We performed a comparison between IBM Security QRadar, Quest InTrust, and USM Anywhere based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Wazuh, Datadog and others in Log Management.
"It integrates very easily with other solutions. The solution is flexible. We can add anything to it, as it is a good companion to other tools."
"The solution is quite flexible."
"IBM has everything you need in a cybersecurity solution. If you want to build a cybersecurity operation center version then I think QRadar is a perfect solution."
"IBM Qradar's ability to simplify the number of events, not only on a technical level but by making that information easy to pan through the orchestration deduplication. It is very impressive given that we have hundreds of devices that send event logs through."
"The most valuable features of IBM Security QRadar are flexibility, IBM support, and scalability."
"The simplicity of the solution is the best feature."
"The solution is reliable."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"I would rate the technical support very well as they are knowledgeable and quick to respond."
"Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs."
"The IDS and the threat intelligence are very useful. They are very intuitive and data-rich."
"The best thing about AlienVault USM is it being a “Jack-of-All Trades” solution. It provides SIEM, HIDS/NIDS, FIM, NetFlow, Asset Management, Vulnerability Management, etc., under one USM platform. None of the commercial SIEM vendors like ArcSight, McAfee, etc., can boast of such a diverse feature set."
"The solution has all the features that we need, however they do not work correctly."
"Using the communication within the security device, it is easier to create plugins."
"The other big selling feature for us was its integration capabilities with all the other security-based products."
"AlienVault's reporting is good. I like that vulnerability assessment is part of the solution, and the UI is intuitive. Also, the overhead is low, which is to say we don't need a dedicated SOC team to manage and analyze things constantly. We're a small company that doesn't have those resources."
"The best feature of this product is the ease of use. It is extremely easy to set up and get going. This is a very useful tool for a small organization."
"The playbook guide which specifies the rules for security use cases needs to be provided to support in case the organization needs help."
"The dashboard is pathetic and it takes a long time to perform a search."
"The solution can be improved by lowering the cost and bettering their technical support."
"Some of the cloud apps need improvement."
"Pricing model could be more cost-effective."
"GUI needs to be improved."
"What needs to be improved in IBM QRadar User Behavior Analytics is the user experience. It's not optimal. Some screens are a bit clunky. The solution needs to be more user-friendly."
"Technical support really needs to be improved. Right now, they aren't where they need to be at all."
"It was very complex. There was poor native correlation. "
"It needs to have better reporting. "
"AlienVault needs to continue to integrate with other third-party technologies that clients want to have monitored."
"We've had some stability problems, not a lot, but a few. Updates seem to be the worst. That seems to be when the stability problems come up."
"I want to see more compliance management capability. The quality of integrations seems to be a little bit low."
"USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it."
"We develop additional rules and scripts to make it more usable."
"The reporting and dashboards have room for improvement."
"The reporting module could be a little easier to handle, as it requires quite some trial and error until you get the reports you want. Also, it would be great to have a graphical interface for the Network Intrusion Detection System's rule management."
"AlienVault cannot automatically respond to threats like other SIEM solutions, such as Sentinel and LogRhythm. Most of our clients are far away, so it's often challenging to handle alerts when they come up on our dashboard."
Earn 20 points
