We performed a comparison between IBM Security QRadar and Red Canary MDR based on real PeerSpot user reviews.
Find out in this report how the two Managed Detection and Response (MDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."
"Binary Defense has a human service department that provides live monitoring for our systems."
"The customization has been the most valuable aspect and was really the reason we ended up selecting Binary Defense. They worked with us to provide exactly the level of support, features, response, and collaboration we needed."
"The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."
"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."
"The most valuable features are the SIEM and the ticketing function; the latter is very smooth and easy to read and understand. We don't have any issues looking at the ticketing information when we're trying to identify what's going on."
"With Binary Defense, we don't just get an alert, but also a detailed rundown of why they're alerting us on it. They tell us what was executed, or the username, script, or IP. That way, we're not wasting time investigating."
"Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."
"The UBA feature is the most valuable because you can see everything about users' activities."
"Log correlation is very useful for processing alerts. It serves to follow up alerts in real-time, building an entire workflow."
"We find predictive analysis capabilities valuable."
"The monitoring and dashboards are great."
"I have found IBM QRadar to be scalable."
"Improved our organization's TCO."
"I really like the feature we have with the logs, that if there are any credit card numbers being used, like a PII, you can just use rejects and you can mask it. This is a really good feature in QRadar."
"The event collector, flow collector, PCAP and SOAR are valuable."
"The solution works well for what we use it for and the support and protection are good."
"The most valuable features of Red Canary MDR are its modeled after the MITRE ATT&CK framework and we can easily automate the containment of the endpoint. Additionally, it is easy to use and we have never had an issue with it."
"The near real-time review translates into near real-time action. So, in addition to alerting, Red Canary MDR has response playbooks built out."
"The most valuable feature of the solution is its automation part."
"The valuable features of this solution are it integrates well with different EDR software, such CrowdStrike, and Carbon Black, and the information it provides is helpful."
"We found a couple of bugs in the user interface."
"The current reporting system could benefit from improvement."
"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."
"We should be able to isolate devices faster. They should shorten the time between clicking on a device to contain it and carrying out the action. That would be a welcome improvement."
"I would like to get more reports from Binary Defense about what they're blocking."
"It's sometimes difficult to know when to engage Binary Defense or TrustedSec, their sister company. TrustedSec is more focused on offensive security, as opposed to the defensive security that the MDR solution provides. It would be awesome if there were a better bridge between that relationship for when we need to get more proactive services or when we need to do a penetration test."
"I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine."
"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."
"The AQL queries could be better."
"The product does not have a team for investigating malware."
"I would like to see the update process simplified."
"The reporting system could use some upgrading."
"I would like the rule creation interface to be much more user-friendly in the next release."
"The product needs to improve its GUI."
"The solution is highly used here in Pakistan and in many sectors, they could improve it by having more SIEM connectors."
"There should be an extension where we can get the reports. This could be an extension to the dashboard with the Guardian or another product with limited technology, for example IPS. Now, we only have IBM. Basically, it needs more and more integration models."
"The most valuable feature of Red Canary MDR is the overall threat protection it provides."
"There should be an easier way to update agents to new levels in Red Canary MDR. However, it is not a huge issue but it would help."
"I would like there to be an on-premise version of this solution for our data centers because of the proliferation of online threats."
"The price could always be better."
"In general, the solution currently fails to provide a summary to its users."
IBM Security QRadar is ranked 10th in Managed Detection and Response (MDR) with 198 reviews while Red Canary MDR is ranked 11th in Managed Detection and Response (MDR) with 5 reviews. IBM Security QRadar is rated 8.0, while Red Canary MDR is rated 9.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Red Canary MDR writes "An open-source tool that offers great automation capabilities". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Red Canary MDR is most compared with CrowdStrike Falcon Complete, Arctic Wolf Managed Detection and Response, Expel Workbench, Rapid7 MDR and ReliaQuest GreyMatter. See our IBM Security QRadar vs. Red Canary MDR report.
See our list of best Managed Detection and Response (MDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.