Try our new research platform with insights from 80,000+ expert users

IBM Security QRadar vs Seceon Open Threat Management Platform comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM Security QRadar
Ranking in Security Information and Event Management (SIEM)
4th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
209
Ranking in other categories
Log Management (5th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (15th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (13th)
Seceon Open Threat Manageme...
Ranking in Security Information and Event Management (SIEM)
26th
Average Rating
7.8
Reviews Sentiment
7.5
Number of Reviews
13
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Security Information and Event Management (SIEM) category, the mindshare of IBM Security QRadar is 7.7%, down from 9.7% compared to the previous year. The mindshare of Seceon Open Threat Management Platform is 0.8%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Mahmoud Younes - PeerSpot reviewer
Reliable installation and diverse use cases provide strong value
IBM Security QRadar has some areas for improvement. We have missed some DSM components. We need to customize logs where there is no DSM or connector for certain products. We can integrate but we have missed the DSM, which is the connector to pass logs coming from different applications. For example, with a university customer, we tried onboarding Canvas service. IBM Security QRadar does not support Canvas, so we had to create custom scripts and workarounds to pull logs from Canvas.
TamimKhan - PeerSpot reviewer
Customization options need improvement but valuable threat management features and reasonable pricing benefit service providers
We are a Managed Security Service Provider (MSSP), and we provide services to our customers Seceon Open Threat Management Platform offers valuable features such as XDR and EDR. I also find the SOC and SOAR features valuable. Log management is another key functionality of the product. There are…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's hard for me to pinpoint any one feature that's most valuable because it is all about consuming logs and analyzing them. We started using QRadar UBA because we needed something that could analyze Linux authentication information. Other products take care of the Windows platform."
"IBM QRadar is easy to scale, it doesn't affect the environment. In our office, we have around 40 - 50 users, but our clients have more users on their networks. Our organization has staff in the software department that manages IBM QRadar for us."
"One of the most valuable features of this solution is it has very good data correlation."
"My overall rating for this solution is nine out of ten."
"The features that I have found most valuable in QRadar are its data enrichment, use case creations, and adding references - those kinds of features are very good. Also QRadar's event filtration and device integration are perfect."
"The event collector, flow collector, PCAP and SOAR are valuable."
"An engineer can live-monitor all the flow happening in real-time. This would help us a lot while investigating a case, and it would even help us with preventive actions."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"The most valuable features are behaviour analytics, threat intelligence, endpoint detection, and response features."
"The pricing of Seceon Open Threat Management Platform is very reasonable."
"It offers a holistic approach with multiple solutions blended into one platform."
"The solution is stable."
"The algorithm used in Seceon OTM is clear and logical, categorizing events as needed. This helps us identify and respond to threats effectively."
"Seceon Open Threat Management Platform notifies only genuine alerts. It offers plenty of options that are suitable for MSPs."
"The most valuable feature of this solution is its artificial intelligence."
"We only recently started using Seceon, so we aren't taking advantage of all its features yet. We have enabled some proactive alerts about utilization and bottlenecks from high traffic."
 

Cons

"A lot of information that we receive for the devices is IP-based, but it would help if we could have a default dashboard in which we can add more details about the assets for which we are receiving the information. For example, if it is a Windows or Linux device, we only get the IP for that particular device. We don't really get the name and other details of that particular device. For that, you have to drill down into your own asset management system. It would be good to have a place where we can probably add this information so that we don't have to look into other tools."
"The dashboard and reports are not user-friendly or efficient so are of little help with threat hunting activity."
"I have noticed a few things while working on this. After the restart of the server, sometimes, the services misbehave, and you need to manually start or restart the service. I have seen that specifically with the Tomcat service. Sometimes, when you click on log sources, instead of opening the log source extension, it redirects you over the internet."
"While the interface is easy to use, it could be a little more responsive."
"It's resource-intensive."
"Dashboards and reports could provide better visualization of SIEM activity."
"The dashboard is pathetic and it takes a long time to perform a search."
"IBM QRadar Advisor with Watson could be more user-friendly. You need some skills and understanding of what you're looking at, especially if you're going to draw down specific information."
"The product should improve the triggering rate."
"It would be better if they offered global coverage."
"Certain features, such as DLP, need to be improved as they are superficial and not in-depth."
"It is a standalone solution now. They need to make it into a cloud-based subscription model. It needs more compatibility for co-managed solutions. It can also have more threats and deeper integration with Microsoft."
"The dashboard has always been an issue."
"For future releases, integrating incident response tools and improving communication on incident reporting could be beneficial."
"The product could be improved by including sandboxing capabilities in the next release."
"The SOP they provided wasn't great. They offered training over Sherp Virtualization, and the Seceon leadership visited our location to explain everything in detail, but the documentation and training could be better. It isn't as effective as it could be. There's some room for improvement there."
 

