IBM Security QRadar vs Zabbix comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
35,678 views|20,151 comparisons
IBM Logo
25,012 views|14,761 comparisons
Zabbix Logo
29,853 views|23,528 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between IBM Security QRadar and Zabbix based on real PeerSpot user reviews.

Find out what your peers are saying about Splunk, Microsoft, IBM and others in Security Information and Event Management (SIEM).
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: November 2023).
745,341 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution offers a lot of data on events. It helps us create specific detection strategies.""The connectivity and analytics are great.""I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily.""Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications.""Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly.""The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning.""The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one.""The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."

More Microsoft Sentinel Pros →

"The most valuable feature currently is security behaviors and the pdf files.""The playbook engine is flexible and allows for the graphical visualization of processes, enabling the implementation of dynamic playbooks for incident response or testing.""We've found the solution to be scalable.""It also has a graph that shows the traffic history. I can see what happened yesterday or today. If there's an incident, I can check the traffic behavior on QRadar.""I have used IBM QRadar User Behavior Analytics in a Cloud Pak on Amazon, and there it runs on top of it and is easy to assess. Additionally, I have installed processes and characters.""It has a lot of good correlation rules. From a customer's point of view, it is one of the best solutions because you don't need to create correlation rules from scratch. You just review them and customize them as you want.""I like the graphical interface. It's so good and easy.""What I like about IBM QRadar User Behavior Analytics is that it uses machine learning algorithms to generate risk scoring for the user activity. I also like that it syncs with our Active Directory users, so it really has full coverage for all users in our environment."

More IBM Security QRadar Pros →

"Like other common Linux distributions, some of the most valuable features of this solution are the ease of use and deployment. It's simple and has a lot of packages and a lot of software.""The most valuable features of Zabbix are flexibility and a single interface for different types of monitoring.""I'm supervising all the IT departments, and Zabbix seems quite good for them. It provides graphics and information in real time. We get alerts about crashes on the system, enabling us to quickly repair issues. We can easily find devices with problems.""The flexibility of this solution is amazing.""Zabbix is good for discovery.""I have found that the reporting feature in Zabbix is most valuable. Additionally, the solution has given us bandwidth options, we are able to see where problems are. For example, we noticed a problem that occurred because of a bad interface going in the wireless VLAN.""Zabbix has a roadmap and they are continuously and frequently adding new features.""The solution allows you to configure and customize how you want to collect information from servers or other systems."

More Zabbix Pros →

Cons
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more.""The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results.""If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement.""Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems.""If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients.""The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel.""We'd like to see more connectors.""For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."

More Microsoft Sentinel Cons →

"The solution can be improved by lowering the cost and bettering their technical support.""The AI engine could be smarter.""The solution should include remote action capabilities.""I'm not sure about the stability just yet. We've observed a few issues and we raised a supporting ticket for it.""I have also been working with other SIEM solutions, and I have observed that they have extensive Linux-based and Unix-based integrations. They have been able to support some of the Linux-based agents, which is useful to investigate and process the information on the Linux and Unix side.""The solution is expensive compared to other products.""QRadar's performance has room for improvement because it cannot handle the volume. I need massive amounts of logs from various devices in our existing network architecture. IBM needs to improve QRadar's capacity to handle more logs.""The AQL queries could be better."

More IBM Security QRadar Cons →

"Zabbix is not easy to configure, and upgrading is also an issue.""There are some features of Zabbix that are not good for reporting. The DX Spectrum solution has better reporting.""Zabbix can use better documentation and support for troubleshooting.""Correlation of events would be a wonderful addition.""Zabbix isn't a great tool for cloud-specific monitoring - its connection to public clouds needs to be improved. Other areas for improvement would be the lack of dashboards and integrations.""The only improvement I would suggest, revolves around its AI and ML capabilities.""There are not too much documentation or manuals. We found the tutorials very easy to understand but do not go deep enough in the use of Zabbix. We need more manuals, proper use, documentation, etc.""We would like to see the addition of automatic push functionality to this product. This would save time when monitoring our servers and networks as, at present, we have to manually install the Zabbix agent on any hardware to be monitored."

