We performed a comparison between IBM Security QRadar and Kaspersky Endpoint Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Ability to get forensics details and also memory exfiltration."
"The solution was relatively easy to deploy."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"This is stable and scalable."
"It comes with many rules disabled. You can tune them and modify them according to your enterprise needs and avoid false positives."
"In terms of the most valuable features, the log collections and log processing mechanisms are good. They have good dashboards."
"I think it's a very stable product that provides much more visibility than the other product."
"No doubt about it, the solution is extremely stable."
"The best feature of IBM QRadar is visualization which shows you when there's a spike in the system, and this makes you realize that there's something wrong with the log."
"I think the QDI is very good."
"IBM has everything you need in a cybersecurity solution. If you want to build a cybersecurity operation center version then I think QRadar is a perfect solution."
"The playbook engine is flexible and allows for the graphical visualization of processes, enabling the implementation of dynamic playbooks for incident response or testing."
"One of the most valuable aspects of Endpoint Detection and Response (EDR) solutions is their ability to detect and respond to spam and viruses in their early stages."
"The product is integrated with endpoint protection. We don't have to implement a separate technology. It provides visibility over the endpoints."
"Kaspersky EDR offers automated response capabilities, enhancing efficiency by enabling quick investigation and response to potential threats on Android devices."
"Stability-wise, I rate the solution a ten out of ten."
"Kaspersky EDR is far superior to other products. It gives detailed information about malware, geolocation, and more. Also, the agent itself is very lightweight compared to other products. The packages and updates were quite small in size, just a few KBs."
"The most valuable aspect of the product is its consolidated features."
"We have a concept of working from home. Most endpoints are not in the domain. It is our first line of defense. While we had Kaspersky deployed, it gave good insight into the upcoming challenge or threat."
"The tool's performance and prevention are amazing."
"Cannot be used on mobile devices with a secure connection."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The support needs improvement."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The solution is not stable."
"Solution has too many menus that require going to two or three sub-monitors to enter the QRadar."
"There are areas in IBM Security QRadar that could benefit from improvement. Its ability to customize knowledge for specific purposes could be enhanced. Also, it lacks clarity in presenting details. It is also difficult to see the reports."
"I have also been working with other SIEM solutions, and I have observed that they have extensive Linux-based and Unix-based integrations. They have been able to support some of the Linux-based agents, which is useful to investigate and process the information on the Linux and Unix side."
"When it comes to what could be better, it is always what others are trying to do and what is the roadmap. It can have more integration. It should have more flexible RESTful APIs for integration with applications. These are the things that are always in demand for any of the SIEM solutions, not only for QRadar. Integration is ever-evolving. Nowadays, different versions of mobile handsets are there and data is getting scattered. Users are using their personal handsets to keep the data of the organization. So, it should have a more flexible integration, irrespective of the flavor of the firmware and iOS or Android version. It should have an API that can seamlessly get integrated. It should also provide more flexible control and a more advanced or analytical view to see what exactly is happening across the globe or network. From wherever a user is connecting and accessing the enterprise data, it should give real-time visibility and predictive visibility about what exactly is happening. These things are already there, but there should be more advanced control in terms of managing the security."
"QVM is another instance where they need to revise the vulnerability scoring and the proper remediation details."
"The solution lacks vendor support."
"Whenever we are upgrading or installing any type of patch, at that time we have some delays."
"IBM QRadar has a margin for development, for out-of-the-box use cases. It can be enhanced with better support and automate the use cases for that."
"Kaspersky Endpoint Detection and Response is expensive. It should improve its stability."
"Enhancing user-friendliness should be a priority."
"There is room for improvement in the support."
"Kaspersky EDR could be improved by adding network detection capabilities to enhance convenience and security."
"Kaspersky Endpoint Detection and Response lacks configuration options."
"I want to be able to use the product as a patch management tool for my endpoints since it is an area that is not working effectively for me."
"The product does not detect zero-day threats."
"My team was struggling with the reporting when we were doing an audit. The console features are a little more interactive and user-friendly. There's some issue, or maybe some fixing has to be done."
More Kaspersky Endpoint Detection and Response Pricing and Cost Advice →
IBM Security QRadar is ranked 20th in Endpoint Detection and Response (EDR) with 198 reviews while Kaspersky Endpoint Detection and Response is ranked 24th in Endpoint Detection and Response (EDR) with 15 reviews. IBM Security QRadar is rated 8.0, while Kaspersky Endpoint Detection and Response is rated 8.0. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Kaspersky Endpoint Detection and Response writes "Provides the ability to send detected malware to Kaspersky's sandbox environment for behavioral analysis". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Kaspersky Endpoint Detection and Response is most compared with Sangfor Endpoint Secure and CrowdStrike Falcon. See our IBM Security QRadar vs. Kaspersky Endpoint Detection and Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.