Try our new research platform with insights from 80,000+ expert users

Change Auditor for Windows File Servers vs IBM Security QRadar comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Change Auditor for Windows ...
Ranking in Log Management
37th
Average Rating
9.0
Reviews Sentiment
7.6
Number of Reviews
2
Ranking in other categories
No ranking in other categories
IBM Security QRadar
Ranking in Log Management
6th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
208
Ranking in other categories
Security Information and Event Management (SIEM) (4th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (11th)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of Change Auditor for Windows File Servers is 0.1%, down from 0.2% compared to the previous year. The mindshare of IBM Security QRadar is 3.8%, down from 5.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

KF
Provides granular queries of security logs and real-time alerting helps me mitigate risks
The real-time alerting helps me mitigate risks. For example, someone adds a member to the domain admin group. We have an alert set up, so if someone does this unexpectedly, we get notified. Then, we can check and verify if the action is legitimate or a potential threat to the environment.
Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"In terms of features, the querying is great."
"The solution's most valuable aspect is that it can be fully integrated with Microsoft solutions and it doesn't impact the productivity order."
"We have worked with other solutions, such as LogRhythm and Splunk. Compared to others, IBM QRadar has the best price-performance ratio so that you are able to reserve minimum costs. It starts settling in fast and gets the first results very quickly. It is also very scalable."
"We are using the platform version, which I like."
"One of the most valuable features of this solution is it has very good data correlation."
"We can easily monitor many things using this tool."
"Customer service is very good and very helpful."
"There is a single dashboard that gives us a complete overview of what is happening around the globe."
"The support is very good. We get support whenever we need it. Sometimes they respond immediately and sometimes it will be within 24 hours. We can ask them to please do it right away and they can get a request done within an hour or two."
"The monitoring and dashboards are great."
 

Cons

"The pricing could be improved. It needs to be reduced."
"The customer service and support could improve their approach to questioning issues. They tend to ask questions one at a time, which creates a lot of back-and-forth communication."
"The solution does not support the integration of flat file databases."
"There is room for improvement in IBM QRadar in integrating features for SOC maturity and security levels directly into QRadar."
"The only challenge with products like IBM is the EPS. You just have to be really on the events per second, as that's where the cost factor becomes a huge issue."
"If you have too many events that occur, then the storage capacity becomes a problem. You need to have more storage."
"It would be good if the program allowed certain profiles to only see certain customer information."
"GUI needs to be improved."
"I think QRadar is very complex. It's a distributed system and IBM QRadar has an all-in-one solution which is not like that distributed solution but it's a good product. IBM needs to consider the user interface because if we compare it with AlienVault, the AlienVault user interface is fantastic but the IBM QRadar user interface is very complex. They should focus on how to make it easier for the client."
"When it comes to what could be better, it is always what others are trying to do and what is the roadmap. It can have more integration. It should have more flexible RESTful APIs for integration with applications. These are the things that are always in demand for any of the SIEM solutions, not only for QRadar. Integration is ever-evolving. Nowadays, different versions of mobile handsets are there and data is getting scattered. Users are using their personal handsets to keep the data of the organization. So, it should have a more flexible integration, irrespective of the flavor of the firmware and iOS or Android version. It should have an API that can seamlessly get integrated. It should also provide more flexible control and a more advanced or analytical view to see what exactly is happening across the globe or network. From wherever a user is connecting and accessing the enterprise data, it should give real-time visibility and predictive visibility about what exactly is happening. These things are already there, but there should be more advanced control in terms of managing the security."
 

Pricing and Cost Advice

"The pricing is per user. The cost is approximately $15/user on a yearly basis. If you need to, you can always upgrade as well."
"The price of this solution is a little high."
"It is expensive. It is not a product that I can provide for SMBs. It is a program that I can only provide for really large enterprises."
"It could be cheaper, but the value itself is far more important for us than the price. Typically, our clients have yearly subscriptions."
"found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price."
"Only enterprise businesses can afford the tool."
"There is an annual license required for this solution."
"Licensing can be costly depending on your architecture."
"IBM QRadar User Behavior Analytics is an application framework and you can install many applications without any additional costs."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
No data available
Educational Organization
24%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What needs improvement with Change Auditor for Windows File Servers?
They've already made improvements! They have a tool called IT Security Search, which lets you perform queries outside of Change Auditor. It's much faster. This is a really good addition and helps u...
What is your primary use case for Change Auditor for Windows File Servers?
I use Change Auditor for Windows File Servers to log history. It's helpful when we have critical changes in Active Directory, like adding or removing items. I use it extensively for monitoring.
What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
 

Also Known As

No data available
IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
 

Overview

 

Sample Customers

Dragon Capital, Howard County MD
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Find out what your peers are saying about Change Auditor for Windows File Servers vs. IBM Security QRadar and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.