Try our new research platform with insights from 80,000+ expert users

Change Auditor for Windows File Servers vs IBM Security QRadar comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Change Auditor for Windows ...
Ranking in Log Management
37th
Average Rating
9.0
Reviews Sentiment
7.6
Number of Reviews
2
Ranking in other categories
No ranking in other categories
IBM Security QRadar
Ranking in Log Management
6th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
207
Ranking in other categories
Security Information and Event Management (SIEM) (4th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (11th)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of Change Auditor for Windows File Servers is 0.1%, down from 0.2% compared to the previous year. The mindshare of IBM Security QRadar is 3.8%, down from 5.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

KF
Provides granular queries of security logs and real-time alerting helps me mitigate risks
The real-time alerting helps me mitigate risks. For example, someone adds a member to the domain admin group. We have an alert set up, so if someone does this unexpectedly, we get notified. Then, we can check and verify if the action is legitimate or a potential threat to the environment.
Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"In terms of features, the querying is great."
"The solution's most valuable aspect is that it can be fully integrated with Microsoft solutions and it doesn't impact the productivity order."
"Most of our clients are interested in automation. The automation part is good because they are able to detect threats and vulnerabilities in real time. It's very fast."
"One of the most valuable features is its ability to integrate with other solutions. IBM has a lot of solutions and we have managed to make it work with IBM BigFix and MaaS360, and even Microsoft."
"When it comes to QRadar, they can do the correlation and not only in networks but also endpoints. This is one of the good features that we have noticed."
"Log correlation is very useful for processing alerts. It serves to follow up alerts in real-time, building an entire workflow."
"It has a logical, user-friendly GUI."
"Senses, tracks, and links significant incidents and threats."
"This is a distributed application, meaning that a customer can stack small and then scale it so that they can expand pretty effectively. You can use, basically, the same product in an SMB or a large enterprise."
"On the back-end, Watson helps me figure out an exact problem, sometimes giving me the result."
 

Cons

"The customer service and support could improve their approach to questioning issues. They tend to ask questions one at a time, which creates a lot of back-and-forth communication."
"The pricing could be improved. It needs to be reduced."
"We have had problems with networking."
"I would like to see more integration in place after the security lock."
"If you have too many events that occur, then the storage capacity becomes a problem. You need to have more storage."
"The initial setup requires that you have somebody with the proper skill set, and it would help if the configuration were easier."
"From a functionality point of view there are issues sometimes."
"I have noticed the interface has room for improvement."
"IBM is going through some problems with its resources currently making its support response time slow."
"It would be good if the program allowed certain profiles to only see certain customer information."
 

Pricing and Cost Advice

"The pricing is per user. The cost is approximately $15/user on a yearly basis. If you need to, you can always upgrade as well."
"The pricing needs to be such that they are more competitive with other vendors."
"Licensing is very expensive, IBM QRadar is a very expensive solution. If you want to minimize costs then IBM QRadar is not for you."
"It could be cheaper, but the value itself is far more important for us than the price. Typically, our clients have yearly subscriptions."
"You have a one-time payment, and you also can purchase it for one year as a subscription. We have it on-premise, and we have a permanent license for it. We have to pay for the support on a yearly basis. If you compare its cost with Sentinel for one year, QRadar would seem more expensive, but if you compare its cost over five or ten years, Azure Sentinel will be more expensive than QRadar. If you compare its cost with Sentinel for one year, QRadar would seem more expensive, but if you compare its cost over five or 10 years, Azure Sentinel can be more expensive than QRadar."
"There are additional costs, such as the cost associated with the different hardware required for implementation and deployment. Along with the add-on apps, these are all additional costs, and they require licensing as well."
"IBM QRadar User Behavior Analytics is an application framework and you can install many applications without any additional costs."
"When it comes to the initial pricing there can be a huge discount from there side and also I think they are open to competing with other products."
"It is very expensive."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
No data available
Educational Organization
23%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What needs improvement with Change Auditor for Windows File Servers?
They've already made improvements! They have a tool called IT Security Search, which lets you perform queries outside of Change Auditor. It's much faster. This is a really good addition and helps u...
What is your primary use case for Change Auditor for Windows File Servers?
I use Change Auditor for Windows File Servers to log history. It's helpful when we have critical changes in Active Directory, like adding or removing items. I use it extensively for monitoring.
What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
The cost depends. The price I negotiated varies by region and relationship with the OEM. Cost is not shared due to another procurement team handling negotiations, but it was reasonable as far as I ...
 

Also Known As

No data available
IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
 

Overview

 

Sample Customers

Dragon Capital, Howard County MD
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Find out what your peers are saying about Change Auditor for Windows File Servers vs. IBM Security QRadar and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.