IBM Security QRadar Reviews

First, I used the manual to learn, then I tried to merge it with my company's needs, and there weren't any problems.

I like the graphical interface. It's so good and easy.

Integration could be better. They should make it easy to integrate with other solutions. 

I have been using IBM QRadar Advisor with Watson for three or four years.

IBM QRadar Advisor with Watson is a stable solution.

I think IBM QRadar Advisor with Watson is scalable.

We didn't use technical support as the community was very helpful.

The initial setup was difficult the first time, but it got easier after that.

I think my company pays for the license yearly.

I would advise potential users to read the manual or the workbook before going forward with the deployment. Try to match the requirements with the company's needs to avoid facing issues in the future. But if you get stuck, you can always ask the community for help.

On a scale from one to ten, I would give IBM QRadar Advisor with Watson a nine.

I think this is a good product for enterprises because of the performance and out-of-the-box rules and use cases. If they want to reach the maturity level early, they can use these out-of-the-box rules and use cases. That will help them a lot.

IBM QRadar User Behavior Analytics is good, but I think the functionality should be much more integrated. You should have easy access to the artifacts if you are doing a particular investigation. It's good, but other team solutions like LogRhythm are actually merging the functionality. So, I think that is something IBM can work on. 

We have been using IBM QRadar User Behavior Analytics for about four years.

Stability is good, but the investigation system should be better.

IBM QRadar User Behavior Analytics is scalable. You have the EPS and closed license. I think scalability is not an issue because it is available on both the hardware and the software. You can install the software plans if you want, and there is also a hardware plan.

Their technical support is good. I have not faced any issues before, and the technical support is good.

I will recommend this solution to potential users.

On a scale from one to ten, I would give IBM QRadar User Behavior Analytics a seven. 

I am an integrator of this solution, my customers use this as a SIEM solution for log management.

This solution has excellent security analytics.

I think that the search speed of this solution could be improved.

This is a scalable solution, we have customers who have scaled.  

The initial setup is very easy and takes just one day.

I would recommend this solution to everyone considering using it.

I would rate this solution a nine out of ten.

IBM QRadar User Behavior Analytics has a dedicated application for user behavior analytics and must be installed separately on an application server. It is valuable if you created the setup for the use cases. It needs additional customization to have a good value. You will have to point the solution to the suitable data sources that will feed the user analytics in a good manner. You will have good user behavior analytics, based on the created use cases.

IBM QRadar User Behavior Analytics has easy architecture, has a good portfolio and integration.

The solution could improve by having more out-of-the-box use cases.

I have been using IBM QRadar User Behavior Analytics for approximately two years.

IBM QRadar User Behavior Analytics is stable.

I have found IBM QRadar User Behavior Analytics to be scalable.

We have approximately 15 clients using this solution.

The support is satisfactory.

The implementation was not easy and was not difficult, it was in the middle.

The full implementation can take approximately two to three months.

We have three people that are supporting IBM QRadar User Behavior Analytics.

There is an annual license required for this solution.

I rate IBM QRadar User Behavior Analytics an eight out of ten.

The use cases that are widely used across the globe are related to ransomware phishing, lateral movement, et cetera.

The simple user access model, or the user interface, is something that is very helpful.

The initial setup is not too difficult. 

So far, we have found the product to be stable. 

We've found the solution to be scalable.

The IBM support can be better. It's an aspect that needs improvement. 

In future iterations, I'd like to see an advance in office management, the out-of-the-box use cases that are provided. That needs to be part of the requirement.

It's a stable solution. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

The solution scales well.

We have 45,000 users on the solution right now. 

We do plan to increase usage soon. 

We've dealt with technical support in the past and it was lacking. 

They have provided dedicated time to us, to work on the issue that we are observing right now.

We did not use a different solution. We chose this due to the fact that it's an industry-accepted solution. The use cases are easy to configure in multiple things that we considered important while taking the solution.

The deployment was easy. It wasn't overly complex.

It took me around six months to do the implementation. 

We handled the deployment with the assistance of a vendor partner. 

I can't speak to the exact pricing. I've never looked at its commercial costs. 

We did consider other options before choosing this product.

We are a preferred partner of IBM.

I'd rate the solution at a seven out of ten.

I deploy the IBM QRadar for many organizations, and I've been performing analyses for those organizations as well.

These organizations use the tool for monitoring of their environment. It's a basic SIEM product. So we just log each and every data source, perform an analysis, and create rules. We also create advanced use cases to cater the advanced threat(s).

I am unable to pick one, every component is valuable. It is a very good SIEM.

I would like for Yara to be supported by all components. 

I have been working with this product for the last five years.

I think it's a very stable product that provides much more visibility than the other product.

You can scale the architecture of the QRadar easily by adding licenses.

Small to medium-sized organizations would require one to two people for maintenance while man power for large organizations would be determined by the architecture. 

Customer support needs some improvement as there have been a few cases where we were unable to reach them in time.

I didn't find it to be complex. I think IBM QRadar has a more user-friendly GUI that helps your team work easily within it. Deployment for an all in one will take four to five hours but can vary depending on environment size.

Our in-house team assists our customers with deployment. Our customers are the main POC and we are able to deploy into their environment, make necessary integrations, and create the rules.

Licensing can be costly depending on your architecture.

You receive alerts for misconfigurations which allows your administer to easily reconfigure any issues. 

The organizations themselves are able to monitor all of their information regarding their team including what attacks they are facing on a daily bases.

I would rate this an eight out of ten.

We use IBM QRadar for user behavior analytics and incident handling.

The features that I have found most valuable are that it is very stable, easy to get going, and easy to manage. It is also easy to review all incidents.

The only problem is that if you have too many events that occur, then the storage capacity becomes a problem. We would need to increase the storage capacity.

I have been using IBM QRadar for four years.

We have three customers using it and these customers have 100 to 300 users.

Getting support sometimes takes time.

The initial setup was quite straightforward.

We had the complete deployment and it was up and running in half a day.

You can implement it by yourself.

I would recommend IBM QRadar to other people who want to start using it.

On a scale of one to ten, I would give QRadar a nine.

I use IBM QRadar for user behavior analytics, and mostly incident handling.

The solution is easy to use, manage, and review all incidents.

If you have too many events that occur, then the storage capacity becomes a problem. You need to have more storage.

I have been using IBM QRadar for approximately four years.

The solution is very stable.

We have approximately three customers and the total users that are using it would be approximately 200.

The initial installation was straightforward, we were able to have it running in half a day.

I do the implementation and maintenance of the solution.

There are different types of subscriptions available. We were on an annual subscription, but our customers typically choose the two years subscription option.

I would recommend this solution to others.

I rate IBM QRadar a nine out of ten.