We performed a comparison between Elastic Security and IBM QRadar based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: PeerSpot users feel IBM QRadar makes SIEM easy. It can pan through tremendous amounts of data quickly and the dashboards and monitoring are amazing, making it a user favorite.
"Fortinet is very user-friendly for customers."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"This is stable and scalable."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The stability is very good."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The price is low and quite competitive with others."
"The solution was relatively easy to deploy."
"It's very stable and reliable."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
"The product has huge integration varieties available."
"Elastic Security is very easy to adapt."
"What customers found most valuable in Elastic Security feature-wise is the search capability, in particular, the way of writing the search query and the speed of searching for results."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"It can handle millions of loads at a time, and you can always use the filters to find exactly what you are looking for and detect errors in every log message you are searching for, basically."
"The most valuable features are the AI assistant, which is good at detecting known types of behavior."
"It's hard for me to pinpoint any one feature that's most valuable because it is all about consuming logs and analyzing them. We started using QRadar UBA because we needed something that could analyze Linux authentication information. Other products take care of the Windows platform."
"QRadar UBA's most valuable feature is the risk rating of users depending on their behavior."
"IBM QRadar Advisor with Watson is a stable solution."
"The most valuable feature currently is security behaviors and the pdf files."
"I think this is a good product for enterprises because of the performance and out-of-the-box rules and use cases. If they want to reach the maturity level early, they can use these out-of-the-box rules and use cases. That will help them a lot."
"IBM QRadar User Behavior Analytics has easy architecture, has a good portfolio and integration."
"The timeline and machine learning features are great."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The dashboard isn't easy to access and manage."
"We find the solution to be a bit expensive."
"I haven't seen the use of AI in the solution."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"There isn't really a very good user experience. You need a lot of training."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
"In terms of improvement, there could be more automation in responding to and evaluating detections."
"Their visuals and graphs need to be better."
"The AI engine could be smarter."
"The solution is expensive compared to other products."
"I would also like to see more integration with other vendors. IBM doesn't integrate well with products from China, like Huawei. Many Middle Eastern customers are switching to Huawei from American vendors like Cisco because of the price. In most RFPs, Huawei wins because it costs less."
"The product can be a bit complex."
"If you have too many events that occur, then the storage capacity becomes a problem. You need to have more storage."
"IBM QRadar has outdated technology, and this is its area for improvement. When you try to implement an analytic expression, it's not updated. The solution doesn't support newer technologies, and it doesn't update regularly. For example, around the world, others implement new technologies, while IBM updates later than others."
"I don't give it a 10 because it is something we have to request. I would love it if UBA was included out of the box like Microsoft."
"I would like to see more integration in place after the security lock."
IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations.
Elastic Security is ranked 5th in Log Management with 24 reviews while IBM Security QRadar is ranked 6th in Log Management with 47 reviews. Elastic Security is rated 7.6, while IBM Security QRadar is rated 7.8. The top reviewer of Elastic Security writes "A highly flexible and customizable tool that needs to improve automation and integration". On the other hand, the top reviewer of IBM Security QRadar writes "Good dashboard and helpful third-party plugins but technical support could be better". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, Microsoft Defender for Endpoint and Graylog, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ArcSight Logger. See our Elastic Security vs. IBM Security QRadar report.
See our list of best Log Management vendors, best EDR (Endpoint Detection and Response) vendors, and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.