IBM Security QRadar Reviews

Our clients who are implementing or trying to implement a Security Operations Center use the IBM QRadar SIEM solution. This solution helps automate incident processing and provides visibility into the incident management process.

The playbook engine is flexible and allows for the graphical visualization of processes, enabling the implementation of dynamic playbooks for incident response or testing.

The integration of our customer's infrastructure with other security management systems, such as Active Directory, firewalls, and vulnerability management systems, is effective.

The solution is difficult to understand in the beginning and has complex management configurations that can be improved.

The stability has room for improvement.

The cost has room for improvement.

I have been using the solution for two years.

I give the stability a seven out of ten. There is sometimes unexpected behavior within the logic of the playbook engine and features.

I give the scalability an eight out of ten.

We have had issues that were not resolved by technical support.

Neutral

For the most part, the initial setup is straightforward and I give it a seven out of ten. The initial deployment and configuration require one month, followed by an additional 11 months of implementing various use cases and processes that need to be automated.

I give the price of the solution a four out of ten. The solution comes with a high price tag, while some of the competitors provide identical functionality in their offerings at no extra cost.

I give the solution a seven out of ten.

We have around 20 users.

The solution is of good quality and can be implemented successfully. However, in order to fully utilize its benefits, one must possess expertise in Python programming.

We are implementors and implement this solution for our clients, who use it for analytics. 

It offers good machine learning. The analysis is very helpful. 

The user activity is effectively flagged. It can pinpoint strange activity. 

It is stable and reliable.

The product can scale.

Technical support is good. 

The product can be a bit complex. A lot of things, like visualization, could be better. It would help the customer gain a better understanding. 

I've used the solution for five to six years. I've used it for a while now at this point. 

It is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. I'd rate the stability eight out of ten. 

The solution is scalable. It can handle thousands of users or maybe even more. I'd rate the scalability nine out of ten. 

We mostly deal with small or medium enterprises. 

Most of the time, technical support is helpful. I am satisfied with the level of service we receive. 

Positive

It is easy to implement. I'd rate the ease of implementation seven out of ten. 

The deployment only takes no more than a few hours. There are configurations and fine-tuning that have to happen after that, and everything could take about a week. 

As implementors, we can implement the solution for our clients. 

The pricing is reasonable. It's not expensive compared to other solutions. If you get the console and other licenses, you can easily use it with other QRadar solutions. 

New clients should know that it does give good analytics and it will help them save time.

I'd rate the solution seven out of ten. It's a good product.

The simplicity of the solution is the best feature.

The dashboards are all legacy and old. Their cloud support and the content available for cloud and containers are also minimal.

We have been using this solution since 2019.

I rate the stability a nine out of ten.

I rate the scalability an eight out of ten, and we have about 35 people using it.

I rate the technical support a five out of ten. They need to improve their availability. They have global support, which means we need to wait longer for a response.

Neutral

I rate the initial setup a seven out of ten, and it is deployed on-premises. The deployment took about four to six weeks, and we did it in-house.

We have seen an ROI.

I rate the price a six out of ten, with ten being affordable and one being expensive. They recently changed their licensing model, and it's more complex.

I rate this solution a six out of ten. Regarding advice, using this solution purely depends on the use case. If it meets your use case, then IBM QRadar is good, but other solutions like Securonix are much better.

We are using it for visibility and compliance.

The visibility it gives you into your infrastructure has been great.

The notifications it provides offer valuable information when something is happening in your blind spot.

The AI engine could be smarter. 

It is a bit expensive. 

I've used the solution for about three years. 

The solution is stable. I'd rate it five out of five. It's very reliable. There are no bugs or glitches. It doesn't crash or freeze. 

The solution scales well, and it's easy to do. I'd rate it five out of five in terms of the ease of scalability. 

We have a lot of users on the solution currently. We have customers on the product as well. There are likely more than 500 users inside and outside the organization. 

Support has been helpful and responsive. There may sometimes be a delay. However, they do get you the information you need. 

Positive

We've only ever used IBM. 

The setup is a bit complex. I'd rate it two out of five in terms of ease of deployment. It took us a week to get everything up and running. 

We had two engineers working on deployment and maintenance. 

We handled the solution in-house. We did not need outside assistance. 

We've seen a good ROI. I'd give it a five out of five. 

It's a bit pricey as a product. I'd rate it a two out of five, with five being the most affordable. It depends on what you buy; the longer you use it, the better the cost. It's an all-inclusive license. You don't need to pay for extra features. 

We did look at a few other options. 

We use the solution inside our organization. Our clients use it too. We are a premium partner in our region. 

We're using the latest version of the solution.

I'd rate the solution nine out of ten. It really provides good visibility.

QRadar UBA's most valuable feature is the risk rating of users depending on their behavior.

QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month. In the next release, I would like to be able to do a historical search of user scores.

I've been using QRadar UBA for two and a half years.

QRadar UBA is quite stable.

QRadar UBA's price is a little more than street price and could be reduced.

I would rate QRadar UBA seven out of ten.

I think this is a good product for enterprises because of the performance and out-of-the-box rules and use cases. If they want to reach the maturity level early, they can use these out-of-the-box rules and use cases. That will help them a lot.

IBM QRadar User Behavior Analytics is good, but I think the functionality should be much more integrated. You should have easy access to the artifacts if you are doing a particular investigation. It's good, but other team solutions like LogRhythm are actually merging the functionality. So, I think that is something IBM can work on. 

We have been using IBM QRadar User Behavior Analytics for about four years.

Stability is good, but the investigation system should be better.

IBM QRadar User Behavior Analytics is scalable. You have the EPS and closed license. I think scalability is not an issue because it is available on both the hardware and the software. You can install the software plans if you want, and there is also a hardware plan.

Their technical support is good. I have not faced any issues before, and the technical support is good.

I will recommend this solution to potential users.

On a scale from one to ten, I would give IBM QRadar User Behavior Analytics a seven. 

I am an integrator of this solution, my customers use this as a SIEM solution for log management.

This solution has excellent security analytics.

I think that the search speed of this solution could be improved.

This is a scalable solution, we have customers who have scaled.  

The initial setup is very easy and takes just one day.

I would recommend this solution to everyone considering using it.

I would rate this solution a nine out of ten.

IBM QRadar User Behavior Analytics has a dedicated application for user behavior analytics and must be installed separately on an application server. It is valuable if you created the setup for the use cases. It needs additional customization to have a good value. You will have to point the solution to the suitable data sources that will feed the user analytics in a good manner. You will have good user behavior analytics, based on the created use cases.

IBM QRadar User Behavior Analytics has easy architecture, has a good portfolio and integration.

The solution could improve by having more out-of-the-box use cases.

I have been using IBM QRadar User Behavior Analytics for approximately two years.

IBM QRadar User Behavior Analytics is stable.

I have found IBM QRadar User Behavior Analytics to be scalable.

We have approximately 15 clients using this solution.

The support is satisfactory.

The implementation was not easy and was not difficult, it was in the middle.

The full implementation can take approximately two to three months.

We have three people that are supporting IBM QRadar User Behavior Analytics.

There is an annual license required for this solution.

I rate IBM QRadar User Behavior Analytics an eight out of ten.