Try our new research platform with insights from 80,000+ expert users

IBM Security QRadar vs Logpoint comparison

IBM and Logpoint are both solutions in the Security Information and Event Management (SIEM) category. IBM is ranked #4 with an average rating of 7.7, while Logpoint is ranked #26 with an average rating of 7.2. IBM holds a 10.2% mindshare in SIEM, compared to Logpoint’s 0.9% mindshare. Additionally, 91% of IBM users are willing to recommend the solution, compared to 89% of Logpoint users who would recommend it.
IBM Security QRadar
Read 204 IBM Security QRadar reviews
  • 15,907 Views
  • 10,366 Comparison Views
91% willing to recommend
Logpoint
Read 21 Logpoint reviews
  • 1,949 Views
  • 899 Comparison Views
89% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

IBM Security QRadar and Logpoint compete in the SIEM solutions category. While IBM Security QRadar offers a broader range of features, Logpoint has an edge in terms of pricing and ease of customization.

Features: IBM Security QRadar is praised for its comprehensive threat detection, deep integration capabilities, and extensive threat intelligence. Logpoint receives positive feedback for its flexibility, ease of customization, and straightforward setup procedures.

Room for Improvement: Users suggest IBM Security QRadar could enhance its reporting capabilities, reduce false positives, and streamline its deployment model. For Logpoint, users point out the need for better scalability, quicker updates, and improved customer service response times.

Ease of Deployment and Customer Service: IBM Security QRadar's deployment model is noted to be complex and time-consuming, but its customer service receives high marks for responsiveness. Logpoint's deployment is relatively easier, with straightforward setup procedures; however, its customer service is considered average.

Pricing and ROI: IBM Security QRadar has higher setup costs but is deemed worth the investment by large organizations due to its robust capabilities. Logpoint offers more competitive pricing and delivers good ROI, especially for smaller to mid-sized businesses.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed IBM Security QRadar vs. Logpoint Report (Updated: November 2024).
Buyer's Guide
IBM Security QRadar vs. Logpoint
November 2024
Download the complete report
Helped 824,053 peers since 2012
 

Categories and Ranking

IBM Security QRadar
Ranking in Log Management
6th
Ranking in Security Information and Event Management (SIEM)
4th
Ranking in User Entity Behavior Analytics (UEBA)
1st
Ranking in Endpoint Detection and Response (EDR)
18th
Ranking in Security Orchestration Automation and Response (SOAR)
4th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
204
Ranking in other categories
Managed Detection and Response (MDR) (10th), Extended Detection and Response (XDR) (14th)
Logpoint
Ranking in Log Management
24th
Ranking in Security Information and Event Management (SIEM)
26th
Ranking in User Entity Behavior Analytics (UEBA)
7th
Ranking in Endpoint Detection and Response (EDR)
32nd
Ranking in Security Orchestration Automation and Response (SOAR)
14th
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
21
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of December 2024, in the Security Information and Event Management (SIEM) category, the mindshare of IBM Security QRadar is 10.2%, up from 10.1% compared to the previous year. The mindshare of Logpoint is 0.9%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Muzzamil Hussain - PeerSpot reviewer
Is easy to integrate and doesn't require maintenance
One major drawback we are facing is in the area of IBM Security QRadar integration with flat file databases. IBM Security QRadar does not support flat file database integration. We are currently facing an issue with respect to the database, which you normally call a NoSQL database. There is no direct integration mechanism available with IBM Security QRadar. We have to approach IBM and generate a ticket so that they can develop a custom method for the integration. In database integration, we are facing issues with IBM Security QRadar. The solution does not support the integration of flat file databases. Certain organizations have flat file databases. IBM does not support direct integration with some databases. We had to create a plug, and we requested IBM to develop a parser, but it is taking IBM a couple of months to develop it. I think a flat-file database should be supported directly instead of developing a parser plugin. There should be a more refined threat intelligence platform, and cross-integration should be possible with locally available threat intelligence platforms.
Read full review
Subhash Sreenivasan - PeerSpot reviewer
Roughly 800 to 1000 integrations available with various security products and applications and offers built-in SOAR capabilities
The documentation part is something that needs to be improved, as well as the threat intelligence investigation part. Logpoint has a kind of site to describe what kinds of threats they are investigating. But that, I think, maybe Logpoint can improve more. The threat investigations and reporting to the end-users can be improved. Logpoint can also come up with IR [incident response] capabilities. Other important SIEM solutions have some IR services. If I am an MSSP working with LogPoint for SIEM/SOAR solutions and I need immediate support, I should be able to get some support. It can be paid support, like SecureWorks, which has those kinds of functionalities. They will immediately get in and start working on helping us identify the threats, isolate them, and give us remedies to take care of and recover from any kind of attacks. Whereas in LogPoint, that functionality is missing. We will be on our own if something happens. We will get other support from them, but there's no paid support before taking ownership and helping us recover from those kinds of attacks. They have a kind of integration for AI, but the incident response capability is what they should improve.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It has a good integration with the artificial intelligence engine of Watson."
"The most valuable feature is the searching capability and real-time operational use."
"What we like about QRadar and the models that IBM has, is it can go from a small-to-medium enterprise to a larger organization, and it gives you the same value."
"The correlation and the parsing are important features, since it is very important for a SIEM to have a good scalability and performance."
"I think it's a very stable product that provides much more visibility than the other product."
"There are more than 120 extensions in QRadar, which are easy to install and configure. These can improve your analysis of events."
"I think the QDI is very good."
"The initial setup is not complex or difficult."
More IBM Security QRadar pros
"The solution offers excellent reporting features. Our customers have been satisfied that they have been able to meet their compliance needs by giving them a standard report."
"They basically charge you in a better way."
"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."
"It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline."
"The main advantage of Logpoint is the support service. They reply within ten minutes to an hour to our queries."
"Technical support is responsive and very friendly."
"The most beneficial was being able to prove, with proper reports, that from a compliance perspective, the company is in control. The service part of LogPoint did modifications or did some additional work to have the proper reports defined."
"It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them."
More Logpoint pros
 

