IBM QRadar Primary Use Case
We're a customer, partner, or reseller. We use QRadar on our own internal SOC. We are also a reseller of QRadar for some of the projects. So, we sell QRadar to customers, and we're also a partner because we have different models. We roll the product out to a customer as part of our service where we own it, but the customer is paying. We also do a full deployment that a customer owns. So, we are actually fulfilling all three roles.
I am a system integrator. We have installed it on-premises, on the cloud, in distributed environments, and all other environments for our clients.View full review »
Management Executive at a security firm with 11-50 employees
We primarily use the solution for breach management. We use it for identifying rogue IPs and picking up anomalies in terms of the network traffic coming in. We've seen a year of use cases in terms of breach management and incident management. We find IBM QRadar quite relevant in terms of protecting against potential malicious traffic coming into your organization.
Obviously, it is evolved, and where we're utilizing IBM QRadar is to do other analytical capabilities, which include identity and access management. We've got a unique way where we use the platform to generate a view of all your identities and access that is granted within your environment and so forth. We are able to map that using IBM QRadar, which is not a use case that is normally thought about, however, we found from an analytical point of view, this is what we can do because we get all the information we need here.View full review »
Security Analyst at a hospitality company with 10,001+ employees
We use this solution for deploying and integrating log sources and use cases.
We use it to generate offensives based on normal behavior and suspicious behavior from our security tools, firewalls, and other solutions.
We have applied a set of old and new rules to QRAdar that aim to detect persistent abnormalities in our environments.
Within our organization, our security operations center and users from our local security team — roughly 10 to 12 users — use QRadar. We plan to expand to other areas of the company so that other people can use QRadar for different use cases. But right now only the security teams use it.View full review »
Senior IT Technical Support at a training & coaching company with 1,001-5,000 employees
The solution is primarily used for threat detection and response. QRadar can be integrated with other services from IBM such as Watson, among others. The main need is for threat detection, incident response, and dealing with threats or hunting threats.
What else? I mean, it's always you're looking for threats. Usually, whoever buys this SIM solution or buys QRadar, for example, is looking for hidden threats and they get the logs to see what's happening within their system. They want a solution that looks very deep inside in order to correlate those logs and see if there's any information that they can get out of those logs or even live packets that are spanning through their networks. Therefore, it's usually threat hunting. That's the main thing, Others might use it to understand the system, and how it's performing overall. However, that's the lesser use case.View full review »
We are using it from the compliance perspective. We need this solution to comply with HIPAA and PCI because our clients require HIPAA and PCI DSS compliance. We also use it for log management, primarily security logs, and to some extent, for operational activities, even though this tool is actually not meant for operational tasks. We do keep track of errors in our appliances like hardware, storage, and network switches through QRadar.
The main or core solution is on-premises. There is an extended arm, which is in the cloud as well for cloud integration.View full review »
We primarily use the solution for some compliance, including military compliance such as PCIDSL, ISO 27001, and ISO 27002, and then some other specifications around them. There are also some industries that need to analyze the log and events, and then build and create some rules to put forward.View full review »
We primarily use the solution for log collection and security incidents as well as event management.View full review »
Senior Solutions Architect at a manufacturing company with 51-200 employees
We provide cloud services to the users, and we have our own cloud setup over here. The major use case is when clients require the SOC to be set up.
Setting up the SOC itself is a huge investment. A customer has to invest a lot to build up the whole SOC environment, so, rather than the customer investing in the SOC environment and building up the SOC, we provide it as a service. Customers don't need to do any up-front investment. They use our service. We manage their security tools and security environment as per the compliance guidelines that come from the Indian government. We follow all those practices, and we help them procure more for their network and infrastructure.View full review »
Analyst at a tech services company with 501-1,000 employees
We are a product-based organization. We use this solution for a shared SOC service and security audits and compliance.View full review »
We make some special demos that we sell to our customers. We work as a technical support L1/L2 for our customers in these cases as well.
The solution allows organizations to check people who work from home or in the office. It can help a company understand who is connected from home.
Sometimes people give a login and password to colleagues. The security can see the situation when someone logs in locally, and they can see a remote connection. They can see this is from the login and password. They'd be able to tell if something was shared and could dig deep to figure out if it is a breach or if it is something that has been properly shared.View full review »
Rama Krishna Bhaskarayani
Founder at Halainfosec
We are service providers, and we are always exploring tools to accompany existing tools. I am always searching for the best products to meet my clients' requirements. I always look to understand the technology first, learn what benefits we can get from the product, how competitive is it with other tools such as DarkTrace, and Palo Alto.
We are working with this solution, but it is being managed by another vendor.
We are service providers. We are providing SOC service and MSSP services for our clients.
We are working on various products, not one specific product. We can provide services for any product, in fact, any security solution.View full review »
Information Security Specialist at a comms service provider with 501-1,000 employees
We use the solution for a variety of tasks. We use it, for example, for authentication, network-related authentication, user-related tasks, and Windows UNIX servers. It's a lot. There's a ton of use cases. I really can't sync right now about every single use case, however, the main things are authentication and network-related systems and all flavors of UNIX Windows.View full review »
We are using mixed solutions. We are currently working with IBM solutions and Azure system services. We are using two SIEM solutions: Azure Sentinel and QRadar. Azure Sentinel is covering our cloud-based solutions, and QRadar is covering our on-premise solutions.View full review »
IT Security Analyst at a manufacturing company with 10,001+ employees
We have a lot of use cases with IBM QRadar, but our primary use is for monitoring traffic and detecting tricks.View full review »
We mostly use the product for PCI compliance.View full review »
It is used to dive deep into threat analysis. It is a SIEM solution that can be hooked up with some of the endpoint security or threat discovery solutions such as Forescout, Qualys, Sophos, and MDM. After the endpoint security or threat discovery solution discovers the threat, QRadar takes it further from that point onwards and allows you to go deep into the threat analysis. It has a lot of integrations, such as with CMDB, and it can do the asset classification. It can also tell the CVSS score. These are the capabilities or use cases.View full review »
Chief Technology Officer at a tech services company with 51-200 employees
We are users and implementers of this solution.
