Syed Hammad Shafiq - PeerSpot reviewer
Information Security Manager at a tech services company with 1,001-5,000 employees
Real User
Top 20
Easy to set up but support is lacking

What is our primary use case?

There are many use cases for this solution. One example is we are using this solution to monitor user site access to band sites. 

What needs improvement?

The solution is highly used here in Pakistan and in many sectors, they could improve it by having more SIEM connectors.

For how long have I used the solution?

I have been using this solution for approximately four years.

What do I think about the stability of the solution?

The stability is good until you upgrade to a new version. You have to properly shut down services when you are doing some maintenance activities every three to four months. There might be some problems that you do not expect. We have had some complaints from users regarding operation. 

Buyer's Guide
IBM QRadar
November 2022
Learn what your peers think about IBM QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
655,774 professionals have used our research since 2012.

How are customer service and support?

We have had bad experiences with support from IBM. We are not satisfied with the support and they have made me very angry. My customers have had similar experiences.

How was the initial setup?

The initial setup of QRadar is not complex because we have done it before and we are used to the development. It is getting easier all the time.

What's my experience with pricing, setup cost, and licensing?

There is a license required for this solution and it is an annual payment. I have found all solutions in the category to be expensive, including Splunk.

Which other solutions did I evaluate?

I am evaluating Splunk.

What other advice do I have?

Here in Pakistan, this solution has already saturated the financial market.

I rate IBM QRadar a five out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Assistant IT Manager at a insurance company with 1,001-5,000 employees
Real User
Top 5
A SIEM solution that's easy to use, but the price could be better

What is our primary use case?

I use QRadar for cybersecurity defense, operation, and to improve performances.

What is most valuable?

I like that it's easy to use and the performance is good.

What needs improvement?

It would be better if it were more stable and more secure. The price for maintenance could be better. It's too high. In the next release, I think they should focus on the price and the operation.

For how long have I used the solution?

I have been using IBM QRadar for four years.

What do I think about the stability of the solution?

IBM QRadar is a stable solution, but it could be more stable.

What do I think about the scalability of the solution?

IBM QRadar is a scalable solution. We have about 100 users at the moment.

How are customer service and technical support?

I remember that I opened ten or 20 cases to receive support from IBM over three years.

How was the initial setup?

The initial setup and deployment are very easy. I think it took us about a month to implement this solution. We have a team of two, one manager and one technical, to deploy, manage, and maintain this solution.

What about the implementation team?

We installed this solution with the help of a consultant.

What's my experience with pricing, setup cost, and licensing?

The price could be better. I bought a subscription for three years. 

What other advice do I have?

On a scale from one to ten, I would give IBM QRadar a seven.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
IBM QRadar
November 2022
Learn what your peers think about IBM QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
655,774 professionals have used our research since 2012.
Professional Services at a tech services company with 51-200 employees
Real User
Powerful user behavior analytics capabilities, and the log and process collection functionality is good

What is most valuable?

The most valuable feature is user behavior analytics (UBA).

The EPS and FPS graphs are helpful.

The collecting of logs and processes is very good.

What needs improvement?

The support process needs to be improved.

Every SIEM solution has issues with plugins, as they have to connect to different log systems. It can affect security, infrastructure, and other things. IBM should continue to expand its database and cover as many systems as possible.

For how long have I used the solution?

I have been using IBM QRadar for about one year.

What do I think about the stability of the solution?

QRadar is a very stable product.

How are customer service and technical support?

The whole process for support is something that needs to be improved. You have to create a case, export the log and attach it to the case, then an engineer will clarify what you need to export and attach it to the ticket or support case, and so on. When you're working with a system that does not have good bandwidth, it makes it even more stressful. It is a lot of work and it should be easier to do.

My colleague has worked more with support and the feedback that I have heard is that they are quite good. It's the process that I am complaining about.

How was the initial setup?

The initial setup is pretty straightforward.  We had several logs to integrate so it took a week and perhaps a few days.

What other advice do I have?

I would rate this product a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Head Of Sales at Cascade Solutions Inc
Real User
Top 5
Modular product that sets up a clear roadmap
Pros and Cons
  • "Flexible and valuable product that is modular, so you can easily set up a roadmap for your clients."
  • "Each module requires a separate license and a separate cost."

What is most valuable?

From a sales perspective, IBM QRadar is very competitive when it comes to prices. It's a flexible and valuable product. It has a good edge in the region and good references as well. You can easily capitalize and upsell on whatever you sold previously.  It's a modular product, so you can set up a roadmap and plan for your customers. This is one of the main advantages of QRadar.

What needs improvement?

Right now, there are a lot of solutions in the market that consider themselves next-gen SIEM solutions, like AzureVM. IBM QRadar can be revised considering the competition, market segment, references, and the maintenance of the landscape.

Some modules can be shared as embedded within the same solution because this would be a compelling edge versus others. When it comes to other products, like LogRhythm for example, they can consider the SOAR and the threat Intel embedded with the SIEM Solution licenses. However, when it comes to IBM, they consider each module as a separate license with a separate cost. So it doesn't make sense to compete if the customer isn't convinced with IBM, because you'd have tough competition when it comes to financials.

For how long have I used the solution?

I have been using QRadar for more than five to six years.

What do I think about the stability of the solution?

IBM QRadar is a stable product.

What other advice do I have?

