Try our new research platform with insights from 80,000+ expert users

IBM Security QRadar vs Sumo Logic Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.5
IBM Security QRadar is cost-effective, enhancing security while reducing manpower, with positive feedback on financial returns.
Sentiment score
7.6
Sumo Logic Security improves troubleshooting and operational efficiency, with users finding ROI generally justifies its continued use.
With SOAR, the workflow takes one minute or less to complete the analysis.
Investing this amount was very much worth it for my organization.
 

Customer Service

Sentiment score
6.1
IBM Security QRadar support is praised for expertise but criticized for slow response times and inconsistent service quality.
Sentiment score
7.4
Sumo Logic Security's support is responsive and helpful but can occasionally delay up to 48 hours; no phone support mentioned.
This process can result in outages lasting three to four hours.
They assist with advanced issues, such as hardware or other problems, that are not part of standard operations.
The problem escalates through level one to level three, and then the process starts over with Novo again.
They have a response time of forty-eight hours, which is not instant support.
 

Scalability Issues

Sentiment score
7.4
IBM Security QRadar is highly regarded for its scalability, with easy vertical and horizontal expansion and seamless cloud deployment.
Sentiment score
8.1
Sumo Logic Security offers scalable, cloud-based solutions praised for integration, performance, and flexibility across diverse infrastructures, with positive user feedback.
For EPS license, if you increase or exceed the EPS license, you cannot receive events.
The tool has high scalability because everything is based in the cloud.
 

Stability Issues

Sentiment score
7.6
IBM Security QRadar is reliable but stability depends on correct deployment, capacity, and system resources, with minor update issues.
Sentiment score
8.1
Sumo Logic Security is highly praised for stability, reliability, and maintaining performance under load, with minimal latency issues.
I think QRadar is stable and currently satisfies my needs.
The product has been stable so far.
If there are many records, the system may stop or the UI may become unresponsive.
 

Room For Improvement

IBM Security QRadar needs UI improvement, better integration, enhanced detection, streamlined operations, and customization for cost-effective functionality.
Sumo Logic Security faces challenges in performance, automation, support, API integration, and high costs, needing improvements across multiple areas.
If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules.
IBM Security QRadar does not support Canvas, so we had to create custom scripts and workarounds to pull logs from Canvas.
This would help identify critical or high-priority alarms in QRadar.
The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk.
This is crucial to sell to the government and financial sectors as they require data retention within each country.
 

Setup Cost

IBM Security QRadar is costly but efficient, offering flexible pricing, EPS discounts, and potential cost savings with negotiation.
Sumo Logic Security users find AWS Marketplace simplifies billing and offers a competitive, cost-effective pricing structure despite scalability concerns.
Splunk is more expensive than IBM Security QRadar.
This makes it more cost-effective because other solutions often include a third element in their pricing.
 

Valuable Features

IBM Security QRadar excels in log management, scalability, compliance, and integration, enhancing comprehensive security management with ease.
Sumo Logic Security offers robust threat intelligence, real-time observability, and seamless integrations, making it essential for SecOps teams.
Recently, I faced an incident, a cyber incident, and it was detected in real time.
We have FortiSOAR and IBM Resilient for IBM Security QRadar orchestration.
IBM is seeking information about IBM QRadar because a part of QRadar, especially in the cloud, has been sold to Palo Alto.
If we cannot find the data in other tools, like email security or NDR, we can fetch those logs in the Log Analytics platform of Sumo Logic.
Sumo Logic Security offers a single dashboard and customization, which are the most valuable features.
 

Categories and Ranking

IBM Security QRadar
Ranking in Log Management
5th
Ranking in Security Information and Event Management (SIEM)
4th
Ranking in Security Orchestration Automation and Response (SOAR)
4th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
209
Ranking in other categories
User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (18th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (13th)
Sumo Logic Security
Ranking in Log Management
46th
Ranking in Security Information and Event Management (SIEM)
36th
Ranking in Security Orchestration Automation and Response (SOAR)
20th
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
20
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of June 2025, in the Security Information and Event Management (SIEM) category, the mindshare of IBM Security QRadar is 8.2%, down from 9.7% compared to the previous year. The mindshare of Sumo Logic Security is 1.0%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Mahmoud Younes - PeerSpot reviewer
Reliable installation and diverse use cases provide strong value
IBM Security QRadar has some areas for improvement. We have missed some DSM components. We need to customize logs where there is no DSM or connector for certain products. We can integrate but we have missed the DSM, which is the connector to pass logs coming from different applications. For example, with a university customer, we tried onboarding Canvas service. IBM Security QRadar does not support Canvas, so we had to create custom scripts and workarounds to pull logs from Canvas.
WilsonAitan - PeerSpot reviewer
Offers a single dashboard with customizable features and a cost-effective pricing structure
Sumo Logic Security offers a single dashboard and customization, which are the most valuable features. Additionally, it has a cost-effective structure because it is based on data storage and the number of scans, rather than uploading data. This cost model impacts the customers positively by offering a more straightforward pricing structure.
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
859,579 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
12%
Government
7%
Manufacturing Company
7%
Computer Software Company
14%
Financial Services Firm
11%
Manufacturing Company
7%
Educational Organization
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
When comparing with Splunk, IBM Security QRadar's cost is reasonable. Splunk is more expensive than IBM Security QRadar.
What do you like most about Sumo Logic Security?
Sumo Logic Security is a good solution for searching the logs and identifying the issues.
What is your experience regarding pricing and costs for Sumo Logic Security?
The pricing structure for Sumo Logic Security is based on two elements: data storage and the number of scans. This makes it more cost-effective because other solutions often include a third element...
What needs improvement with Sumo Logic Security?
In terms of improvement, feedback indicates there is a need for a local data center in my country. This is crucial to sell to the government and financial sectors as they require data retention wit...
 

Also Known As

IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
No data available
 

Overview

 

Sample Customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Information Not Available
Find out what your peers are saying about IBM Security QRadar vs. Sumo Logic Security and other solutions. Updated: May 2025.
859,579 professionals have used our research since 2012.