We performed a comparison between IBM Security QRadar and Securonix UEBA based on real PeerSpot user reviews.
Find out in this report how the two User Entity Behavior Analytics (UEBA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The ability to add extensions is the most valuable feature. For example, extensions that provide valuable test ports."
"It can analyze event logs, event security, and give a good consult."
"It is a very good SIEM."
"The UBA feature is the most valuable because you can see everything about users' activities."
"The playbook engine is flexible and allows for the graphical visualization of processes, enabling the implementation of dynamic playbooks for incident response or testing."
"No doubt about it, the solution is extremely stable."
"The features that I have found most valuable are that it is very stable, easy to get going, and easy to manage. It is also easy to review all incidents."
"The ability to transition from microscopic to macroscopic view, instantly, is very good."
"Their user and entity behavior analysis algorithms are the most valuable features."
"The feature dashboard is very well organized and intuitive to use. It organizes information on a timeline which is exactly what we need for insider threat future-analysis."
"One of the most valuable features is UEBA. It's pretty helpful for us to make sure of our thresholds for any of our clients."
"When it comes to what could be better, it is always what others are trying to do and what is the roadmap. It can have more integration. It should have more flexible RESTful APIs for integration with applications. These are the things that are always in demand for any of the SIEM solutions, not only for QRadar. Integration is ever-evolving. Nowadays, different versions of mobile handsets are there and data is getting scattered. Users are using their personal handsets to keep the data of the organization. So, it should have a more flexible integration, irrespective of the flavor of the firmware and iOS or Android version. It should have an API that can seamlessly get integrated. It should also provide more flexible control and a more advanced or analytical view to see what exactly is happening across the globe or network. From wherever a user is connecting and accessing the enterprise data, it should give real-time visibility and predictive visibility about what exactly is happening. These things are already there, but there should be more advanced control in terms of managing the security."
"Pricing model could be more cost-effective."
"In terms of what could be improved, I would say the script which we have to create for custom actions. QRadar needs to improve that feature. Additionally, QRadar has to provide the playbooks designing features."
"QRadar's performance has room for improvement because it cannot handle the volume. I need massive amounts of logs from various devices in our existing network architecture. IBM needs to improve QRadar's capacity to handle more logs."
"It would be better if it were more stable and more secure. The price for maintenance could be better. It's too high. In the next release, I think they should focus on the price and the operation."
"QRadar needs to be improved on the storage side, particularly when the disc exceeded the maximum threshold."
"With IBM Security QRadar, my company faced issues with the support we received for the product."
"I would also like to see more integration with other vendors. IBM doesn't integrate well with products from China, like Huawei. Many Middle Eastern customers are switching to Huawei from American vendors like Cisco because of the price. In most RFPs, Huawei wins because it costs less."
"When compared to others, if you look at the integration aspect, I believe that some aspects of integration can be enhanced."
"The area that needs improvement is reporting."
"There is room for improvement in the algorithms. Although I said that we have a very solid starting point - our existing library is already very comprehensive - we constantly find areas where we need to develop new algorithms. That is common across platforms. Any vendor with a solid starting point would still need to continue to evolve."
IBM Security QRadar is ranked 1st in User Entity Behavior Analytics (UEBA) with 198 reviews while Securonix UEBA is ranked 14th in User Entity Behavior Analytics (UEBA) with 3 reviews. IBM Security QRadar is rated 8.0, while Securonix UEBA is rated 10.0. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Securonix UEBA writes "Inbuilt detection algorithms, attentive technical support, and reasonably priced". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Securonix UEBA is most compared with Splunk User Behavior Analytics and ArcSight Analytics. See our IBM Security QRadar vs. Securonix UEBA report.
See our list of best User Entity Behavior Analytics (UEBA) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
All three security solutions are defined and different smartness they hold it all depends on how is your requirement.
Securonix UEBA is a Hadoop bases UEBA technology tool the tools understand the infrastructure and users and then work accordingly. (Wide Customer industry support) (Average cost)
IBM QRadar is a SIEM with all in the composite tool can bring in UEBA and other security solution. (Wide Customer industry support) (Average cost)
Exabeam is a mathematical bases security solutioning tool, it learns infra and then provides a solution, it's a bit noisy in some instances. (Medium Customer industry support) (Costly)
If you tell us what exactly you require or how id your infra set up, then it would good to suggest a tool.