We performed a comparison between eSentire and IBM Security QRadar based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, Arctic Wolf Networks, Huntress and others in Managed Detection and Response (MDR)."Binary Defense's most valuable feature is the 24/7 monitoring and threat hunting. Their team checks the latest breaches and how they're done."
"One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."
"The most valuable feature is reviewing tickets and the notes added by technicians."
"The case interface is Binary Defense MDR's most valuable feature."
"The most valuable features are the SIEM and the ticketing function; the latter is very smooth and easy to read and understand. We don't have any issues looking at the ticketing information when we're trying to identify what's going on."
"Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."
"The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."
"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."
"The managed detection response (MDR) product was the most valuable."
"The Managed Detection and Response (MDR) feature was really good and most valuable. We were handling very sensitive data, and we needed a quick response in real-time, which eSentire provided. It was also cost-effective, and their SOC team was very responsive."
"The solution is relatively easy to use."
"On the back-end, Watson helps me figure out an exact problem, sometimes giving me the result."
"Integrations are quite a useful and key feature of this solution. It has integration with the CVSS score, which is a central point for all the data and scores about the threats. There is an IBM Bluemix dashboard that is integrated with the CVSS score."
"Vulnerability detection is the most valuable feature. It's the tool that finds the threats."
"This solution has excellent security analytics."
"It is the core of our entire SOX."
"It has a lot of good correlation rules. From a customer's point of view, it is one of the best solutions because you don't need to create correlation rules from scratch. You just review them and customize them as you want."
"The most valuable feature is the searching capability and real-time operational use."
"We found a couple of bugs in the user interface."
"I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine."
"The current reporting system could benefit from improvement."
"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."
"Binary Defense MDR could be even better with additional features, like automatic scans and file quarantine."
"It's hard to think of anything that they need to improve on, but just to point out something, I would like to see them provide advanced XDR."
"The only area I see for improvement with Binary Defense is their service portal. It could benefit from some enhancements."
"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."
"Its GUI can be a lot better."
"From my standpoint, their MSP program, in general, needed to be worked on. It should be made much more simple. It's too convoluted in its process. I know it was in the process of being revamped, and as of the end of January, it was not finished."
"You can scale IBM QRadar User Behavior Analytics, but it has room for improvement."
"The product does not have a team for investigating malware."
"The solution is highly used here in Pakistan and in many sectors, they could improve it by having more SIEM connectors."
"Solution has too many menus that require going to two or three sub-monitors to enter the QRadar."
"SOAR is what is expected the most from QRadar. They have something called SOAR Resilient, and it would be great if that gets induced in SIEM. IBM QRadar (as well as McAfee ESM) should have analytics platform integration. Currently, SIEMs don't have full-fledged integration with analytics where we are able to dump our data in SIEM, and the same data can be called from different analytics applications. We should be able to bring this data to a platform like Hadoop for big data and run the analytics there. Currently, people are seeing the past data and taking some actions in the present, but when it comes to analytics, there should be futuristic data where you can predict something out of your present and past data. Apart from that, I would like to see a full-fledged ITSM tool in QRadar. It sometimes has some technical issues that need to be checked. It requires a dedicated QRadar engineer to completely manage it. It has different module sets, such as event collector and event processor, and some technical glitches come in between. It takes the log but doesn't exactly process it in the way we want."
"The dashboards are all legacy and old."
"The AI engine could be smarter."
"In a future release, the solution could provide malware analysis."
eSentire is ranked 24th in Managed Detection and Response (MDR) with 2 reviews while IBM Security QRadar is ranked 10th in Managed Detection and Response (MDR) with 198 reviews. eSentire is rated 7.6, while IBM Security QRadar is rated 8.0. The top reviewer of eSentire writes "A solid product for security, but the MSP program should be simpler". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". eSentire is most compared with CrowdStrike Falcon Complete, Arctic Wolf Managed Detection and Response, Sophos MDR, Red Canary MDR and Huntress, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security.
See our list of best Managed Detection and Response (MDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
