We performed a comparison between IBM Security QRadar and Kaspersky Endpoint Detection and Response Expert based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The product's initial setup phase is very easy."
"It is stable and scalable."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Network-Based Anomaly Detection (NBAD): Using NetFlow, JFlow, SFlow, or QFlow (all 7 layers), offenses are detected as a response when a rule is triggered."
"It's built around Red Hat Linux, which is highly robust."
"The visibility it gives you into your infrastructure has been great."
"Flexible and valuable product that is modular, so you can easily set up a roadmap for your clients."
"Search capabilities are sufficient for most tasks."
"It has improved comprehensive visibility for what is going on in the perimeters, and on the inside, as well."
"We have the abilities to monitor each instance which originates on the process along with the performance of each department."
"This is a good tool to have because it gives you the ability to track what is currently happening in your environment."
"It helps improve security in our organization."
"We particularly appreciate how scalable this solution is, as we often need to increase our end-user numbers."
"The product has an easy-to-use EDR module based on signature-based antivirus detection. It is a complete software."
"Kaspersky Endpoint Detection and Response Expert offers centralized monitoring where we can monitor everything from a single point. I also like its security and network traffic features."
"Has great behavior detection and a very good firmware scanner."
"The most valuable feature of Kaspersky EDR is its simplicity. The console is easy to use and not very complex."
"The most valuable feature is endpoint protection."
"Kaspersky Endpoint Detection and Response is an effective protection solution."
More Kaspersky Endpoint Detection and Response Expert Pros →
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The SIEM could be improved."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"ZTNA can improve latency."
"We'd like to see more one-to-one product presentations for the distribution channels."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The only challenge is that IBM has been a closed enterprise. It should be more open to integrating with other providers at an enterprise level. We're a bank and the core banking system integration is not way straightforward and there is no integration between IBM and these products. If IBM could open up and provide a way of integrating it seamlessly, without charging more for it, that would make a big difference."
"The solution is highly used here in Pakistan and in many sectors, they could improve it by having more SIEM connectors."
"SOAR is what is expected the most from QRadar. They have something called SOAR Resilient, and it would be great if that gets induced in SIEM. IBM QRadar (as well as McAfee ESM) should have analytics platform integration. Currently, SIEMs don't have full-fledged integration with analytics where we are able to dump our data in SIEM, and the same data can be called from different analytics applications. We should be able to bring this data to a platform like Hadoop for big data and run the analytics there. Currently, people are seeing the past data and taking some actions in the present, but when it comes to analytics, there should be futuristic data where you can predict something out of your present and past data. Apart from that, I would like to see a full-fledged ITSM tool in QRadar. It sometimes has some technical issues that need to be checked. It requires a dedicated QRadar engineer to completely manage it. It has different module sets, such as event collector and event processor, and some technical glitches come in between. It takes the log but doesn't exactly process it in the way we want."
"It is very difficult to activate all of the network equipment, and it would help if it were made easier."
"QRadar needs to be more specialized, along the lines of what other SIEM solutions are."
"The dashboards are all legacy and old."
"The solution can be improved by lowering the cost and bettering their technical support."
"The solution could improve by having more out-of-the-box use cases."
"They should include XDR features in the solution."
"The solution lacks DLP."
"Device control is lacking in EDR."
"The license prices for this solution are quite high."
"We'd like to see them improve the automatic response."
"The issue with Kaspersky EDR is the sandbox. I'd like to have the ability to manage it on the cloud as well."
"I would like to integrate Kaspersky with my Log Collector SIEM. Right now that's not possible."
"An area for improvement in Kaspersky Endpoint Detection and Response is its technical support because currently, technical support is delayed."
More Kaspersky Endpoint Detection and Response Expert Cons →
More Kaspersky Endpoint Detection and Response Expert Pricing and Cost Advice →
IBM Security QRadar is ranked 20th in Endpoint Detection and Response (EDR) with 198 reviews while Kaspersky Endpoint Detection and Response Expert is ranked 17th in Endpoint Detection and Response (EDR) with 44 reviews. IBM Security QRadar is rated 8.0, while Kaspersky Endpoint Detection and Response Expert is rated 8.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Kaspersky Endpoint Detection and Response Expert writes "Solid security and performance; overall a useful tool". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Kaspersky Endpoint Detection and Response Expert is most compared with Trend Vision One, Microsoft Defender for Endpoint, Cynet, Symantec Endpoint Detection and Response and Check Point Harmony Endpoint. See our IBM Security QRadar vs. Kaspersky Endpoint Detection and Response Expert report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.