We performed a comparison between Fidelis Elevate and IBM Security QRadar based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The threat intelligence is excellent."
"The solution is well integrated with applications. It is easy to maintain and administer."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"There are many valuable features. The NDR gives very good network visibility, and the endpoint module has a great feature called "Live Connect" for remote connections. They also have "Tasks" that can be run on endpoints to gather specific information or retrieve logs."
"The initial setup is very straightforward. The deployment of the server doesn't take so long; about a day or two max."
"Reporting is great, it is easy to do a quick search through 45 days of data for something of interest."
"What I like the most about this solution is the complexity. It covers a lot of areas, unlike other solutions."
"It ensures the stability of network behavior across various aspects of our network and offers responsive capabilities to address incidents promptly"
"Compared to similar solutions, it's quite scalable. You just need to add more storage to scale-up."
"It has also improved our hunt ability with quick search tools, to zone in on malware or other anomalies. It is able to link items to incidents from other consoles, and works natively with the SIEM."
"It has a rating system now so you can rate things up or down, depending on your environment. This means alerting can be customized, yet still pick up anomalies."
"I have used IBM QRadar User Behavior Analytics in a Cloud Pak on Amazon, and there it runs on top of it and is easy to assess. Additionally, I have installed processes and characters."
"The most valuable feature is the QRadar Vulnerability Manager which provides vulnerability scans. In addition, I like the way QRadar generates alerts."
"It is really helpful to us from the compliance point of view."
"The correlation and the parsing are important features, since it is very important for a SIEM to have a good scalability and performance."
"We have the abilities to monitor each instance which originates on the process along with the performance of each department."
"It has very rich functionality."
"Overall a great solution."
"I have found visibility very helpful for analytics."
"The mobile app support for Android and iOS is difficult and needs improvement."
"At times, there may be delays in the execution of certain actions and their effects."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"The licensing is a nightmare and has room for improvement."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"The web filtering solution needs to be improved because currently, it is very simple."
"The tool gives inconsistent answers and crashes a lot."
"We position the solution as an antivirus, but this part of the solution needs improvement. They need to generally enhance the features that they have, rather than adding anything new."
"Fidelis Endpoint is an expensive product making it one of its shortcomings that needs improvement."
"I encounter difficulty removing certain entries in behavior or alerts; likewise, I am unable to add specific calls."
"There is room for improvement in email security. It's a security issue. If you're aiming for XDR, covering the entire threat landscape is crucial."
"Configuration, in terms of building the collector and communicating with endpoints, is complex."
"The interface bug needs to be squashed once and for all. This has been the predominant issue with an otherwise stellar product. It reboots itself unscheduled, about once a month, due to a memory buffer flaw in the interface."
"The reports in the endpoint area of Elevate can be improved."
"IBM QRadar User Behavior Analytics is good, but I think the functionality should be much more integrated. You should have easy access to the artifacts if you are doing a particular investigation. It's good, but other team solutions like LogRhythm are actually merging the functionality. So, I think that is something IBM can work on."
"IBM Qradar could improve the reporting. The tool is not designed to report. It's a great operational monitoring tool. You put it on a screen and you watch it. If you want to have analytics out of it, that's a whole different story. You're going to need more people and tools. What should be added is reporting and integration into Power BI, into some capability that produces analytical reports from the source data. IBM does not seem to care to add these features."
"There are a lot of things they are working on and a lot of technologies that are not yet there. They should probably work out a better reserve with their ecosystem of business partners and create wider and more in-depth qualities, third-party tools, and add-ons. These things really give immediate business value. For instance, there are many limitations in using SAP, EBS, or Micro-Dynamics. A lot of things that are happening in those platforms could also be monitored and allowed from the cybersecurity risks perspective. IBM might be leaving this gap or empty space for business partners. Some larger organizations might already be doing this. It would be very nice if IBM can make some artificial intelligence part free of charge for all current QRadar users. This would be a big advantage as compared to other competitors. There are companies that are going in different directions. Of course, you can't do everything inside QRadar. In general, it might be very good for all players to provide more use cases, especially regarding data protection and leakage prevention. There are some who are already doing some kind of file integrity or gathering some more information from all possible technologies for building anything related to the user and data analysis, content analysis, and management regarding the data protection."
"I would like to see the update process simplified."
"The interface is very old. IBM should remake it into a more modern interface."
"The solution lacks vendor support."
"I'd like them to improve the offense. When QRadar detects something, it creates what it calls offenses. So, it has a rudimentary ticketing system inside of it. This is the same interface that was there when I started using it 12 years ago. It just has not been improved. They do allow integration with IBM Resilient, but IBM Resilient is grotesquely expensive. The most effective integration that IBM offers today is with IBM Resilient, which is an instant response platform. It is a very good platform, but it is very expensive. They really should do something with the offense handling because it is very difficult to scale, and it has limitations. The maximum number of offenses that it can carry is 16K. After 16K, you have to flush your offenses out. So, it is all or nothing. You lose all your offenses up until that point in time, and you don't have any history within the offense list of older events. If you're dealing with multiple customers, this becomes problematic. That's why you need to use another product to do the actual ticketing. If you wanted the ticket existence, you would normally interface with ServiceNow, SolarWinds, or some other product like that."
"I have also been working with other SIEM solutions, and I have observed that they have extensive Linux-based and Unix-based integrations. They have been able to support some of the Linux-based agents, which is useful to investigate and process the information on the Linux and Unix side."
Fidelis Elevate is ranked 41st in Endpoint Detection and Response (EDR) with 7 reviews while IBM Security QRadar is ranked 20th in Endpoint Detection and Response (EDR) with 198 reviews. Fidelis Elevate is rated 8.4, while IBM Security QRadar is rated 8.0. The top reviewer of Fidelis Elevate writes "Advanced threat detection capabilities with comprehensive incident response features providing robust cybersecurity for organizations". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Fidelis Elevate is most compared with Microsoft Defender for Endpoint, VMware Carbon Black Cloud, CrowdStrike Falcon and Trellix Endpoint Security (ENS), whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security. See our Fidelis Elevate vs. IBM Security QRadar report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Managed Detection and Response (MDR) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.