Cons

"The implementation and configuration are not easy."
"There is room for improvement in IBM QRadar in integrating features for SOC maturity and security levels directly into QRadar."
"There should be an extension where we can get the reports. This could be an extension to the dashboard with the Guardian or another product with limited technology, for example IPS. Now, we only have IBM. Basically, it needs more and more integration models."
"I'm not sure about the stability just yet. We've observed a few issues and we raised a supporting ticket for it."
"The quality of technical support depends on the IBM support person. Sometimes, it's hard to get the right person on the other side. A ticket coordinator could be the key to better quality delivery."
"Technical support really needs to be improved. Right now, they aren't where they need to be at all."
"They need to improve their threat intelligence feed and they need to improve their user behavior analytics modules."
"Search capability and indexing still lag behind competitors. We also need to see improved rule based access controls and rule/event tuning."
More IBM Security QRadar cons
"Nowadays the trend is going towards the ransomware and the endpoint detection and response. So if they added something for that, that will be very, very good."
"The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness."
"We were missing visuals and graphics. Recently, a new version seems to have come out, and it has a new graphical user interface. When I was integrating it, it was usable, but the GUI needed improvement."
"It is complicated to collect daily logs from other systems."
"The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."
"The solution should offer more integrations and third-party solutions like incident response platforms or allow access to third-party big data"
"In terms of functionality, it is very good. The only issue is the documentation. Its documentation should be improved."
"It is a good product, but its interface or GUI could be better."
More Logpoint cons
 

