We performed a comparison between IBM Security QRadar and LogicHub SOAR+ based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"It has a lot of great features."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The initial setup is very simple and straightforward."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"It is a scalable solution."
"QRadar has somewhat of a new structure recently from last gen. They have moved from the standard UI based infrastructure."
"The solution is reliable."
"There are a lot of features in QRadar. App Exchange is the most valuable feature. User behavior analytics (UBA) is also a very good feature. Watson is also there, but we are not currently using Watson. It is versatile and quite easy. It also has an all-in-one-box feature and good integration with AWS."
"I like the graphical interface. It's so good and easy."
"The scalability is awesome, because QRadar includes other solutions in the same console."
"What we like about QRadar and the models that IBM has, is it can go from a small-to-medium enterprise to a larger organization, and it gives you the same value."
"The product has plenty of features and capabilities."
"It has improved my detection coverage in areas lacking by the SIEM."
"This solution allows us to easily investigate malicious events, system alerts etc."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"Sentinel's reporting is complex and can be more user-friendly."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"We'd like also a better ticketing system, which is older."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"Technical support really needs to be improved. Right now, they aren't where they need to be at all."
"I would like to see some artificial intelligence and alternative solutions."
"QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month."
"Search capability and indexing still lag behind competitors. We also need to see improved rule based access controls and rule/event tuning."
"I would suggest QRadar release any documentation or give an online demo, like videos on YouTube. It would increase publicity and public appeal."
"The threat intelligence functionality can be better. In addition, it can have more monitoring capabilities."
"Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules."
"The product is good, but one feature they should have is an Elasticsearch. Currently, in QRadar, there are no Elasticsearch criteria."
"UI coloring can be improved."
"We would like this solution to have a higher level of support for SaaS applications."
IBM Security QRadar is ranked 4th in Security Orchestration Automation and Response (SOAR) with 198 reviews while LogicHub SOAR+ is ranked 18th in Security Orchestration Automation and Response (SOAR) with 2 reviews. IBM Security QRadar is rated 8.0, while LogicHub SOAR+ is rated 9.6. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of LogicHub SOAR+ writes "Integrated with hundreds of tools, analyzes data automatically, and has few false positives". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Sentinel, whereas LogicHub SOAR+ is most compared with . See our IBM Security QRadar vs. LogicHub SOAR+ report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.