More Zabbix Cons →

Pricing and Cost Advice
  • "I have worked with a lot of SIEMs. We are using Sentinel three to four times more than other SIEMs that we have used. Azure Sentinel's only limitation is its price point. Sentinel costs a lot if your ingestion goes up to a certain point."
  • "Pricing is pay-as-you-go with Sentinel, which is good because it all depends on the number of users and the number of devices to which you connect."
  • "For us, it is not expensive at this time, but if we start to collect all logs from our on-premise SIEM solutions, it will cost more than QRadar. If we calculate its cost over the next five or ten years, it will cost more than what we paid for QRadar."
  • "I don't know yet because they gave us a 30-day test window for free."
  • "It's costly to maintain and renew."
  • "Microsoft Sentinel is expensive."
  • "Sentinel is pretty competitive. The pricing is at the level of other SIEM solutions."
  • "It is certainly the most expensive solution. The cost is very high. We need to do an assessment using the one-month trial so that we can study the cost side. Before implementing it, we must do a careful calculation."
  • More Microsoft Sentinel Pricing and Cost Advice →

  • "Pricing is good."
  • "You have a one-time payment, and you also can purchase it for one year as a subscription. We have it on-premise, and we have a permanent license for it. We have to pay for the support on a yearly basis. If you compare its cost with Sentinel for one year, QRadar would seem more expensive, but if you compare its cost over five or ten years, Azure Sentinel will be more expensive than QRadar. If you compare its cost with Sentinel for one year, QRadar would seem more expensive, but if you compare its cost over five or 10 years, Azure Sentinel can be more expensive than QRadar."
  • "Licensing can be costly depending on your architecture."
  • "There is an annual license required for this solution."
  • "QRadar's price is reasonable compared to LogRhythm."
  • "We pay approximately $40,000 to use the solution annually. This solution is a lot less expensive than Splunk."
  • "IBM QRadar User Behavior Analytics is an application framework and you can install many applications without any additional costs."
  • "I think my company pays for the license yearly."
  • More IBM Security QRadar Pricing and Cost Advice →

  • "Zabbix and Grafana are both open source products, we only needed to go to their website and download the application and we began to use them. The solutions are free."
  • "This is an open-source solution that can be used free of charge."
  • "We pay the subscription for support by year."
  • "Zabbix is a free solution but the support contact costs money."
  • "The solution is open source so is free."
  • "It is worth every cent to pay or even study to do your own installation."
  • "This solution is open-source and free to use."
  • "Zabbix is an open-source tool, and it's free to use."
  • More Zabbix Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    745,341 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Top Answer:It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier… more »
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is… more »
    Top Answer:The event collector, flow collector, PCAP and SOAR are valuable.
    Comparisons
    Also Known As
    Azure Sentinel
    IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar, IBM QRadar User Behavior Analytics, IBM QRadar Advisor with Watson
    Learn More
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.

    IBM Security QRadar is built to address a wide range of security issues and can be easily scaled with minimal customization effort required. As data is ingested, QRadar administers automated, real-time security intelligence to swiftly and precisely discover and prioritize threats. The platform will issue alerts with actionable, rich context into developing threats. Security teams and analysts can then rapidly respond to minimize the attackers' strike. The solution will provide a complete view of activity in both cloud-based and on-premise environments as a large amount of data is ingested throughout the enterprise. Additionally, QRadar’s anomaly detection intelligence enables security teams to identify any user behavior changes that could be indicators of potential threats. 

    IBM QRadar Log Manager

    To better help organizations protect themselves against potential security threats, attacks, and breaches, IBM QRadar Log Manager gathers, analyzes, preserves, and reports on security log events using QRadar Sense Analytics. All operating systems and applications, servers, devices, and applications are converted into searchable and actionable intelligent data. QRadar Log Manager then helps organizations meet compliance reporting and monitoring requirements, which can be further upgraded to QRadar SIEM for a more superior level of threat protection.

