Try our new research platform with insights from 80,000+ expert users

IBM Security QRadar vs Kaspersky Endpoint Detection and Response Expert comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM Security QRadar
Ranking in Endpoint Detection and Response (EDR)
17th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
208
Ranking in other categories
Log Management (6th), Security Information and Event Management (SIEM) (4th), User Entity Behavior Analytics (UEBA) (1st), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (11th)
Kaspersky Endpoint Detectio...
Ranking in Endpoint Detection and Response (EDR)
19th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
46
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of IBM Security QRadar is 1.2%, up from 1.2% compared to the previous year. The mindshare of Kaspersky Endpoint Detection and Response Expert is 1.4%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.
Rodrigo Censi - PeerSpot reviewer
Patch management and integration capabilities drive effective endpoint response management
We work with Kaspersky and two modalities: the Censi final and Censi license. Most of our clients work in financial areas and industry. Our regular enterprise business relies on these solutions Kaspersky is viable with ADR; the Endpoint Detection response feature and the BitLocker management…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We have worked with other solutions, such as LogRhythm and Splunk. Compared to others, IBM QRadar has the best price-performance ratio so that you are able to reserve minimum costs. It starts settling in fast and gets the first results very quickly. It is also very scalable."
"The interface is good."
"It protect us from multiple authentication values, unauthorized access and antivirus threats."
"QRadar UBA's most valuable feature is the risk rating of users depending on their behavior."
"It is suitable for large companies with critical infrastructure. For our clients, robustness, availability at a high level, and the level of references and experiences connected to the solution are important."
"An engineer can live-monitor all the flow happening in real-time. This would help us a lot while investigating a case, and it would even help us with preventive actions."
"A nice benefit is when we go to the process of selecting our youth cases, they go by building blocks. QRadar links it to building blocks."
"The event collector, flow collector, PCAP and SOAR are valuable."
"The detection engine running on endpoints works very well and provides a good protection level."
"It helps improve security in our organization."
"The solution does a good job of filtering and blocking unusual traffic."
"Kaspersky Endpoint Detection and Response Expert offers centralized monitoring where we can monitor everything from a single point. I also like its security and network traffic features."
"Kaspersky is easy to use, and it performs well."
"This is a feature-rich product."
"We have a central console and from there you can monitor all workstations via an agent."
"We can scale the solution."
 

Cons

"I don't look at only the features and benefits; I also look at the price. It is a bit expensive when compared with other solutions. It is expensive for specific deployment topologies, and the decision-makers go for alternatives like ArcSight. It should also have more AI features or capabilities for better threat intelligence. The more it uses machine learning, the better would be the dashboard, analytics, and other things."
"The released patch quality is poor. IBM should test those patches on their side, not on the client's side."
"We sometimes get an error about the hard drive. Approximately once in two months, we can't find the logs, and they go missing, which is a terrible issue. We are getting support for this issue from our support company."
"QRadar log integration of various applications can be a tough job at times. There may be occasions when you will not find any QRadar guide on adding logs of a particular application. Even if you come across one, adding a log process is not an easy one."
"The solution can be improved by lowering the cost and bettering their technical support."
"The solution lacks some maturity."
"The product needs to improve its GUI."
"The product can be a bit complex."
"I would like better integration with other products."
"Documentation needs to be simplified and improved so that it provides good product awareness for end users."
"The prices can go down a little bit."
"The solution can improve by providing automatic fixing of vulnerabilities and reducing the resources used in the server component and endpoint agent. They are very bulky and use a lot of CPU, memory, and hard drive resources."
"The solution could always be more secure."
"Installing Kaspersky is complex. It requires more work from system admins and takes almost one week to deploy, including integration and mapping with other solutions. You also have to configure Kaspersky EDR sandboxing then set up permissions for various teams and customers."
"There is a problem with the solution, it came from Russia and we are looking for a replacement."
"Kaspersky needs to strengthen its standing in the market."
 

Pricing and Cost Advice

"It would be great if this product were cheaper."
"Pricing is good."
"Licensing can be costly depending on your architecture."
"We pay approximately $40,000 to use the solution annually. This solution is a lot less expensive than Splunk."
"The license is not subscription-based."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate IBM Security QRadar's pricing a five out of ten."
"An X-Force feed is free with QRadar."
"The pricing is good."
"Endpoint's pricing is good, especially compared to expensive solutions like Sophos."
"The solution’s pricing is okay."
"The solution isn't the cheapest considering what you get. I would rate the pricing as seven out of ten."
"If one is cheap, ten is expensive, I rate the product’s price as a seven out of ten, especially if I compare it with CrowdStrike."
"The solution is expensive in comparison to CheckPoint and Fortinet."
"The product has a valuable pricing model. We need to purchase its monthly subscription."
"Pricing for Kaspersky Endpoint Detection and Response is so-so when you compare it with its competitors. Its pricing isn't cheap nor expensive."
"EDR is priced on the cheaper side. Licensing for EDR is available on a yearly basis for around 80 SAR a year."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
848,207 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Educational Organization
23%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
Computer Software Company
16%
Educational Organization
9%
Financial Services Firm
9%
Comms Service Provider
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
The cost depends. The price I negotiated varies by region and relationship with the OEM. Cost is not shared due to another procurement team handling negotiations, but it was reasonable as far as I ...
What do you like most about Kaspersky Endpoint Detection and Response Expert?
The integration with our hypervisor is quite smooth, especially within the Kaspersky Enterprise environment. We have many virtual machines, and the integration is helpful.
What is your experience regarding pricing and costs for Kaspersky Endpoint Detection and Response Expert?
If one is cheap, ten is expensive, I rate the product’s price as a seven out of ten, especially if I compare it with CrowdStrike.
What needs improvement with Kaspersky Endpoint Detection and Response Expert?
The Kaspersky console could be easier to navigate and generate reports from. We've got Stripe in the method of deployment, which makes it easier and requires lower integration from my team. Deploym...
 

Also Known As

IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
Kaspersky EDR
 

Overview

 

Sample Customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Ferrari, Insolar, Tael, Republic of Serbia
Find out what your peers are saying about IBM Security QRadar vs. Kaspersky Endpoint Detection and Response Expert and other solutions. Updated: March 2025.
848,207 professionals have used our research since 2012.