Pricing and Cost Advice

"The pricing needs to be such that they are more competitive with other vendors."
"The solution's pricing is based on the EPS model."
"When it comes to the initial pricing there can be a huge discount from there side and also I think they are open to competing with other products."
"The price could be better. I bought a subscription for three years."
"The solution is priced fairly, there is a license for the solution, and we pay annually."
"Most of the time, it is easier and cheaper to buy a new product or the QRadar box."
"QRadar's price is reasonable compared to LogRhythm."
"IBM Security QRadar is a very expensive tool."
More IBM Security QRadar pricing and cost advice
"Logpoint's pricing is mid-ranged and depends on the number of devices."
"Our licensing fees are about $10,000 USD per month, which I think is fair."
"It has a fixed price, which is what I like about LogPoint. I bought the system and paid for it, and I pay maintenance. It is not a consumption model. Most SIEMs or most of the log management systems are consumption-based, which means that you pay for how many logs you have in the system. That's a real problem because logs can grow very quickly in different circumstances, and when you have a variable price model, you never know what you're going to pay. Splunk is notoriously expensive for that reason. If you use Splunk or QRadar, it becomes expensive because there are not just the logs; you also have to parse the logs and create indexes. Those indexes can be very expensive in terms of space. Therefore, if they charge you by this space, you can end up paying a significant amount of money. It can be more than what you expect to pay. I like the fact that LogPoint has a fixed cost. I know what I'm going to pay on a yearly basis. I pay that, and I pay the maintenance, and I just make it work."
"It was on a yearly basis at about $100K. It was not a huge environment. We were running it on our own virtual server environment, which, of course, had a cost. There was hardware and some energy cost, and then there were Microsoft Windows licenses for servers. That's all, but there was nothing in comparison to the licensing costs."
"LogPoint seemed like it was a good product, but it was expensive and there wasn't any room to move the pricing when customers needed a lower-costing solution."
"It's less expensive than the competitors. The Logpoint marketing team is very accommodating and client-friendly. They offer very good reductions in price. They are pretty good in this aspect. They are transparent in their licensing and pricing."
"For a hundred user deployment the cost is about $10,000. The next year it would be the same because it's a subscription-based license. There are separate costs as well, for example, if a customer asks for training for their staff."
"On a scale of one to ten, where one is cheap, and ten is expensive, I would rate LogPoint's pricing a seven. It is not very expensive compared to some of the more costly products, and it is not very cheap compared to some of the cheaper products in the SIEM market."
More Logpoint pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
824,053 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
Read full review
 

Top Industries

By visitors reading reviews
Educational Organization
23%
Computer Software Company
15%
Financial Services Firm
10%
Manufacturing Company
6%
Educational Organization
67%
Computer Software Company
8%
Comms Service Provider
4%
Manufacturing Company
3%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
See all answers
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
See all answers
What do you like most about IBM QRadar?
The event collector, flow collector, PCAP and SOAR are valuable.
See all answers
What do you like most about LogPoint?
The solution is user-friendly.
See all answers
What is your experience regarding pricing and costs for LogPoint?
On a scale of one to ten, where one is cheap, and ten is expensive, I would rate LogPoint's pricing a seven. It is not very expensive compared to some of the more costly products, and it is not ver...
See all answers
What needs improvement with LogPoint?
The documentation part is something that needs to be improved, as well as the threat intelligence investigation part. Logpoint has a kind of site to describe what kinds of threats they are investig...
See all answers
 

Comparisons

Splunk Enterprise Security vs IBM Security QRadar Logo
Splunk Enterprise Security vs IBM Security QRadar
Compared 15% of the time
Microsoft Sentinel vs IBM Security QRadar Logo
Microsoft Sentinel vs IBM Security QRadar
Compared 12% of the time
Sentinel vs IBM Security QRadar Logo
Sentinel vs IBM Security QRadar
Compared 6% of the time
Wazuh vs IBM Security QRadar Logo
Wazuh vs IBM Security QRadar
Compared 6% of the time
Elastic Security vs IBM Security QRadar Logo
Elastic Security vs IBM Security QRadar
Compared 6% of the time
More IBM Security QRadar Competitors
Wazuh vs Logpoint Logo
Wazuh vs Logpoint
Compared 22% of the time
Elastic Security vs Logpoint Logo
Elastic Security vs Logpoint
Compared 18% of the time
Microsoft Sentinel vs Logpoint Logo
Microsoft Sentinel vs Logpoint
Compared 9% of the time
Rapid7 InsightIDR vs Logpoint Logo
Rapid7 InsightIDR vs Logpoint
Compared 8% of the time
LogRhythm SIEM vs Logpoint Logo
LogRhythm SIEM vs Logpoint
Compared 7% of the time
More Logpoint Competitors
 

Product Reports

Buyer's Guide
IBM Security QRadar
December 2024
IBM Security QRadar reportDownload IBM Security QRadar product report
Buyer's Guide
Logpoint
December 2024
Logpoint reportDownload Logpoint product report
 

Also Known As

IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar, IBM QRadar User Behavior Analytics, IBM QRadar Advisor with Watson
No data available
 

Learn More

IBM
Logpoint
 

Overview

IBM Security QRadar (recently acquired by Palo Alto Networks) is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.

IBM Security QRadar is built to address a wide range of security issues and can be easily scaled with minimal customization effort required. As data is ingested, QRadar administers automated, real-time security intelligence to swiftly and precisely discover and prioritize threats. The platform will issue alerts with actionable, rich context into developing threats. Security teams and analysts can then rapidly respond to minimize the attackers' strike. The solution will provide a complete view of activity in both cloud-based and on-premise environments as a large amount of data is ingested throughout the enterprise. Additionally, QRadar’s anomaly detection intelligence enables security teams to identify any user behavior changes that could be indicators of potential threats. 

