Try our new research platform with insights from 80,000+ expert users

IBM Resilient vs IBM Security QRadar comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM Resilient
Ranking in Security Orchestration Automation and Response (SOAR)
13th
Average Rating
7.4
Reviews Sentiment
6.6
Number of Reviews
18
Ranking in other categories
Security Incident Response (3rd)
IBM Security QRadar
Ranking in Security Orchestration Automation and Response (SOAR)
4th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
208
Ranking in other categories
Log Management (6th), Security Information and Event Management (SIEM) (4th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (17th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (11th)
 

Mindshare comparison

As of April 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of IBM Resilient is 2.1%, down from 2.7% compared to the previous year. The mindshare of IBM Security QRadar is 8.1%, down from 9.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Usman Bhatti - PeerSpot reviewer
Simple deployment, scalable, but lacking third-party solution compatibility
Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution. It's worth noting that many third-party add-on applications needed to be purchased separately to integrate with IBM Resilient. While there were built-in applications available for incident remediation, the selection was limited. Additionally, integrating third-party applications was often a difficult and time-consuming process due to the technical complexity involved.
Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The integration with IBM SIM and the ability to block users during brute force attacks are particularly effective."
"It's really simple and has a flexible interface."
"The product is very good at incident response."
"Its flexibility is the most valuable."
"The UBA, User Behavior Analytics, is very good."
"The solution is reliable in our usage."
"As a whole, the product is stable...Technical support is very good."
"The solution is simple to use and to integrate with IBM QRadar."
"Stability-wise, I rate the solution a ten out of ten."
"We've found the solution to be scalable."
"IBM QRadar User Behavior Analytics's most important feature is its ease of use."
"I think this is a good product for enterprises because of the performance and out-of-the-box rules and use cases. If they want to reach the maturity level early, they can use these out-of-the-box rules and use cases. That will help them a lot."
"The product has plenty of features and capabilities."
"It is a scalable solution."
"An engineer can live-monitor all the flow happening in real-time. This would help us a lot while investigating a case, and it would even help us with preventive actions."
"The scalability is awesome, because QRadar includes other solutions in the same console."
 

Cons

"Its price needs improvement."
"The ability to analyze incidents needs to be improved in the solution."
"The tool needs to improve its documentation on license scripts."
"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"The initial setup is complex."
"IBM Resilient could integrate better with my tools."
"The integration could be improved so that it is easy to integrate with other solutions."
"The product needs to improve its GUI."
"Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules."
"The initial setup requires that you have somebody with the proper skill set, and it would help if the configuration were easier."
"Solution has too many menus that require going to two or three sub-monitors to enter the QRadar."
"The user interface is a bit difficult to get used to."
"The whole process for support is something that needs to be improved."
"There should be an extension where we can get the reports. This could be an extension to the dashboard with the Guardian or another product with limited technology, for example IPS. Now, we only have IBM. Basically, it needs more and more integration models."
"In terms of what could be improved, I would say the script which we have to create for custom actions. QRadar needs to improve that feature. Additionally, QRadar has to provide the playbooks designing features."
 

Pricing and Cost Advice

"I feel it is an expensive product when my company pays annually for renewal, support, and follow-up."
"The licensing cost for IBM Resilient is not too expensive, but it's not affordable, so it's moderately expensive. Regarding price, I'm rating the solution seven out of ten. The company pays for the license yearly, based on the number of users. Apart from the cost of the license you need to pay for each user, you also need to spend an initial investment for the base platform. You also have to pay for IBM Resilient support."
"It is very expensive."
"I would rate the tool’s pricing a three out of ten. The tool’s pricing is on a yearly basis."
"There are no costs except for the support services that our company pays in addition to the licensing charges attached to the solution."
"We could create unlimited users using the license we had purchased."
"Pricing for the solution is good, in my opinion."
"The cost of the product is quite high."
"QRadar UBA's price is a little more than street price and could be reduced."
"You have a one-time payment, and you also can purchase it for one year as a subscription. We have it on-premise, and we have a permanent license for it. We have to pay for the support on a yearly basis. If you compare its cost with Sentinel for one year, QRadar would seem more expensive, but if you compare its cost over five or ten years, Azure Sentinel will be more expensive than QRadar. If you compare its cost with Sentinel for one year, QRadar would seem more expensive, but if you compare its cost over five or 10 years, Azure Sentinel can be more expensive than QRadar."
"There are different types of subscriptions available. We were on an annual subscription, but our customers typically choose the two years subscription option."
"The licensing is also overly complex, as there is a need to buy the work load performance monitoring separately."
"I think my company pays for the license yearly."
"The tool's on-premise version is expensive. However, it is cheaper than Splunk. The hybrid model offers shared instances for customers, which is not expensive. Customers with a limited budget can opt for it. You can get premium support with licenses. However, if you need customized integration, you need to buy it."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate IBM Security QRadar's pricing a five out of ten."
"Pricing (based on EPS) will be more accurate."
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
849,210 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Financial Services Firm
33%
Computer Software Company
11%
Manufacturing Company
9%
Government
6%
Educational Organization
24%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about IBM Resilient?
It is a stable solution...It is a scalable solution.
What is your experience regarding pricing and costs for IBM Resilient?
I am not the one in charge of pricing, so I am not sure about the costs.
What needs improvement with IBM Resilient?
Integration with some devices, including Cisco PowerPower and certain antivirus products, has limitations.
What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
 

Also Known As

No data available
IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
 

Overview

 

Sample Customers

Golden Living, Health Equity, USA Funds
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Find out what your peers are saying about IBM Resilient vs. IBM Security QRadar and other solutions. Updated: April 2025.
849,210 professionals have used our research since 2012.