We performed a comparison between IBM Security QRadar and LogPoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. LogPoint is noted for its advanced technology and extensive log-collection, parsing, and analysis mechanisms. QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. Reviews suggest LogPoint should improve its dashboard customization, resource efficiency, network hierarchy diagrams, and agent deployment.
Service and Support: Some QRadar customers have had trouble connecting with knowledgeable support staff and experienced delayed responses. LogPoint's customer service receives high marks for its exceptional technical support and responsive engineers, but some users reported delays in receiving help from higher-level support.
Ease of Deployment: QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. The complexity of LogPoint's initial setup can range from complex and time-consuming to fast and easy, depending on the user's experience and the organization’s size.
Pricing: QRadar can be costly because users need to buy new hardware to upgrade. LogPoint's fixed pricing model is seen as cost-effective and competitive.
ROI: QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. LogPoint makes costs more predictable and enables companies to generate revenue through security operation services.
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The most valuable feature is the analysis, because of the beta structure."
"This is stable and scalable."
"It is stable and scalable."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The product's initial setup phase is very easy."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Blocks of predefined conditions can be used to configure detection rules without having to write complicated script."
"The feature that I have found most valuable is its artificial intelligence component, Watson. Its contribution is pretty good from a machine-learning artificial intelligence perspective. This compliments the orchestration automation component, as well."
"It also has a graph that shows the traffic history. I can see what happened yesterday or today. If there's an incident, I can check the traffic behavior on QRadar."
"The most valuable feature is the searching capability and real-time operational use."
"QRadar shows very effective correlations. If you combine all the logins plus user behavior and the current intelligence, it gives a very good correlation for business. I think it reduces the false positives in user activity monitoring because there is a lot of social information to correlate with other data."
"I have found IBM QRadar to be scalable."
"Customer service is very good and very helpful."
"What I like about IBM QRadar User Behavior Analytics is that it uses machine learning algorithms to generate risk scoring for the user activity. I also like that it syncs with our Active Directory users, so it really has full coverage for all users in our environment."
"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."
"The integration is very user-friendly. There are not many CLI commands. Everything is directly accessible from the web interface."
"The solution's most valuable aspect is the combination of the software and the support that they have."
"The most beneficial was being able to prove, with proper reports, that from a compliance perspective, the company is in control. The service part of LogPoint did modifications or did some additional work to have the proper reports defined."
"It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them."
"The solution is user-friendly."
"The solution's user interface is quite simple, and the integration is better than other products."
"The product is easy to use."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Detections could be improved."
"The solution is not stable."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The support needs improvement."
"The architecture could be improved. I got stuck for a long time trying to understand the architecture, as it is quite challenging."
"I would like to see more integration in place after the security lock."
"It is not app based."
"I think QRadar is very complex. It's a distributed system and IBM QRadar has an all-in-one solution which is not like that distributed solution but it's a good product. IBM needs to consider the user interface because if we compare it with AlienVault, the AlienVault user interface is fantastic but the IBM QRadar user interface is very complex. They should focus on how to make it easier for the client."
"Before we didn't have any security issues but recently a few of the user emails were hacked. We had to actually recreate their emails for them."
"It needs more resilience and functionality."
"The released patch quality is poor. IBM should test those patches on their side, not on the client's side."
"The solution should enhance its capabilities of UEBA and AI/ML tech modeling."
"The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."
"One of the downsides is it is not a SaaS solution. It must be on-premises."
"Sometimes, the product is not stable."
"One of the things we faced last year was that we had some memory issues with the server running. We were running them as virtual services, and we were facing some performance issues. Back then, there were some things that had already been solved at the end, but one of the small issues we had was that it was quite memory-consuming. After one upgrade that we did, we faced some performance issues."
"We were missing visuals and graphics. Recently, a new version seems to have come out, and it has a new graphical user interface. When I was integrating it, it was usable, but the GUI needed improvement."
"Dashboards could be developed further."
"It is a good product, but its interface or GUI could be better."
"LogPoint must find a way to integrate the servers without agents."
IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews while Logpoint is ranked 26th in Security Information and Event Management (SIEM) with 20 reviews. IBM Security QRadar is rated 8.0, while Logpoint is rated 7.4. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Logpoint is most compared with Elastic Security, Rapid7 InsightIDR, Microsoft Sentinel, Wazuh and LogRhythm SIEM. See our IBM Security QRadar vs. Logpoint report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best User Entity Behavior Analytics (UEBA) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.