IBM QRadar Log Manager

To better help organizations protect themselves against potential security threats, attacks, and breaches, IBM QRadar Log Manager gathers, analyzes, preserves, and reports on security log events using QRadar Sense Analytics. All operating systems and applications, servers, devices, and applications are converted into searchable and actionable intelligent data. QRadar Log Manager then helps organizations meet compliance reporting and monitoring requirements, which can be further upgraded to QRadar SIEM for a more superior level of threat protection.

Some of QRadar Log Manager’s key features include:

  • Data processing and capture on any security event
  • Disaster recovery options and high availability 
  • Scalability for large enterprises
  • SoftLayer cloud installation capability
  • Advanced threat protection

Reviews from Real Users

IBM Security QRadar is a solution of choice among users because it provides a complete solution for security teams by integrating network analysis, log management, user behavior analytics, threat intelligence, and AI-powered investigations into a single solution. Users particularly like having a single window into their network and its ability to be used for larger enterprises.

Simon T., a cyber security services operations manager at an aerospace/defense firm, notes, "The most valuable thing about QRadar is that you have a single window into your network, SIEM, network flows, and risk management of your assets. If you use Splunk, for instance, then you still need a full packet capture solution, whereas the full packet capture solution is integrated within QRadar. Its application ecosystem makes it very powerful in terms of doing analysis."

A management executive at a security firm says, "What we like about QRadar and the models that IBM has, is it can go from a small-to-medium enterprise to a larger organization, and it gives you the same value."

Logpoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs. 

Benefits of Logpoint

Some of the benefits of using Logpoint include:

  • Unifies data logs: Logpoint creates a single system of classification for collected data. It makes it easy for users to search for and find data, which aids users when they are creating reports or alerts. Users can conserve resources while at the same time seeing a rise in the efficiency of their business operations.
  • Intuitive solution design: Logpoint is designed so that anyone can utilize all of its features, even if they are not an expert in network security. Logpoint’s UI is simple enough that users can utilize it without undergoing extensive training. 
  • Highly flexible: Logpoint is designed so that users can scale it linearly to accommodate projects that are large and complex. This allows users to expand the scope of their projects according to their needs without worrying that their infrastructure won’t be able to handle the increase in size. The solution’s security features can be deployed both on the cloud and in a physical environment. 
  • Simple role-based access security: Logpoint allows administrators to employ Microsoft’s active directory (AD) and a Lightweight Directory Access Protocol to manage user access. These can help administrators protect their systems from being abused or otherwise harmed by bad actors. 

Reviews from Real Users

Logpoint is a security and management solution that stands out among its competitors for a number of reasons. Two major ones are its data gathering and artificial intelligence (AI) capabilities. Logpoint enables users to not only gather the data, but also to maximize both the amount of data that can be gathered and its usefulness. It removes many of the challenges that users may face in data collection. The solution allows users to set rules for collection and then it pulls information from sources that meet the rules that have been set. This data is then broken into manageable segments and ordered. Users can then analyze these ordered segments with ease. Additionally, LogPoint utilizes both machine learning and AI technology. Users gain the ability to protect themselves from and if necessary resolve emerging threats as soon as they arise. The AI sets security parameters for a user’s system. These act as a baseline that are triggered and notify the user if anything deviates from the rules that it set up. 

The chief infrastructure & security officer at a financial services firm writes, “It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. Logpoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parsed because all logs are not the same, but with Logpoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them.”

A. Secca., a Cyber Security Analyst at a transportation company, writes, “It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all of the user’s activities. It devises a baseline and monitors if there is any deviation from the baseline.”

 

Sample Customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
AP Pension, Copenhagen Airports, KMD, Terma, DISA, Danish Crown, Durham City Council, Game, TopDanmark, Lahti Energia, Energi Midt, Synoptik, Eissmann Group Automotive, Aligro, CG50...
Buyer's Guide
IBM Security QRadar vs. Logpoint
November 2024
Free Report: IBM Security QRadar vs. Logpoint
Find out what your peers are saying about IBM Security QRadar vs. Logpoint and other solutions. Updated: November 2024.
DOWNLOAD NOW
824,053 professionals have used our research since 2012.
See our IBM Security QRadar vs. Logpoint report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.