Try our new research platform with insights from 80,000+ expert users

Cisco XDR vs IBM Security QRadar comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco XDR
Ranking in Extended Detection and Response (XDR)
30th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
2
Ranking in other categories
No ranking in other categories
IBM Security QRadar
Ranking in Extended Detection and Response (XDR)
12th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
207
Ranking in other categories
Log Management (6th), Security Information and Event Management (SIEM) (4th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (10th)
 

Mindshare comparison

As of March 2025, in the Extended Detection and Response (XDR) category, the mindshare of Cisco XDR is 1.3%, up from 0.0% compared to the previous year. The mindshare of IBM Security QRadar is 2.9%, up from 2.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Aruna Udawatte - PeerSpot reviewer
Network visibility improves with centralized maintenance and responsive support
The single point of maintenance and dashboards are the strong points of Cisco XDR ( /categories/extended-detection-and-response-xdr ). The visibility of the network is the main valuable feature. Customers frequently request features that offer better system visibility. The solution also offers automated response capability, which I would rate around eight out of ten.
Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cisco XDR offers threat intelligence and links with the Firewall."
"Technical support from Cisco is good and very helpful."
"Cisco XDR offers threat intelligence and links with the Firewall."
"This solution has excellent security analytics."
"IBM Qradar's ability to simplify the number of events, not only on a technical level but by making that information easy to pan through the orchestration deduplication. It is very impressive given that we have hundreds of devices that send event logs through."
"It is a bit easier to use than other products, such as Splunk or ELK Elasticsearch."
"I think the QDI is very good."
"The support is very good. We get support whenever we need it. Sometimes they respond immediately and sometimes it will be within 24 hours. We can ask them to please do it right away and they can get a request done within an hour or two."
"The feature that I have found most valuable is how it monitors the real network. That is its leading security feature."
"The most valuable feature is the searching capability and real-time operational use."
"It's a state-of-the-art product for security information and event management (SIEM)."
 

Cons

"They need to provide better pricing and bundle XDR licenses with products like Meraki solutions or Firepower Threat Defense."
"One area that needs improvement is the limited visibility due to the licensing structure. For more visibility, customers need the advantage or premier licensing, which involves additional costs."
"They need to provide better pricing and bundle XDR licenses with products like Meraki solutions or Firepower Threat Defense."
"They need to improve their threat intelligence feed and they need to improve their user behavior analytics modules."
"The solution should include remote action capabilities."
"There are a lot of things they are working on and a lot of technologies that are not yet there. They should probably work out a better reserve with their ecosystem of business partners and create wider and more in-depth qualities, third-party tools, and add-ons. These things really give immediate business value. For instance, there are many limitations in using SAP, EBS, or Micro-Dynamics. A lot of things that are happening in those platforms could also be monitored and allowed from the cybersecurity risks perspective. IBM might be leaving this gap or empty space for business partners. Some larger organizations might already be doing this. It would be very nice if IBM can make some artificial intelligence part free of charge for all current QRadar users. This would be a big advantage as compared to other competitors. There are companies that are going in different directions. Of course, you can't do everything inside QRadar. In general, it might be very good for all players to provide more use cases, especially regarding data protection and leakage prevention. There are some who are already doing some kind of file integrity or gathering some more information from all possible technologies for building anything related to the user and data analysis, content analysis, and management regarding the data protection."
"QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month."
"Right now, if you look at the compatibility, if you need to deploy QRadar in a physical appliance you have only two choices of server, their own or a Lenovo server. In today's world, you cannot keep something tied to such a big brand. Clients want to be able to use whatever type of server they want."
"IBM QRadar Advisor with Watson could be more user-friendly. You need some skills and understanding of what you're looking at, especially if you're going to draw down specific information."
"They have to build more quantitative monitoring, profiling, and make it more predictive."
"Some of the cloud apps need improvement."
 

Pricing and Cost Advice

Information not available
"Pricing is good."
"The product is expensive. We have purchased the perpetual license, but we pay for the support."
"There is a license to use this solution, which is paid annually. However, there are subscription options available."
"The solution is priced fairly, there is a license for the solution, and we pay annually."
"Customers have to purchase a license based on the number of users, devices, and applications they want to protect. It allows you to take a license on a subscription basis for three years or five years."
"Licensing is very expensive, IBM QRadar is a very expensive solution. If you want to minimize costs then IBM QRadar is not for you."
"It would be great if this product were cheaper."
"IBM Security QRadar is a very expensive tool."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
842,690 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Government
10%
Comms Service Provider
8%
University
6%
Educational Organization
23%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Cisco XDR?
Costs vary depending on dollar fluctuations. Cisco requires conversion to dollars, which affects the cost compared to local competitors who bill in local currency. Overall, the price is a bit expen...
What needs improvement with Cisco XDR?
One area that needs improvement is the limited visibility due to the licensing structure. For more visibility, customers need the advantage or premier licensing, which involves additional costs. Co...
What is your primary use case for Cisco XDR?
We are integrators, and we also resell Cisco XDR ( /products/cisco-xdr-reviews ). Global customers are the primary users of Cisco XDR ( /products/cisco-xdr-reviews ), while local customers often do...
What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
The cost depends. The price I negotiated varies by region and relationship with the OEM. Cost is not shared due to another procurement team handling negotiations, but it was reasonable as far as I ...
 

Also Known As

No data available
IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Information Not Available
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Find out what your peers are saying about Cisco XDR vs. IBM Security QRadar and other solutions. Updated: March 2025.
842,690 professionals have used our research since 2012.