2022-02-06T07:24:06Z

What is your experience regarding pricing and costs for IBM QRadar Advisor with Watson?

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Julia Miller - PeerSpot reviewer
Community Director at PeerSpot
  • 0
  • 113
4
PeerSpot user
4 Answers
James Riffenburg - PeerSpot reviewer
Principal Cybersecurity Consultant (Architecture, Engineering, Operations) CISO VCISO at a financial services firm with 10,001+ employees
Consultant
Top 10
2022-10-18T18:35:39Z
Oct 18, 2022

The solution is costly and the price differs depending on the vendor you use.

Search for a product comparison
Ahmed Hossam - PeerSpot reviewer
SOC Analyst Tier 2 at IP Protocol INC
Real User
Top 10
2022-06-26T13:06:01Z
Jun 26, 2022

I think my company pays for the license yearly.

RR
Cyber Security Specialist at UST Global
Real User
Top 20
2022-05-12T06:53:59Z
May 12, 2022

Licensing is mostly dependent on the EPS, events per second. Depending upon the number of products that are integrated with the platform, we have to come to an optimal EPS value. I'm not very sure about the financials, however, the licensing cost cannot be as much as that for Sentinel, which is not very low. For customers who need medium EPS values, we advise QRadar. The basic out the box cost covers, the EPS value that you have specified, and then some archiving maybe. It should include at least six months of archiving and other functionalities. Most of the customers will go for the standard package and we don't have to go for extra archival or enhanced DPS. 10% to 15% of DPS can always be increased. It will not completely shut down the system, however, it'll start sending us notifications that the DPS is getting increased and then we can go for a higher licensing.

SU
Team Lead - Information Security at LTI - Larsen & Toubro Infotech
Real User
Top 20
2022-02-06T07:24:06Z
Feb 6, 2022

I can't speak to the exact pricing. I've never looked at its commercial costs.

Learn what your peers think about IBM Security QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: September 2023.
735,432 professionals have used our research since 2012.
Related Questions
Liam Brandt - PeerSpot reviewer
User at Catalyic Consulting (Pvt.) Ltd
Mar 22, 2023
Hi community, Please let us know your thoughts in the comments below. Thank you!
See 2 answers
VS
User at RAS Unipers
Mar 14, 2023
Hi, in my opinion, because it is still the best at giving you visibility of what's happening in your IT infrastructure, and at detecting threats. Visibility and detection may seem simple tasks. but actually, they require a lot of capabilities in understanding, integrating, logging, and alarms from a huge multitude of devices. Such tasks go under the line of log ingestion, normalization, etc., and that is far from easy. QRadar has done a lot of work in that direction. Another aspect is event correlation. And here, either you write the correlation rules yourself, spending $$$$ of professional services, and by the way, it'll take forever to test, implement and maintain up to date, or your access to a very long list of preset correlation rules, that are already available and waiting to be activated. Finally, visibility and threat detection is just the beginning of a journey pointed at becoming aware of what's happening in your IT and taking relevant and effective action. There are several other technologies that have to be used to minimize exposure, and contain, and remediate relations to an attack. I believe IBM has a few of those, that can be integrated. But whichever you use at the end of this journey, if the original feed is not correct, not relevant, or not complete, you missed your goal in the first place.My 5 cents :)VS
Jairo Willian Pereira - PeerSpot reviewer
Information Security Manager at a retailer with 10,001+ employees
Mar 22, 2023
I´m not sure about this affirmation. There are a lot of other tools used.
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot
Jul 17, 2023
If you were talking to someone whose organization is considering IBM QRadar Advisor with Watson, what would you say? How would you rate it and why? Any other tips or advice?
2 out of 12 answers
SU
Team Lead - Information Security at LTI - Larsen & Toubro Infotech
Feb 6, 2022
We are a preferred partner of IBM. I'd rate the solution at a seven out of ten.
SD
IM Operations Manager at a tech services company with 1,001-5,000 employees
Apr 25, 2022
My advice to others is to shop around because IBM QRadar Advisor with Watson is not for small enterprises, it's aimed at your larger environments that have a multitude of infrastructure and networks that are hybrid across different environments. It integrates into quite a few tools, such as your email system, and file systems. This tool is not for everybody. IBM doesn't have the sort of tool that helps a five, ten, or twenty user environment. This is not advisable to go and invest in the solution. There are other tools that you could possibly look at that do probably some of the functions in terms of monitoring your playbooks and integration points that are a little bit easier to map to. However, that is not a tool for every organization out there. The solution is targeting major enterprises. I rate IBM QRadar Advisor with Watson a seven out of ten. There are quite a few areas they could improve, such as they have a lot of technical manual configs and orchestration could be better.
Related Articles
NC
Content Manager at PeerSpot (formerly IT Central Station)
May 2, 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews for the Top 8 Log Management Tools to help you d...
Ertugrul Akbas - PeerSpot reviewer
Manager at ANET
Oct 9, 2021
There are many comparisons and scoring reports like Gartner. But a small part of their scoring is technical capacity. Other comparisons available on the web or magazines are marketing, sales, and presales documents. They do not include extensive technical analysis. In today’s ever-evolving cybersecurity climate, businesses face more threats than ever before. Finding the right SIEM is crucia...
2 out of 6 comments
CH
Visionary at Whaduu, LLC
Jul 12, 2021
Excellent article.  ArcSight claims to use ML - they are not listed under ML here (?).  Can LogRhythm handle your correlation logic example?  A simple comparison table would be very useful (features, checkmarks).
Ertugrul Akbas - PeerSpot reviewer
Manager at ANET
Jul 12, 2021
@CraigHeartwell, ​thanks for your spelling correction.  ArcSight acquired Interset for ML. Yes, LogRhythm can handle the logic. SIEM Comparison table is on my mind for a long time. I published the Turkish version. I need to work to extend it before publishing.
Related Articles
NC
Content Manager at PeerSpot (formerly IT Central Station)
May 2, 2022
Top 8 Log Management Tools 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to...
Ertugrul Akbas - PeerSpot reviewer
Manager at ANET
Oct 9, 2021
The Math of SIEM Comparison
There are many comparisons and scoring reports like Gartner. But a small part of their scoring...
Download Free Report
Download our free IBM Security QRadar Report and get advice and tips from experienced pros sharing their opinions. Updated: September 2023.
DOWNLOAD NOW
735,432 professionals have used our research since 2012.