We performed a comparison between IBM Security QRadar and Logsign Next-Gen SIEM based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"We have no complaints about the features or functionality."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The machine learning and artificial intelligence on offer are great."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"This is a good tool to have because it gives you the ability to track what is currently happening in your environment."
"I think it's a very stable product that provides much more visibility than the other product."
"The timeline and machine learning features are great."
"It showed us where weaknesses were in our environment, so we could actively target those patches first."
"I really like the feature we have with the logs, that if there are any credit card numbers being used, like a PII, you can just use rejects and you can mask it. This is a really good feature in QRadar."
"The most valuable features would have to be the products' ability to customize vulnerability management settings."
"It has very rich functionality."
"Stability-wise, I rate the solution a ten out of ten."
"Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats."
"We'd like also a better ticketing system, which is older."
"The reporting could be more structured."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"The solution could be more user-friendly; some query languages are required to operate it."
"The on-prem log sources still require a lot of development."
"I would like for Yara to be supported by all components."
"The weak signal detection with QRadar needs improvement. You can detect what you know, but what is unknown to the rule engine can't be detected."
"IBM needs to invest more into the collaboration with other vendors."
"I would also like to see more integration with other vendors. IBM doesn't integrate well with products from China, like Huawei. Many Middle Eastern customers are switching to Huawei from American vendors like Cisco because of the price. In most RFPs, Huawei wins because it costs less."
"The dashboard and reports are not user-friendly or efficient so are of little help with threat hunting activity."
"The user interface is a bit clunky, a bit hard to find what you need."
"IMB should reduce the pricing, or reduce some of the features for a more economical solution for the customer."
"The implementation of the solution's technology needs to be simplified."
"I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts."
IBM Security QRadar is ranked 6th in Log Management with 198 reviews while Logsign Next-Gen SIEM is ranked 44th in Log Management with 2 reviews. IBM Security QRadar is rated 8.0, while Logsign Next-Gen SIEM is rated 7.6. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Logsign Next-Gen SIEM writes "Easy to use and find the features that you need". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Sentinel, whereas Logsign Next-Gen SIEM is most compared with Grafana Loki, Wazuh, Logpoint, ManageEngine EventLog Analyzer and Sematext Logs. See our IBM Security QRadar vs. Logsign Next-Gen SIEM report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.