We performed a comparison between IBM Security QRadar and IBM Watson for Cyber Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"It's pretty powerful and its performance is pretty good."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"Log aggregation and data connectors are the most valuable features."
"The event collector, flow collector, PCAP and SOAR are valuable."
"There are more than 120 extensions in QRadar, which are easy to install and configure. These can improve your analysis of events."
"The initial setup of QRadar is not complex because we have done it before and we are used to the development. It is getting easier all the time."
"It provides many options for searching. I can see devices from different vendors, like Cisco, in one interface, which is good for me."
"It's a state-of-the-art product for security information and event management (SIEM)."
"The QNI feature is the one I am very interested in, and I have also been interested in Watson. From the log analysis and the security perspective, we are able to dive deep into any of the logs and anomalies."
"The solution is flexible and easy to use."
"What's most valuable in IBM QRadar User Behavior Analytics is its higher availability than other tools."
"The most valuable feature of this product is innovation, where the research and upgrading of technology never ends."
"The most valuable features of IBM Watson for Cyber Security are ease of use and out-of-the-box reports and compliance policies. Additionally, if there are aspects that are missing IBM add them in the next release."
"IBM Watson for Cyber Security is very stable."
"The customer support is very good."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"The on-prem log sources still require a lot of development."
"The troubleshooting has room for improvement."
"Sentinel's reporting is complex and can be more user-friendly."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"The reporting could be more structured."
"There are reports that I would like to generate that are either not included, or I cannot find."
"The technical support is poor. Mostly because when I open a PMR for IBM, I am stuck with Level 1 staff. As an engineer, nothing that I am bringing them does not require Level 2 or Level 3 support."
"The threat detection needs improvement, they have many false positives."
"I'm not sure about the stability just yet. We've observed a few issues and we raised a supporting ticket for it."
"The tech support is not that good."
"Before we didn't have any security issues but recently a few of the user emails were hacked. We had to actually recreate their emails for them."
"The solution lacks some maturity."
"The only challenge is that IBM has been a closed enterprise. It should be more open to integrating with other providers at an enterprise level. We're a bank and the core banking system integration is not way straightforward and there is no integration between IBM and these products. If IBM could open up and provide a way of integrating it seamlessly, without charging more for it, that would make a big difference."
"This is an expensive product, so making it more cost-effective would be an improvement."
"They need to continue to build the AI capabilities."
"The dashboard could improve in IBM Watson for Cyber Security."
"In the future, I would like to see threat intelligence included."
More IBM Watson for Cyber Security Pricing and Cost Advice →
IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations.
IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 197 reviews while IBM Watson for Cyber Security is ranked 45th in Security Information and Event Management (SIEM) with 4 reviews. IBM Security QRadar is rated 8.0, while IBM Watson for Cyber Security is rated 8.0. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of IBM Watson for Cyber Security writes "An innovative and stable product that is well maintained and always up-to-date". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Fortinet FortiSIEM, whereas IBM Watson for Cyber Security is most compared with Splunk Enterprise Security and i-SIEM.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.