We performed a comparison between IBM Security QRadar and Red Canary based on real PeerSpot user reviews.
Find out in this report how the two Managed Detection and Response (MDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Ability to get forensics details and also memory exfiltration."
"The setup is pretty simple."
"The product's initial setup phase is very easy."
"It is stable and scalable."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"This is stable and scalable."
"It showed us where weaknesses were in our environment, so we could actively target those patches first."
"The ability to add extensions is the most valuable feature. For example, extensions that provide valuable test ports."
"The most valuable feature is the DSM Editor. The custom parsing tool is very nice, outstanding."
"It integrates very easily with other solutions. The solution is flexible. We can add anything to it, as it is a good companion to other tools."
"The tool helps with infrastructure, application, and network monitoring."
"Integrations are quite a useful and key feature of this solution. It has integration with the CVSS score, which is a central point for all the data and scores about the threats. There is an IBM Bluemix dashboard that is integrated with the CVSS score."
"The solution is quite flexible."
"It is very stable. We have not faced interruptions in the past four and a half years."
"The most valuable features of Red Canary MDR are its modeled after the MITRE ATT&CK framework and we can easily automate the containment of the endpoint. Additionally, it is easy to use and we have never had an issue with it."
"The solution works well for what we use it for and the support and protection are good."
"The valuable features of this solution are it integrates well with different EDR software, such CrowdStrike, and Carbon Black, and the information it provides is helpful."
"The most valuable feature of the solution is its automation part."
"The near real-time review translates into near real-time action. So, in addition to alerting, Red Canary MDR has response playbooks built out."
"ZTNA can improve latency."
"We find the solution to be a bit expensive."
"Cannot be used on mobile devices with a secure connection."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The solution should address emerging threats like SQL injection."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The solution is expensive compared to other products."
"IBM QRadar has outdated technology, and this is its area for improvement. When you try to implement an analytic expression, it's not updated. The solution doesn't support newer technologies, and it doesn't update regularly. For example, around the world, others implement new technologies, while IBM updates later than others."
"The product does not have a team for investigating malware."
"IBM QRadar has a margin for development, for out-of-the-box use cases. It can be enhanced with better support and automate the use cases for that."
"I would like for them to develop a detection management solution. It does not have a detecting management solution in it, you have to buy it as it is, on top of the extended solution."
"They should provide more manual examples online so that I can learn it myself."
"QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month."
"Its architecture is very complicated."
"There should be an easier way to update agents to new levels in Red Canary MDR. However, it is not a huge issue but it would help."
"The most valuable feature of Red Canary MDR is the overall threat protection it provides."
"The price could always be better."
"In general, the solution currently fails to provide a summary to its users."
"I would like there to be an on-premise version of this solution for our data centers because of the proliferation of online threats."
IBM Security QRadar is ranked 10th in Managed Detection and Response (MDR) with 198 reviews while Red Canary is ranked 11th in Managed Detection and Response (MDR) with 5 reviews. IBM Security QRadar is rated 8.0, while Red Canary is rated 9.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Red Canary writes "An open-source tool that offers great automation capabilities". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Red Canary is most compared with CrowdStrike Falcon Complete, Arctic Wolf Managed Detection and Response, Expel, Rapid7 MDR and ReliaQuest GreyMatter. See our IBM Security QRadar vs. Red Canary report.
See our list of best Managed Detection and Response (MDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.