We performed a comparison between IBM Security QRadar and Cynet based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: IBM Security QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Cynet offers strong ransomware protection and an intuitive interface. IBM Security QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. Cynet needs to expand device support and add customization options. Users suggest improving network monitoring and strengthening integration with other tools.
Service and Support: Some customers of IBM Security QRadar have had trouble connecting with knowledgeable support staff and experienced delayed responses. Cynet's customer service is consistently lauded for its excellence. They have a dedicated support team that is available round the clock, and they also have a contingency plan for urgent incidents.
Ease of Deployment: IBM Security QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Cynet’s setup is highly efficient, with the ability to configure thousands of devices quickly.
Pricing: IBM Security QRadar can be costly because users need to buy new hardware to upgrade. Customers generally think Cynet is affordable and a good value for its features.
ROI: IBM Security QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. Cynet yields an excellent ROI by preventing cyberattacks and safeguarding sensitive data.
Comparison Results: Our users prefer IBM Security QRadar over Cynet. The advanced security features and overall strength of QRadar make it the favored option. Users like QRadar's extensive and actionable insights, user-friendly interface, and adaptability. QRadar offers a comprehensive overview of network activity and risk management.
"The summarization of emails is a valuable feature."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"Its ability to revert back from a previous state is quite notable. This feature is particularly valuable because, for maintaining integrity, it can inspect the socket for any firewall modifications. In practice, it allows us to return to a previous configuration when everything was functioning correctly."
"The product is very easy to use. Customers really appreciate that."
"I like that you can implement it in the managed service portfolio."
"It is quite stable. I would rate the stability of the solution a nine out of ten."
"We are protecting all our workstations."
"Advanced detection and protection against ransomware paired with SOC monitoring are the most valuable features. They have 24/7 SOC monitoring and file activity. It is a very robust tool."
"This solution requires less management and is very easy to use."
"It is a very stable solution...It is a very scalable solution...The initial setup of Cynet was easy."
"One very useful feature is the plug-in offering that allows you to integrate it with other solutions, such as integrating it with plug-ins like Scout, Carbon Black, and the rest."
"Improved our organization's TCO."
"It has a lot of good correlation rules. From a customer's point of view, it is one of the best solutions because you don't need to create correlation rules from scratch. You just review them and customize them as you want."
"IBM QRadar User Behavior Analytics has easy architecture, has a good portfolio and integration."
"I have found IBM QRadar to be stable."
"The monitoring and dashboards are great."
"Vulnerability data, network data and the like, are part of correlation and detection."
"The ability to add extensions is the most valuable feature. For example, extensions that provide valuable test ports."
"The logs could be better."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The solution does not offer a unified response and standard data."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"I would like to see more emphasis on building the data lake and storing all endpoint data in the enterprise data lake so that data mining can be performed"
"I think the technical support could be better."
"They have automated response capability, and they're moving more and more into SOAR capability. They have built-in deception technology with host-file users, phantoms, etc. We used to call them honeypots. So, they're on target. They're doing a really good job, and they should continue to improve with SOAR."
"Cynet fails to deploy the same technology in mobile devices."
"There are some shortcomings in Cynet's integration capabilities that need improvement."
"SIEM - Although with their Centralised Log Management Cynet has created the basis for SIEM functionality, this is to be expanded in the near future."
"An administration feature will be useful for Cynet."
"I cannot provide more details about Cynet's automation features. While Cynet claims to be automated, the specifics of this automation are unclear. They claim to have a high capability to detect and block attacks, but I am cautious about companies that claim to solve every problem without limitations. It does help in identifying malware on the network but doesn't specifically identify vulnerabilities."
"The solution can be improved by lowering the cost and bettering their technical support."
"Technical support really needs to be improved. Right now, they aren't where they need to be at all."
"There is a lot of manual configuration required in order for the product to run smoothly, and I think that it could be made more automatic."
"IBM Qradar could improve the reporting. The tool is not designed to report. It's a great operational monitoring tool. You put it on a screen and you watch it. If you want to have analytics out of it, that's a whole different story. You're going to need more people and tools. What should be added is reporting and integration into Power BI, into some capability that produces analytical reports from the source data. IBM does not seem to care to add these features."
"IBM QRadar User Behavior Analytics could improve machine learning use cases because they are limited and most of the use cases are rule-based. They should develop more use cases, such as in Securonix or Exabeam because they will detect a threat. Using machine learning is mainly on the correlation rules, but if you think about Exabeam or Securonix, they detect using machine learning or machine learning-based algorithms."
"I think QRadar is very complex. It's a distributed system and IBM QRadar has an all-in-one solution which is not like that distributed solution but it's a good product. IBM needs to consider the user interface because if we compare it with AlienVault, the AlienVault user interface is fantastic but the IBM QRadar user interface is very complex. They should focus on how to make it easier for the client."
"The solution is expensive compared to other products."
"The initial setup was complex, and it took six months."
IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations.
Cynet is ranked 3rd in User Entity Behavior Analytics - UEBA with 35 reviews while IBM Security QRadar is ranked 1st in User Entity Behavior Analytics - UEBA with 197 reviews. Cynet is rated 8.6, while IBM Security QRadar is rated 8.0. The top reviewer of Cynet writes "Provides memory protection, device control, and vulnerability management". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Cynet is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Darktrace and Cortex XDR by Palo Alto Networks, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security. See our Cynet vs. IBM Security QRadar report.
See our list of best User Entity Behavior Analytics - UEBA vendors, best EDR (Endpoint Detection and Response) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all User Entity Behavior Analytics - UEBA reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.