Managed Security Product at a comms service provider with 1,001-5,000 employees
IBM QRadar is a FIM component within the security operation center we were deploying in the customer environment. We are managing their cyber defense capability.View full review »
We are using the current version.View full review »
Solution Architect Cybersecurity at a tech services company with 501-1,000 employees
We use this solution for advanced threat detection, insider threat monitoring, risk and vulnerability management, and unauthorized traffic detection regarding our network. We can monitor and detect web attacks with it as well.
Within our organization, there are roughly 2,000 to 3,000 employees using this solution. As of now, we don't have any plans to increase our usage of IBM QRadar.View full review »
Our primary use case is intrusion prevention and detection. We also use this solution for compliance and assisting in network troubleshooting for IT.View full review »
QRadar is our SIEM solution. Our use cases include authentication between logins, database security, monitoring, and user behavior analytics.View full review »
Head of IT Security, Governance and Compliance at a consumer goods company with 10,001+ employees
We are using QRadar as a managed service.View full review »
We used this product as a SIEM, for information security.View full review »
Solution Security Architect at PT. Sinergy Informasi Pratama
This is a solution you use when you have many security products that you want to manage in one monitor, one analytic. We are partners with IBM and provide implementation services to our customers. I'm a solution security architect.View full review »
Ingénieur d'étude R&D at DOGA
We primarily use the solution to develop software, for some device controllers.View full review »
Queretaro at a tech services company with 1-10 employees
We do not implement this tool ourselves but have experience implementing it for our clients. There are several use cases. The two most important ones are network analysis and UBA.
Country Manager at a tech services company with 11-50 employees
The main tool for this operation center for collectings events from different devices, whatever server or network devices, such as switches and routers. It handles anything related to data that can be harmful related to security. Those events can be mapped to promote the threat, it creates another event for promoted threats.
We are a service provider and we provide services to our customers. We use IBM QRadar for many types of businesses, such as banks and telecom. It has a good reputation.View full review »
SOC Team Lead at a financial services firm with 1,001-5,000 employees
Depending on the organization's needs the solution can monitor different types of security through logs.View full review »
Director of Information Security at a financial services firm with 501-1,000 employees
The primary use case of this solution is for monitoring an enterprise data center, globally for 12,000 devices.View full review »
Sr.Network Engineer at a computer software company with 10,001+ employees
We use the solution for network behavior and log analytics. We wish to procure one for behavior analytics.
I am not certain which version we are using.
There is a need for a behavior analytics solution in the environment. We use the solution to highlight unusual traffic for a single particular link or even single particular user traffic.View full review »
IT Security Manager at a tech services company with 201-500 employees
Our primary use case is for monitoring global infrastructure.View full review »
Security Sales Consultant at Google, LLC
I was initially a reseller before selling the solution from within IBM. I'm currently a freelance security sales consultant.
Sr. Information Security Analyst at a insurance company with 51-200 employees
The primary use case of this solution is for monitoring the network.View full review »
We use QRadar to detect and gather information about any product vulnerabilities and any sort of attack on the network. It's able to help detect suspicious activity that is coming into the system.
We are also selling this product.View full review »
There are many use cases for this solution. One example is we are using this solution to monitor user site access to band sites.View full review »
Assistant IT Manager at a insurance company with 1,001-5,000 employees
I use QRadar for cybersecurity defense, operation, and to improve performances.View full review »
Shaikh Jamal Uddin
Cybersecurity Architecture and Technology Lead at Appxone
Find the malicious activity via filter, don't rely on the rules which trigger the offenses and fix the suspicious activities.View full review »
Regional Director, Customer Success (GTM Solutions & Services) at a tech services company with 51-200 employees
We are a service provider and we are providing the solution as a managed service for multitenancy security.View full review »
Practice Head at a tech services company with 51-200 employees
We have a POC environment but have not onboard it to any of our clients.View full review »
Certified AIX I.T Manager at a financial services firm with 10,001+ employees
This product helps to build a strong architecture, which is important to avoid problems.View full review »
AVP - Security at a tech services company with 501-1,000 employees
IBM QRadar is typically deployed in a SOC environment for security monitoring. It is used for log and packet capturing. It has some supporting technology, such as data leakage prevention and data encryption.View full review »
Information Security Leader at a computer software company with 1,001-5,000 employees
We use IBM QRadar for user behavior analytics and incident handling.View full review »
I use IBM QRadar for user behavior analytics, and mostly incident handling.View full review »
Senior Security Engineer at a wholesaler/distributor with 10,001+ employees
This a Security Information and Event Management (SIEM) solution and we use it for many purposes.View full review »
We use this solution both in our company and those of our clients. We are resellers of QRadar.
I am currently working in the Brazilian operation of my company. I have a project in the airline industry in Brazil. This project improves the correlation of logs. There is another company I ticket to improve the solution, they have chosen to correlate the logs. We have SOC, Security Operation Center in Brazil, with 53 employees. We developed all these solutions in Brazil and it is in operation in 34 countries.View full review »
Pre-Sale Consultant (Technical) at a tech services company with 51-200 employees
We are a system integrator and IBM QRadar is one of the security and monitoring products that we implement for our clients. It is used for monitoring applications such as Windows virtual desktop access (VDA) and computer-managed instruction (CMI).View full review »
Network Security Engineer at a computer software company with 51-200 employees
We are using IBM QRadar for threat protection and management.View full review »