We performed a comparison between IBM Cloud Pak for Security and IBM Security QRadar based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, Cisco, Akamai and others in Cloud and Data Center Security."The interface is good and very user-friendly."
"I think this is a good product for enterprises because of the performance and out-of-the-box rules and use cases. If they want to reach the maturity level early, they can use these out-of-the-box rules and use cases. That will help them a lot."
"The pre-canned rules and reports in this product are a huge plus."
"This is a distributed application, meaning that a customer can stack small and then scale it so that they can expand pretty effectively. You can use, basically, the same product in an SMB or a large enterprise."
"It's a state-of-the-art product for security information and event management (SIEM)."
"No doubt about it, the solution is extremely stable."
"We find predictive analysis capabilities valuable."
"I like that it's easy to use and the performance is good."
"The most valuable features are all the implementations, the plug-ins, and the User Behavior Analytics (UBA)."
"Lacks sufficient technical support."
"Solution has too many menus that require going to two or three sub-monitors to enter the QRadar."
"The whole process for support is something that needs to be improved."
"While the interface is easy to use, it could be a little more responsive."
"I'd like them to improve the offense. When QRadar detects something, it creates what it calls offenses. So, it has a rudimentary ticketing system inside of it. This is the same interface that was there when I started using it 12 years ago. It just has not been improved. They do allow integration with IBM Resilient, but IBM Resilient is grotesquely expensive. The most effective integration that IBM offers today is with IBM Resilient, which is an instant response platform. It is a very good platform, but it is very expensive. They really should do something with the offense handling because it is very difficult to scale, and it has limitations. The maximum number of offenses that it can carry is 16K. After 16K, you have to flush your offenses out. So, it is all or nothing. You lose all your offenses up until that point in time, and you don't have any history within the offense list of older events. If you're dealing with multiple customers, this becomes problematic. That's why you need to use another product to do the actual ticketing. If you wanted the ticket existence, you would normally interface with ServiceNow, SolarWinds, or some other product like that."
"The product can be a bit complex."
"The dashboards are all legacy and old."
"The playbook guide which specifies the rules for security use cases needs to be provided to support in case the organization needs help."
"The modularity could be improved."
IBM Cloud Pak for Security is ranked 21st in Cloud and Data Center Security with 1 review while IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews. IBM Cloud Pak for Security is rated 0.0, while IBM Security QRadar is rated 8.0. The top reviewer of IBM Cloud Pak for Security writes "Great user-friendly interface; provides many functionalities and many free applications ". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". IBM Cloud Pak for Security is most compared with IBM Resilient, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security.
We monitor all Cloud and Data Center Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
