We performed a comparison between IBM Security QRadar and Kaspersky Endpoint Security for Business based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: IBM Security QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Kaspersky Endpoint Security for Business is commended for its extensive cross-platform protection, user-friendly interface, and compatibility with third-party software. IBM Security QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. Kaspersky users requested improvements in security and stability. They also want better documentation, faster malware scanning, enhanced encryption, and improved remote management.
Service and Support: Some customers of IBM Security QRadar have had trouble connecting with knowledgeable support staff and experienced delayed responses. Users say that Kaspersky’s support is helpful and responsive, whether it comes from resellers, partners, or the vendor.
Ease of Deployment: IBM Security QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Some reported that Kaspersky Endpoint Security for Business is straightforward to setup, while others find it more complex and time-consuming.
Pricing: IBM Security QRadar can be costly because users need to buy new hardware to upgrade. Users gave mixed feedback on the price of Kaspersky Endpoint Security for Business. Some found it reasonable while others thought it was expensive.
ROI: IBM Security QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. Our reviewers said that Kaspersky Endpoint Security for Business has proven to be a solid investment.
Comparison Results: Our users prefer IBM Security QRadar over Kaspersky Endpoint Security for Business. The advanced security features and overall strength of QRadar make it the favored option. Users like QRadar's extensive and actionable insights, user-friendly interface, and adaptability. QRadar offers a comprehensive overview of network activity and risk management.
"Ability to get forensics details and also memory exfiltration."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The stability is very good."
"The setup is pretty simple."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"The most valuable features would have to be the products' ability to customize vulnerability management settings."
"The most valuable features are the versatility of this solution and the variety of things you can do with it."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"We run 65 servers globally with just two people: an engineering person and me."
"Network-Based Anomaly Detection (NBAD): Using NetFlow, JFlow, SFlow, or QFlow (all 7 layers), offenses are detected as a response when a rule is triggered."
"When it comes to QRadar, they can do the correlation and not only in networks but also endpoints. This is one of the good features that we have noticed."
"The detection rate is good and the false positive rate is low."
"This solution has allowed us to correlate logs from multiple sources."
"The malware threat detection has been excellent overall."
"The user interface is easy to maintain once it is setup."
"I like that we can use it across all the platforms like PC, Mac, Linux, iOS, and all systems for protection. I also like that we can use it for different cloud sessions and different unified systems. It's available on all the vulnerability assessments including, web filtering, email filtering, test protection, anomaly control, and management. There are more than enough benefits available on Kaspersky."
"The initial setup was fairly simple, taking only a few minutes."
"The price per endpoint is excellent."
"This solution is stable."
"There is excellent integration with the app directory."
"The product is quite scalable."
"Making the portal mobile friendly would be helpful when I am out of office."
"FortiEDR can be improved by providing more detailed reporting."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"It takes about two business days for initial support, which is too slow in urgent situations."
"Detections could be improved."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Cannot be used on mobile devices with a secure connection."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"QVM is another instance where they need to revise the vulnerability scoring and the proper remediation details."
"I don't look at only the features and benefits; I also look at the price. It is a bit expensive when compared with other solutions. It is expensive for specific deployment topologies, and the decision-makers go for alternatives like ArcSight. It should also have more AI features or capabilities for better threat intelligence. The more it uses machine learning, the better would be the dashboard, analytics, and other things."
"IBM Security QRadar’s GUI could be improved."
"SOAR is what is expected the most from QRadar. They have something called SOAR Resilient, and it would be great if that gets induced in SIEM. IBM QRadar (as well as McAfee ESM) should have analytics platform integration. Currently, SIEMs don't have full-fledged integration with analytics where we are able to dump our data in SIEM, and the same data can be called from different analytics applications. We should be able to bring this data to a platform like Hadoop for big data and run the analytics there. Currently, people are seeing the past data and taking some actions in the present, but when it comes to analytics, there should be futuristic data where you can predict something out of your present and past data. Apart from that, I would like to see a full-fledged ITSM tool in QRadar. It sometimes has some technical issues that need to be checked. It requires a dedicated QRadar engineer to completely manage it. It has different module sets, such as event collector and event processor, and some technical glitches come in between. It takes the log but doesn't exactly process it in the way we want."
"I have noticed a few things while working on this. After the restart of the server, sometimes, the services misbehave, and you need to manually start or restart the service. I have seen that specifically with the Tomcat service. Sometimes, when you click on log sources, instead of opening the log source extension, it redirects you over the internet."
"There is a shortage of skilled individuals with knowledge about the solution. There is training required."
"They should speed up the incident response and also, at the same time, reduce the amount of manual effort that is required."
"There is a lot of manual configuration required in order for the product to run smoothly, and I think that it could be made more automatic."
"The encryption feature could improve."
"Currently, it doesn't have a cloud option. This is something that they should look into going forward."
"I would like to see better reporting."
"From time to time, some users loose connection via the Network Agent."
"We find that the solution uses up too much RAM and can slow down machines."
"The solution needs to lower its pricing."
"Data loss prevention (DLP) in email security."
"Kaspersky Endpoint Security for Business should improve its reporting. There are also some issues in the cloud portal. The solution's pricing can be cheaper."
More Kaspersky Endpoint Security for Business Pricing and Cost Advice →
IBM Security QRadar is ranked 20th in Endpoint Detection and Response (EDR) with 198 reviews while Kaspersky Endpoint Security for Business is ranked 11th in Endpoint Detection and Response (EDR) with 111 reviews. IBM Security QRadar is rated 8.0, while Kaspersky Endpoint Security for Business is rated 8.0. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Kaspersky Endpoint Security for Business writes "Easy to setup, stable and good security use cases". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Kaspersky Endpoint Security for Business is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Fortinet FortiClient, ESET Endpoint Protection Platform and Trend Micro Apex One. See our IBM Security QRadar vs. Kaspersky Endpoint Security for Business report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.