Try our new research platform with insights from 80,000+ expert users

Change Auditor for Windows File Servers vs IBM Security QRadar comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Change Auditor for Windows ...
Ranking in Log Management
37th
Average Rating
9.0
Reviews Sentiment
7.6
Number of Reviews
2
Ranking in other categories
No ranking in other categories
IBM Security QRadar
Ranking in Log Management
6th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
207
Ranking in other categories
Security Information and Event Management (SIEM) (4th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (11th)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of Change Auditor for Windows File Servers is 0.1%, down from 0.2% compared to the previous year. The mindshare of IBM Security QRadar is 3.8%, down from 5.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

KF
Provides granular queries of security logs and real-time alerting helps me mitigate risks
The real-time alerting helps me mitigate risks. For example, someone adds a member to the domain admin group. We have an alert set up, so if someone does this unexpectedly, we get notified. Then, we can check and verify if the action is legitimate or a potential threat to the environment.
Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution's most valuable aspect is that it can be fully integrated with Microsoft solutions and it doesn't impact the productivity order."
"In terms of features, the querying is great."
"I think this is a good product for enterprises because of the performance and out-of-the-box rules and use cases. If they want to reach the maturity level early, they can use these out-of-the-box rules and use cases. That will help them a lot."
"The solution is relatively easy to use."
"I have found its network traffic log, network bit log, and QBI most valuable."
"IBM has everything you need in a cybersecurity solution. If you want to build a cybersecurity operation center version then I think QRadar is a perfect solution."
"The pre-canned rules and reports in this product are a huge plus."
"QRadar, Splunk, and ArcSight are SIEM solutions with built-in AI/ML features. They can do the complete investigation and alert the admin about what is happening. They can also do the root cause analysis. There are many other features that come with QRadar. It has a more granular log, so you can integrate with various non-IT as well as IT-based components. You can get unstructured data to the SIEM data, and you can identify more what is happening in the network or what is happening in the central head office. You can also identify what is happening between your remote offices. You can also use it to identify what the users in the field are doing on their devices and how things are moving. From the integration point of view, it is very centric. It gives complete control centrally. If a user is not connected to the system, whenever he comes online, we can see the policy updates over the Internet, and we can ensure that the data that is supposed to be protected is protected."
"The flexibility is good in terms of pulling log files."
"On the back-end, Watson helps me figure out an exact problem, sometimes giving me the result."
 

Cons

"The customer service and support could improve their approach to questioning issues. They tend to ask questions one at a time, which creates a lot of back-and-forth communication."
"The pricing could be improved. It needs to be reduced."
"The usability of interfaces could be improved."
"QRadar needs to be improved on the storage side, particularly when the disc exceeded the maximum threshold."
"IBM Security QRadar lacks automated response. With this feature, there's no need to visit VirusTotal or other sites for IP reputation. There should be a small plug-in where users can click to retrieve details about the reputation and organization of public IP."
"The user interface is a bit clunky, a bit hard to find what you need."
"There are a lot of things they are working on and a lot of technologies that are not yet there. They should probably work out a better reserve with their ecosystem of business partners and create wider and more in-depth qualities, third-party tools, and add-ons. These things really give immediate business value. For instance, there are many limitations in using SAP, EBS, or Micro-Dynamics. A lot of things that are happening in those platforms could also be monitored and allowed from the cybersecurity risks perspective. IBM might be leaving this gap or empty space for business partners. Some larger organizations might already be doing this. It would be very nice if IBM can make some artificial intelligence part free of charge for all current QRadar users. This would be a big advantage as compared to other competitors. There are companies that are going in different directions. Of course, you can't do everything inside QRadar. In general, it might be very good for all players to provide more use cases, especially regarding data protection and leakage prevention. There are some who are already doing some kind of file integrity or gathering some more information from all possible technologies for building anything related to the user and data analysis, content analysis, and management regarding the data protection."
"Solution has too many menus that require going to two or three sub-monitors to enter the QRadar."
"The solution does not support the integration of flat file databases."
"There could be better integration with the solution."
 

Pricing and Cost Advice

"The pricing is per user. The cost is approximately $15/user on a yearly basis. If you need to, you can always upgrade as well."
"On a scale of one to ten, I rate the price a one, where one is an extremely expensive product, and ten is a cheap product."
"The tool's price is high."
"The pricing needs to be such that they are more competitive with other vendors."
"IBM has subscriptions plans that run for one year."
"IBM QRadar User Behavior Analytics is an application framework and you can install many applications without any additional costs."
"Pricing is good."
"Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost."
"think the pricing is quite flexible."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
No data available
Educational Organization
23%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What needs improvement with Change Auditor for Windows File Servers?
They've already made improvements! They have a tool called IT Security Search, which lets you perform queries outside of Change Auditor. It's much faster. This is a really good addition and helps u...
What is your primary use case for Change Auditor for Windows File Servers?
I use Change Auditor for Windows File Servers to log history. It's helpful when we have critical changes in Active Directory, like adding or removing items. I use it extensively for monitoring.
What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
The cost depends. The price I negotiated varies by region and relationship with the OEM. Cost is not shared due to another procurement team handling negotiations, but it was reasonable as far as I ...
 

Also Known As

No data available
IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
 

Overview

 

Sample Customers

Dragon Capital, Howard County MD
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Find out what your peers are saying about Change Auditor for Windows File Servers vs. IBM Security QRadar and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.