We performed a comparison between Cortex XSIAM and IBM Security QRadar based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, CrowdStrike, Securonix Solutions and others in Identity Threat Detection and Response (ITDR)."The most valuable features of Cortex XSIAM are the machine learning used to identify threats, the complexity of the environment of products, and efficiency."
"Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program."
"It is an effective solution in terms of performance and functionalities."
"It operates on a single, extensive database which enables it to excel in detecting threats and anomalies across the network and endpoints, delivering a highly effective and comprehensive security solution."
"The initial setup of QRadar is not complex because we have done it before and we are used to the development. It is getting easier all the time."
"It helps us discover any threats with their alerts and tracking."
"IBM QRadar is easy to scale, it doesn't affect the environment. In our office, we have around 40 - 50 users, but our clients have more users on their networks. Our organization has staff in the software department that manages IBM QRadar for us."
"I have found its network traffic log, network bit log, and QBI most valuable."
"IBM QRadar has improved my organization by introducing many functions. It collects logs from all of our systems in the organization and has functioned very well. It alerts and correlates the aggregate events or offenses we receive through all the applications we use."
"The product can scale."
"The scalability is awesome, because QRadar includes other solutions in the same console."
"The most valuable features are all the implementations, the plug-ins, and the User Behavior Analytics (UBA)."
"Further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous."
"The platform isn't very developer-friendly and it should provide more flexibility and ease."
"The solution’s pricing and technical support could be improved."
"The support could be a bit faster."
"I would like to see a more user-friendly product."
"Search capability and indexing still lag behind competitors. We also need to see improved rule based access controls and rule/event tuning."
"The solution lacks some maturity."
"IBM Security QRadar’s GUI could be improved."
"The user interface and configurability of IBM QRadar User Behavior Analytics can be improved. It has a lot of pre-configured settings and not many things can be changed. It also needs more integrations. Currently, User Behavior Analytics is integrated only with IBM QRadar. It could have deeper integrations. It can also have more complicated scoring models. Currently, it has a very simple linear scoring model for users."
"They should provide more manual examples online so that I can learn it myself."
"IBM QRadar Advisor with Watson could be more user-friendly. You need some skills and understanding of what you're looking at, especially if you're going to draw down specific information."
"I'd like them to improve the offense. When QRadar detects something, it creates what it calls offenses. So, it has a rudimentary ticketing system inside of it. This is the same interface that was there when I started using it 12 years ago. It just has not been improved. They do allow integration with IBM Resilient, but IBM Resilient is grotesquely expensive. The most effective integration that IBM offers today is with IBM Resilient, which is an instant response platform. It is a very good platform, but it is very expensive. They really should do something with the offense handling because it is very difficult to scale, and it has limitations. The maximum number of offenses that it can carry is 16K. After 16K, you have to flush your offenses out. So, it is all or nothing. You lose all your offenses up until that point in time, and you don't have any history within the offense list of older events. If you're dealing with multiple customers, this becomes problematic. That's why you need to use another product to do the actual ticketing. If you wanted the ticket existence, you would normally interface with ServiceNow, SolarWinds, or some other product like that."
Cortex XSIAM is ranked 7th in Identity Threat Detection and Response (ITDR) with 4 reviews while IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews. Cortex XSIAM is rated 9.0, while IBM Security QRadar is rated 8.0. The top reviewer of Cortex XSIAM writes "A robust security operation that ensures achieving automation, stability, and scalability". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Cortex XSIAM is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Microsoft Sentinel, CrowdStrike Falcon and Exabeam Fusion SIEM, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Fortinet FortiAnalyzer.
We monitor all Identity Threat Detection and Response (ITDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.