I would rate it an eight out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Regional Director, Customer Success (GTM Solutions & Services) at a tech services company with 51-200 employees
MSP
Top 5Leaderboard
Flexible, easy to use, and scalable
Pros and Cons
  • "The solution is flexible and easy to use."
  • "IBM is going through some problems with its resources currently making its support response time slow."

What is our primary use case?

We are a service provider and we are providing the solution as a managed service for multitenancy security.

What is most valuable?

The solution is flexible and easy to use.

What needs improvement?

IBM is going through some problems with its resources currently making its support response time slow.

For how long have I used the solution?

I have been using the solution for a couple of months.

What do I think about the stability of the solution?

I find the solution reliable. 

What do I think about the scalability of the solution?

The solution is scalable. We have 15 customers using it at the moment.

How are customer service and technical support?

The support could be a lot better by being faster.

Which solution did I use previously and why did I switch?

We recently switched to this solution from LogRhythm cloud. One of the main reasons we switched solutions was because it is more scalable.

How was the initial setup?

The installation was a little difficult and could be made easier.

Which other solutions did I evaluate?

We have evaluated Secureonix and this solution is far superior. We did the implementation of Securonix for two customers and we canceled it. We rolled back those clients onto this solution because Securonix failed on both implementations.

What other advice do I have?

I would recommend this solution to others. We have invested in it and we plan on using it in the future.

I rate IBM QRadar an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
PeerSpot user
Practice Head at a tech services company with 51-200 employees
Real User
Top 10
Flexible correlation, easy to use, and stable
Pros and Cons
  • "It is a bit easier to use than other products, such as Splunk or ELK Elasticsearch."
  • "The technical support can be improved a little bit, and the price could be cheaper."

What is our primary use case?

We have a POC environment but have not onboard it to any of our clients.

What is most valuable?

The most valuable feature is the correlation function, which is flexible.

It is a bit easier to use than other products, such as Splunk or ELK Elasticsearch.

What needs improvement?

The technical support can be improved a little bit, and the price could be cheaper.

For how long have I used the solution?

I have been using IMB QRadar for one year.

What do I think about the stability of the solution?

IBM QRadar is a stable solution.

How are customer service and technical support?

Technical support needs improvement.

Which solution did I use previously and why did I switch?

I know a little bit about Splunk and ELK Elasticsearch. We did not have a PoC with Splunk so it was just theoretical, but I did learn about it.

How was the initial setup?

The initial setup is very easy.

What's my experience with pricing, setup cost, and licensing?

IBM QRadar is a little bit expensive compared to other products.

What other advice do I have?

I would recommend this solution to others who are looking for an on-premises solution. For a SIEM solution, it is the best one to go with. If they are interested in using the cloud, I would not recommend it. The cloud version of QRadar is QRoC and it is a bit complicated.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Olakanmi Oluwole - PeerSpot reviewer
Cyber threat Intelligence Manager at CyberLab Africa
Real User
Top 5
Beneficial log reporting, excellent technical support, but stability needs improvement

What is our primary use case?

We use IBM QRadar for threat protection.

What is most valuable?

The most valuable features are log monitoring, easy-to-fix issues, and problem-solving.

What needs improvement?

There is a shortage of skilled individuals with knowledge about the solution. There should be more training programs to teach and enable users get familiar.

For how long have I used the solution?

I have been using this solution for approximately one year.

What do I think about the stability of the solution?

The stability of the solution could improve.

What do I think about the scalability of the solution?

We have approximately 20 people using this solution in my organization.

How are customer service and technical support?

The technical support is great. Additionally, there are plenty of resources available to increase knowledge about the solution.

Which solution did I use previously and why did I switch?

We have used other solutions in the past.

How was the initial setup?

The installation is not very difficult, I did not have any problems.

What about the implementation team?

We used consultants for the implementation. We have five engineers that do the maintenance of this solution.

What's my experience with pricing, setup cost, and licensing?

There is a license required for this solution.

What other advice do I have?

I would recommend this solution to others.

I rate IBM QRadar a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Gian Michele Roletto - PeerSpot reviewer
SOC Manager at Nais Srl
Real User
Top 5Leaderboard
Feature - rich, well priced and has good support
Pros and Cons
  • "The interface is good."
  • "I would like to see the update process simplified."

What is our primary use case?

IBM QRadar is used to help our customers collect information. It collects the information from other tools on the firewall, network devices, cyber tools with both Carbon Black, Cortex, Cynet, and Darktrace.

What is most valuable?

It's a complete platform.

The interface is good.

They have more than 100 features.

What needs improvement?

It is not easy to use.

The updates are not very easy. It is very complex. I would like to see the update process simplified.

When I said "it is not easy to use", I mean that QRadar is not for beginners.
Needs high competence and skyll to use it in a satisfactory way to really help customers.
The complexity is not a flaw, but it si a necessary quality for QRadar to be a truly effective tool in a Cyber environement.

For how long have I used the solution?

We have used IBM QRadar within the last twelve months.

What do I think about the stability of the solution?

IBM QRadar is a stable solution.

What do I think about the scalability of the solution?

It's a scalable platform.

How are customer service and support?

Technical support is good.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?


What's my experience with pricing, setup cost, and licensing?

Pricing is good.

What other advice do I have?

I would rate IBM QRadar an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: As a SOC we are real user of QRadar platform for more then one customers.
PeerSpot user
Buyer's Guide
Download our free IBM QRadar Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2022
Buyer's Guide
Download our free IBM QRadar Report and get advice and tips from experienced pros sharing their opinions.