying to identify what's going on."
"With Binary Defense, we don't just get an alert, but also a detailed rundown of why they're alerting us on it. They tell us what was executed, or the username, script, or IP. That way, we're not wasting time investigating."
"Binary Defense has a human service department that provides live monitoring for our systems."
"The best part about Binary Defense MDR is that it runs on everything, and they keep an eye on things 24/7."
"The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."
"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."
"There is a single dashboard that gives us a complete overview of what is happening around the globe."
"This solution has excellent security analytics."
"It is the core of our entire SOX."
"IBM QRadar is great help from its security event monitoring to data center and NOC troubleshooting of issues hard for other departments to spot."
"I like that it's easy to use and the performance is good."
"The initial setup is not complex or difficult."
"It has improved comprehensive visibility for what is going on in the perimeters, and on the inside, as well."
"IBM QRadar User Behavior Analytics has easy architecture, has a good portfolio and integration."
"The solution definitely made us way more aware of the possibilities out there."
"Securworks' threat intel seems pretty decent, and they integrate with several solutions we have, such as Azure AD, so all our Microsoft 365 stuff is covered."
"The most valuable features are IDS and IPS."
"The most valuable feature is the support. The support chat. It's always connecting to people. And you open the chat, and it's not about that automated response. It's actually a human being that responds to you."
"This solution gathers the information logs from all devices and correlates all the information. It notifies us of any critical events taking place across our networks which has been valuable."
"There are some patent pending detectors within the platform that provides a lot of value."
"The pricing is flexible."
"We don't have a full SOC, so it's helpful to have them sifting through our alerts and only bringing actionable items to us."
"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."
"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."
"It's hard to think of anything that they need to improve on, but just to point out something, I would like to see them provide advanced XDR."
"Binary Defense MDR could be even better with additional features, like automatic scans and file quarantine."
"We should be able to isolate devices faster. They should shorten the time between clicking on a device to contain it and carrying out the action. That would be a welcome improvement."
"The current reporting system could benefit from improvement."
"We found a couple of bugs in the user interface."
"I would like to get more reports from Binary Defense about what they're blocking."
"IBM needs to invest more into the collaboration with other vendors."
"When it comes to what could be better, it is always what others are trying to do and what is the roadmap. It can have more integration. It should have more flexible RESTful APIs for integration with applications. These are the things that are always in demand for any of the SIEM solutions, not only for QRadar. Integration is ever-evolving. Nowadays, different versions of mobile handsets are there and data is getting scattered. Users are using their personal handsets to keep the data of the organization. So, it should have a more flexible integration, irrespective of the flavor of the firmware and iOS or Android version. It should have an API that can seamlessly get integrated. It should also provide more flexible control and a more advanced or analytical view to see what exactly is happening across the globe or network. From wherever a user is connecting and accessing the enterprise data, it should give real-time visibility and predictive visibility about what exactly is happening. These things are already there, but there should be more advanced control in terms of managing the security."
"IBM QRadar has a margin for development, for out-of-the-box use cases. It can be enhanced with better support and automate the use cases for that."
"There is one problem with QRadar in regards to the add-on apps. The apps can be frustrating. For example, when I add a big app like one of the add-ons for resiliency, add-on applications for QRadar, these applications require different hardware to implement and to deploy. The resiliency connector because there's a considerable amount of data scanning, operates for these apps correctly."
"In terms of what could be improved, I would say the script which we have to create for custom actions. QRadar needs to improve that feature. Additionally, QRadar has to provide the playbooks designing features."
"IBM technical support is always terrible."
"IBM QRadar User Behavior Analytics is good, but I think the functionality should be much more integrated. You should have easy access to the artifacts if you are doing a particular investigation. It's good, but other team solutions like LogRhythm are actually merging the functionality. So, I think that is something IBM can work on."
"QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month."
"It would be nice if the solution were a little more affordable."
"Dell Secureworks could improve its integration with other third-party solutions."
"Secureworks Taegis ManagedXDR's query language and stability need improvement."
"Dell Secureworks is for higher-end customers and it's not quite as straightforward to implement or to get up and running as some of the other solutions."
"Tamper-proofing or tamper protection is still pending in Secureworks. Tamper protection will make it more secure. If I'm an admin of a device, I can uninstall an agent without the knowledge of the security or Secureworks admin. If someone gets hold of one endpoint with admin credentials, he can remove anything, and an organization will lose visibility. They need to work on providing more visibility across endpoints. A couple of times it has happened that the cloak agent is there, but it did not get activated, or there were some issues. The machine was restarted, but the cloak agent didn't run. In such cases, you have to troubleshoot. It is a big issue if a cyber attack is happening, and your machine is rebooted, but the events are not captured."
"The deployment could definitely be improved."
"This solution could be improved with a higher degree of automation such as automated emails, triggers and defining the severity of the cases."
"In the next release of this solution, I would like to see file integrity monitoring."
More Secureworks Taegis ManagedXDR Pricing and Cost Advice →
IBM Security QRadar is ranked 10th in Managed Detection and Response (MDR) with 198 reviews while Secureworks Taegis ManagedXDR is ranked 8th in Managed Detection and Response (MDR) with 13 reviews. IBM Security QRadar is rated 8.0, while Secureworks Taegis ManagedXDR is rated 7.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Secureworks Taegis ManagedXDR writes "Offers proactive threat hunting and actively examines our environment". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Secureworks Taegis ManagedXDR is most compared with CrowdStrike Falcon Complete, SentinelOne Vigilance, Rapid7 MDR, Trend Micro Managed XDR and Huntress. See our IBM Security QRadar vs. Secureworks Taegis ManagedXDR report.
See our list of best Managed Detection and Response (MDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.