We performed a comparison between Coralogix and IBM Security QRadar based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The UI of Sentinel is very good and easy to use, even for beginners."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The initial setup is very simple and straightforward."
"The features that stand out are the detection engine and its integration with multiple data sources."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"The main benefit is the ease of integration."
"The solution offers very good convenience filtering."
"Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams."
"A non-tech person can easily get used to it."
"The solution is easy to use and to start with."
"The best feature of this solution allows us to correlate logs, metrics and traces."
"The initial setup is straightforward."
"The interface is good."
"The best part of this solution is having a third-party SOC."
"Due to the skills shortage, we are able to use it from the standpoint of bringing in a lower level employee or a person who may not have security knowledge."
"It provides many options for searching. I can see devices from different vendors, like Cisco, in one interface, which is good for me."
"The stability is good."
"It integrates very easily with other solutions. The solution is flexible. We can add anything to it, as it is a good companion to other tools."
"It is very stable. We have not faced interruptions in the past four and a half years."
"Blocks of predefined conditions can be used to configure detection rules without having to write complicated script."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"Maybe they could make it more user-friendly."
"We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change."
"The user interface could be more intuitive and explanatory."
"The documentation of the tool could be improved"
"It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription."
"From my experience, Coralogix has horrible Terraform providers."
"There are reports that I would like to generate that are either not included, or I cannot find."
"QVM is another instance where they need to revise the vulnerability scoring and the proper remediation details."
"There should be an extension where we can get the reports. This could be an extension to the dashboard with the Guardian or another product with limited technology, for example IPS. Now, we only have IBM. Basically, it needs more and more integration models."
"The initial setup was complex, and it took six months."
"QRadar needs to be more specialized, along the lines of what other SIEM solutions are."
"The user interface is a bit clunky, a bit hard to find what you need."
"The playbook guide which specifies the rules for security use cases needs to be provided to support in case the organization needs help."
"The solution should enhance its capabilities of UEBA and AI/ML tech modeling."
Coralogix is ranked 23rd in Log Management with 7 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Coralogix is rated 8.4, while IBM Security QRadar is rated 8.0. The top reviewer of Coralogix writes "Good capabilities, has a helpful interface and is straightforward to set up". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Coralogix is most compared with Datadog, Grafana, Sentry, New Relic and Elastic Search, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Sentinel. See our Coralogix vs. IBM Security QRadar report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.