Pricing and Cost Advice

"The tool is priced in a competitive manner. The tool's price is dependent on the installation and the product size, but it is competitive in the marketplace."
"It is a perpetual license that we have for the event collector. The licensing is done based on the number of events and flows that you receive on this particular device. These are perpetual licenses, which means once you purchase them, they don't expire, which means that the support to IBM is definitely renewed after every one year. We have an enterprise agreement with IBM, which puts the cost in a totally different category as compared to someone who is not an IBM partner and is approaching IBM for this solution. We were able to get massive discounts. To give you an idea, we recently purchased 30,000 event licenses, and it costs around $480,000. It is definitely not a cheap product. We have licenses for about 270,000 events per second and 3 million flows per second. All the appliances and their events and flows are basically clubbed together and charged or rather calculated through a single source. The console receives all the details from all the event processes that we have globally. So, the license that we have is a single license for 270,000 events per second and 3 million flows per second, but that can be managed centrally. I was only part of the secondary purchase, which was 30,000 events per second for about $480,000. You can calculate how much we paid for 270,000 events. Reducing its price would be a compromise. We have already used a lower-priced product in the form of NNT, but we had to get rid of it because it was not doing the job that we actually wanted to do. You get what you pay for."
"It's too expensive."
"We pay approximately $40,000 to use the solution annually. This solution is a lot less expensive than Splunk."
"It could be cheaper, but the value itself is far more important for us than the price. Typically, our clients have yearly subscriptions."
"IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much."
"There is a license required for this solution. There are some limitations depending on what license you purchase."
"It's too expensive. The licensing is also a little bit difficult to understand because you have to license it per event and per number of flows."
"Seceon Open Threat Management Platform is cost-effective because it's a comprehensive platform that offers high availability."
"We used the solution's trial version for two months and later purchased it."
"The solution is cheap and very competitive. It offers good tuning in terms of the pricing. Other solutions like Palo Alto and IBM are more expensive."
"I find Seceon OTM's pricing to be reasonable, not too high or low, just okay for the market standards. I can't disclose specific figures, we pay on a quarterly basis under a service model. I would rate it eight out of ten. As a customer, I always hope for better pricing options."
"The price is quite reasonable."
"It has a per-asset model instead of an ingestion-based model, which gives predictable pricing. In terms of price, it is in the middle to lower range of SIEMs that it competes against. It is the most affordable solution that we have implemented so far. It was much more affordable than anything else I've implemented."
"The pricing is very competitive. It's not expensive."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
861,170 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
12%
Government
7%
Manufacturing Company
7%
Computer Software Company
24%
Financial Services Firm
12%
Manufacturing Company
8%
Performing Arts
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
When comparing with Splunk, IBM Security QRadar's cost is reasonable. Splunk is more expensive than IBM Security QRadar.
What do you like most about Seceon Open Threat Management Platform?
The algorithm used in Seceon OTM is clear and logical, categorizing events as needed. This helps us identify and respond to threats effectively.
What is your experience regarding pricing and costs for Seceon Open Threat Management Platform?
The pricing of Seceon Open Threat Management Platform is very reasonable.
What needs improvement with Seceon Open Threat Management Platform?
There are areas for improvement in the customization options. Every ( /products/every-reviews ) quarter, they are developing the platform with new updates based on feedback provided.
 

Also Known As

IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
Seceon OTM, Seceon aiSIEM, aiSIEM, Seceon Open Threat Management
 

Overview

 

Sample Customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Caduceus, SUNY
Find out what your peers are saying about IBM Security QRadar vs. Seceon Open Threat Management Platform and other solutions. Updated: June 2025.
861,170 professionals have used our research since 2012.