Try our new research platform with insights from 80,000+ expert users

Fortinet FortiSIEM vs IBM Security QRadar comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiSIEM
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
7.6
Reviews Sentiment
6.5
Number of Reviews
74
Ranking in other categories
No ranking in other categories
IBM Security QRadar
Ranking in Security Information and Event Management (SIEM)
4th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
209
Ranking in other categories
Log Management (5th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (15th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (13th)
 

Mindshare comparison

As of July 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 3.3%, up from 3.0% compared to the previous year. The mindshare of IBM Security QRadar is 7.7%, down from 9.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Oliver Jackson - PeerSpot reviewer
Systems monitoring enhanced by firewall and intrusion detection features
My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification.  My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…
Mahmoud Younes - PeerSpot reviewer
Reliable installation and diverse use cases provide strong value
IBM Security QRadar has some areas for improvement. We have missed some DSM components. We need to customize logs where there is no DSM or connector for certain products. We can integrate but we have missed the DSM, which is the connector to pass logs coming from different applications. For example, with a university customer, we tried onboarding Canvas service. IBM Security QRadar does not support Canvas, so we had to create custom scripts and workarounds to pull logs from Canvas.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Fortinet FortiSIEM is highly scalable. I would rate its scalability nine out of ten."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"It gives us the opportunity to generate notifications based upon rules that get triggered, and the rules could be specific to PCI, HIPAA, GIBA, NIST, and so forth."
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"The stability is very reliable. It offers very good performance."
"Our customer did not have security monitoring in the first place. With this solution, it provided security posture management and visibility about the security landscape and threats that they had."
"We have found the most important features in Fortinet FortiSIEM to be the correlation, file utility check, latest file, and hash changes. These features are important for us."
"The solution’s IP database is awesome."
"QRadar, Splunk, and ArcSight are SIEM solutions with built-in AI/ML features. They can do the complete investigation and alert the admin about what is happening. They can also do the root cause analysis. There are many other features that come with QRadar. It has a more granular log, so you can integrate with various non-IT as well as IT-based components. You can get unstructured data to the SIEM data, and you can identify more what is happening in the network or what is happening in the central head office. You can also identify what is happening between your remote offices. You can also use it to identify what the users in the field are doing on their devices and how things are moving. From the integration point of view, it is very centric. It gives complete control centrally. If a user is not connected to the system, whenever he comes online, we can see the policy updates over the Internet, and we can ensure that the data that is supposed to be protected is protected."
"There are other third-party plugins that we can use."
"IBM QRadar is easy to scale, it doesn't affect the environment. In our office, we have around 40 - 50 users, but our clients have more users on their networks. Our organization has staff in the software department that manages IBM QRadar for us."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"The most valuable feature is user behavior analytics (UBA)."
"The most valuable feature currently is security behaviors and the pdf files."
"I like the graphical interface. It's so good and easy."
"Most of our clients are interested in automation. The automation part is good because they are able to detect threats and vulnerabilities in real time. It's very fast."
 

Cons

"The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products."
"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
"The only drawback is the licensing model. It can get expensive if you want to integrate more solutions."
"I would like to see more integration with other platforms."
"The biggest thing that could be better is a quicker response to support cases."
"FortiSIEM could be better integrated with other vendors."
"They could work on their documentation. If there's anything about the solution that needs improvement, it's that. For example, documentation already is on a very high level but specifically on the CLI there are tons of features which can be fine-tuned and thousands of commands are very difficult to document. If they could make this easier, it would improve the overall solution."
"The solution is expensive compared to other products."
"The solution can be improved by lowering the cost and bettering their technical support."
"I have noticed a few things while working on this. After the restart of the server, sometimes, the services misbehave, and you need to manually start or restart the service. I have seen that specifically with the Tomcat service. Sometimes, when you click on log sources, instead of opening the log source extension, it redirects you over the internet."
"I would also like to see more integration with other vendors. IBM doesn't integrate well with products from China, like Huawei. Many Middle Eastern customers are switching to Huawei from American vendors like Cisco because of the price. In most RFPs, Huawei wins because it costs less."
"I would like to see the update process simplified."
"What needs to be improved in IBM QRadar User Behavior Analytics is the user experience. It's not optimal. Some screens are a bit clunky. The solution needs to be more user-friendly."
"The solution should include remote action capabilities."
"QRadar needs to be improved on the storage side, particularly when the disc exceeded the maximum threshold."
 

Pricing and Cost Advice

"Manageable, however would be better as pay as you go versus CapEX."
"They have a yearly subscription."
"The price of Fortinet FortiSIEM was reasonable compared to other solutions."
"The price of Fortinet FortiSIEM is a lot less when compared to other solutions."
"There is a need to make yearly payments towards the licensing charges attached to the product. The free version license of the product is available for two months."
"Fortinet FortiSIEM is cheaper compared to other products."
"FortiSIEM's licensing is based on EPS, and its pricing is competitive in the market."
"Pricing is acceptable for more than 90% of our customers, as they normally get discounts."
"The tool's price is high."
"QRadar UBA's price is a little more than street price and could be reduced."
"IBM QRadar is a little bit expensive compared to other products."
"It's too expensive."
"Pricing and licensing are competitive. Their new licensing options allow logs to bypass the correlation engine for a flat rate, which is also appealing for log data that is compliance-driven for a small amount of money."
"A good approach would be to begin with an On Cloud subscription, then later on do a more exact sizing."
"Licensing can be costly depending on your architecture."
"It's very expensive but it fits our budget."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
861,390 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
9%
Comms Service Provider
7%
Government
7%
Computer Software Company
16%
Financial Services Firm
12%
Government
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
The pricing is reasonable, which is why it is preferred by government customers. Windows agent licenses cost around 3,000 Rupees per device per year.
What needs improvement with Fortinet FortiSIEM?
Fortinet FortiSIEM should broaden its remediation part to include more features for incident management. Currently, to manage repetitive incidents or for remediation, I need to use a separate softw...
What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
When comparing with Splunk, IBM Security QRadar's cost is reasonable. Splunk is more expensive than IBM Security QRadar.
 

Also Known As

FortiSIEM, AccelOps
IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
 

Overview

 

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Find out what your peers are saying about Fortinet FortiSIEM vs. IBM Security QRadar and other solutions. Updated: June 2025.
861,390 professionals have used our research since 2012.