IBM QRadar

(13)
4.3 out of 5 stars

IBM QRadar

Work for IBM QRadar?

Learning about IBM QRadar?

We can help you find the solution that fits you best.

Find the Right Product

IBM QRadar Reviews

Ask IBM QRadar a Question
Write a Review
Filter Reviews
Filter Reviews
  • Ratings
  • Company Size
  • User Role
  • User Industry
Ratings
Company Size
User Role
User Industry
Showing 13 IBM QRadar reviews
LinkedIn Connections
IBM QRadar review by <span>Mark A.</span>
Mark A.
Validated Reviewer
Invitation from the software vendor
Reviewed On

QRadar Newbie.

What do you like best?

I like the discussed inter-operability between QRadar and other data sources that can be used as feeds or a database. I also like that it can be tailored to any environment with not too much effort if the environment is mature.

What do you dislike?

We have run into a timestamp issue whereby QRadar timestamps an event when it receives the data and creates an alert based on that timestamp vs when the event actually happened on the Network.

Recommendations to others considering the product

Have a mature environment that is well documented, a well organized process flow for Security as a whole and well defined roles and responsibilities. It's always good to have done your homework on any product as it relates to your environment so as to have the ability to identify any gaps in either process flow or data sources availability/use in QRadar.

What business problems are you solving with the product? What benefits have you realized?

We are implementing QRadar to better consolidate and cross correlate data to one console.

Sign in to G2 Crowd to see what your connections have to say about IBM QRadar
Headshots
IBM QRadar review by <span>Brandon B.</span>
Brandon B.
Validated Reviewer
Verified Current User
Invitation from the software vendor
Reviewed On

IBM QRadar

What do you like best?

Honestly the best thing about IBM QRadar is the support. It's a very complex tool and can be very daunting to newer admins. But an email here or there or a ticket can get almost any question possible answered in a friendly and professional manner.

What do you dislike?

It's a very complex tool and can be daunting for new admins not familiar with it. Depending on the situation there can be a bit of a steep learning curve.

Recommendations to others considering the product

Try the new free 50 eps version of QRadar to test it in a small environment.

What business problems are you solving with the product? What benefits have you realized?

Security visibility

What Security Information and Event Management (SIEM) solution do you use?

Thanks for letting us know!
IBM QRadar review by <span>Joe A.</span>
Joe A.
Validated Reviewer
Verified Current User
Invitation from the software vendor
Reviewed On

Undecided

What do you like best?

Nothing particular. Layout is similar to other SIEM applications.

What do you dislike?

searching is not intuitive. Quick filter doesn't offer any tips or command/syntax help.

What business problems are you solving with the product? What benefits have you realized?

We haven' identified business problems to solve yet.

IBM QRadar review by <span>Poonam K.</span>
Poonam K.
Validated Reviewer
Invitation from G2 Crowd
Reviewed On

IBM QRadar SIEM

What do you like best?

1. Detecting anomalies in the network

2. Speed of alert generation and notification

3. Customized rule development

What do you dislike?

1. IBM Customer Service Support

2. Cost of product compared to others in the industry

Recommendations to others considering the product

1. Consider pricing compared to other products in the Gartner Magic Quadrant for SIEM

2. Consider integration with legacy devices

What business problems are you solving with the product? What benefits have you realized?

Security Incident and Event Monitoring. It has significantly automated incident resolution.

IBM QRadar review by Administrator in Financial Services
Administrator in Financial Services
Validated Reviewer
Invitation from the software vendor
Reviewed On

QRadar Review - Rick Jesse

What do you like best?

Ease of use. The ability to quickly find information. Rules are fairly straight forward to create and/or edit.

What do you dislike?

Auto detecting log sources are sometimes inaccurate, leading to duplicate and sometimes triplicate log sources. DSMs have a lot of issues with parsing for certain log sources, and there is a lack of some common DSMs. Specific reports can be difficult to create, the time series reports specifically give us the most issues.

What business problems are you solving with the product? What benefits have you realized?

We are using QRadar as both a logger and SIEM. Detecting and Alerting of malicious activity has been the biggest benefit.

IBM QRadar review by Consultant
Consultant
Validated Reviewer
Invitation from the software vendor
Reviewed On

Flexible, fast, data-intensive, and evolving at a rapid pace

What do you like best?

The fact that it natively deals with flows and log sources. The QRadar app exchange is just putting the platform on steroids and expanding its capabilities limitlessly. The correlation and offense engine is very powerful, as is the framework for integrating threat and intel feeds. Tight integration with QVM, Forensics.

What do you dislike?

The dashboards need more visualization options and flexibility.

What business problems are you solving with the product? What benefits have you realized?

Orchestrating security incident response around IBM QRadar, with increased identification rates, faster triage, greater visibility into incidents from network flows and other security context sources.

Learn more about IBM QRadar

IBM QRadar Videos

IBM QRadar Downloads

Kate avatar
Kate from G2 Crowd

Learning about IBM QRadar?

I can help.
* We monitor all IBM QRadar reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.