We performed a comparison between IBM Security QRadar and Mandiant Advantage based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"Its most significant advantage lies in its affordability."
"The integration with other Microsoft solutions is the most valuable feature."
"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"It has a powerful GUI where you can put together your use cases, and don't have to write your own scripts."
"The solution is flexible and easy to use."
"It has improved my efficiency."
"The most valuable features are all the implementations, the plug-ins, and the User Behavior Analytics (UBA)."
"The stability is good."
"It is suitable for large companies with critical infrastructure. For our clients, robustness, availability at a high level, and the level of references and experiences connected to the solution are important."
"The feature that I have found most valuable is how it monitors the real network. That is its leading security feature."
"The advantage of the solution is being able to go look up threat actors and get a lot of detailed information about different attacks and different tactics and general information about threats."
"The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to ensure a complex and massive attack against our customer's infrastructure on the forum. That is, they were animating people on a formum. The solution alerted us to this two days ahead of the attack, which gave us plenty of time to prepare for it."
"It is so valuable to have someone performing these functions outside of our business hours when we don't have staff in the building. We've seen a lot of solid metrics on the amount of malware that it's detecting and resolving. We're pleased with it so far."
"Advanced attacks could use an improvement."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"The logs could be better."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"The management and automation of the cloud apps have room for improvement."
"Each module requires a separate license and a separate cost."
"There are areas in IBM Security QRadar that could benefit from improvement. Its ability to customize knowledge for specific purposes could be enhanced. Also, it lacks clarity in presenting details. It is also difficult to see the reports."
"Whenever we are upgrading or installing any type of patch, at that time we have some delays."
"The price of IBM Security QRadar is an area of concern where improvements are required."
"Pricing model could be more cost-effective."
"The product can be a bit complex."
"Do your research before implementing it, because it is tough to implement."
"I don't give it a 10 because it is something we have to request. I would love it if UBA was included out of the box like Microsoft."
"I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform."
"Mandiant's on-prem client is too processor-intensive, so it's putting a strain on the local device's CPU. When a scan is running on the device, the other processing tasks slow to a crawl. We're still trying to figure out the correct settings for the client."
"They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful."
IBM Security QRadar is ranked 11th in Extended Detection and Response (XDR) with 198 reviews while Mandiant Advantage is ranked 20th in Extended Detection and Response (XDR) with 3 reviews. IBM Security QRadar is rated 8.0, while Mandiant Advantage is rated 8.6. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Mandiant Advantage writes "It gives us peace of mind that issues can be addressed when our core IT team isn't working". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Mandiant Advantage is most compared with CrowdStrike Falcon, Cortex Xpanse, Microsoft Defender External Attack Surface Management, Cymulate and ThreatConnect Threat Intelligence Platform (TIP). See our IBM Security QRadar vs. Mandiant Advantage report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.