    Some of QRadar Log Manager’s key features include:

    • Data processing and capture on any security event
    • Disaster recovery options and high availability 
    • Scalability for large enterprises
    • SoftLayer cloud installation capability
    • Advanced threat protection

    Reviews from Real Users

    IBM Security QRadar is a solution of choice among users because it provides a complete solution for security teams by integrating network analysis, log management, user behavior analytics, threat intelligence, and AI-powered investigations into a single solution. Users particularly like having a single window into their network and its ability to be used for larger enterprises.

    Simon T., a cyber security services operations manager at an aerospace/defense firm, notes, "The most valuable thing about QRadar is that you have a single window into your network, SIEM, network flows, and risk management of your assets. If you use Splunk, for instance, then you still need a full packet capture solution, whereas the full packet capture solution is integrated within QRadar. Its application ecosystem makes it very powerful in terms of doing analysis."

    A management executive at a security firm says, "What we like about QRadar and the models that IBM has, is it can go from a small-to-medium enterprise to a larger organization, and it gives you the same value."

    Zabbix is an open-source monitoring software that provides real-time monitoring and alerting for servers, networks, applications, and services. 

    It offers a wide range of features including data collection, visualization, and reporting. 

    With its user-friendly interface and customizable dashboards, Zabbix helps organizations ensure the availability and performance of their IT infrastructure.

    Offer
    Learn more about Microsoft Sentinel
    Want to Hear More?

    IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations.

    Learn more about Zabbix
    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
    1. IBM 2. Dell 3. Cisco 4. HP 5. Oracle 6. Microsoft 7. Amazon 8. Google 9. Facebook 10. Twitter 11. LinkedIn 12. Netflix 13. Adobe 14. VMware 15. Salesforce 16. SAP 17. Intel 18. AT&T 19. Verizon 20. T-Mobile 21. Vodafone 22. Ericsson 23. Nokia 24. Siemens 25. General Electric 26. Honeywell 27. Philips 28. Sony 29. Samsung 30. LG 31. Panasonic 32. Toshiba
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Real Estate/Law Firm6%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm23%
    Computer Software Company14%
    Comms Service Provider10%
    Security Firm6%
    VISITORS READING REVIEWS
    Educational Organization17%
    Computer Software Company15%
    Financial Services Firm10%
    Government7%
    REVIEWERS
    Computer Software Company23%
    Comms Service Provider10%
    Financial Services Firm8%
    Aerospace/Defense Firm8%
    VISITORS READING REVIEWS
    Educational Organization31%
    Computer Software Company13%
    Comms Service Provider7%
    Government7%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise20%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise16%
    Large Enterprise60%
    REVIEWERS
    Small Business39%
    Midsize Enterprise16%
    Large Enterprise45%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise28%
    Large Enterprise52%
    REVIEWERS
    Small Business49%
    Midsize Enterprise20%
    Large Enterprise31%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise39%
    Large Enterprise42%
    Buyer's Guide
    Security Information and Event Management (SIEM)
    November 2023
    Find out what your peers are saying about Splunk, Microsoft, IBM and others in Security Information and Event Management (SIEM). Updated: November 2023.
    745,341 professionals have used our research since 2012.

    IBM Security QRadar is ranked 3rd in Security Information and Event Management (SIEM) with 45 reviews while Zabbix is ranked 1st in Network Monitoring Software with 34 reviews. IBM Security QRadar is rated 7.6, while Zabbix is rated 8.6. The top reviewer of IBM Security QRadar writes "Good dashboard and helpful third-party plugins but technical support could be better". On the other hand, the top reviewer of Zabbix writes "Very mature, easy to scale, and free to use". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and ArcSight Logger, whereas Zabbix is most compared with Checkmk, Centreon, Nagios XI, SolarWinds NPM and Nagios Core.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.