Try our new research platform with insights from 80,000+ expert users

IBM Security QRadar vs Seceon Open Threat Management Platform comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024
 

Categories and Ranking

IBM Security QRadar
Ranking in Security Information and Event Management (SIEM)
4th
Average Rating
8.0
Number of Reviews
204
Ranking in other categories
Log Management (6th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (18th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (10th), Extended Detection and Response (XDR) (14th)
Seceon Open Threat Manageme...
Ranking in Security Information and Event Management (SIEM)
23rd
Average Rating
8.2
Reviews Sentiment
7.8
Number of Reviews
12
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of IBM Security QRadar is 9.5%, up from 9.3% compared to the previous year. The mindshare of Seceon Open Threat Management Platform is 0.6%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Muzzamil Hussain - PeerSpot reviewer
Aug 1, 2024
Is easy to integrate and doesn't require maintenance
One major drawback we are facing is in the area of IBM Security QRadar integration with flat file databases. IBM Security QRadar does not support flat file database integration. We are currently facing an issue with respect to the database, which you normally call a NoSQL database. There is no direct integration mechanism available with IBM Security QRadar. We have to approach IBM and generate a ticket so that they can develop a custom method for the integration. In database integration, we are facing issues with IBM Security QRadar. The solution does not support the integration of flat file databases. Certain organizations have flat file databases. IBM does not support direct integration with some databases. We had to create a plug, and we requested IBM to develop a parser, but it is taking IBM a couple of months to develop it. I think a flat-file database should be supported directly instead of developing a parser plugin. There should be a more refined threat intelligence platform, and cross-integration should be possible with locally available threat intelligence platforms.
Dipesh Jain - PeerSpot reviewer
Apr 12, 2024
Has the ability to categorize alerts and reporting dashboards are useful
I use Seceon Open Threat Management Platform for security monitoring. It helps me track logs and events from various devices and take action on critical issues The algorithm used in Seceon OTM is clear and logical, categorizing events as needed. This helps us identify and respond to threats…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The feature that I find the most useful is that IBM QRadar User Behavior Analytics is free of charge. It's a fully free product that can be installed on top of IBM QRadar SIEM."
"It is the core of our entire SOX."
"The tool's most valuable feature is log source management. It enables us to connect to various log sources, including content, authentications, or other customized integrations. These integrations can be tailored for use with other platforms that don’t already have built-in IBM add-ons."
"It has improved comprehensive visibility for what is going on in the perimeters, and on the inside, as well."
"The most valuable aspect of the solution is the integration capabilities on offer."
"The stability is good."
"IBM QRadar User Behavior Analytics's most important feature is its ease of use."
"I have used IBM QRadar User Behavior Analytics in a Cloud Pak on Amazon, and there it runs on top of it and is easy to assess. Additionally, I have installed processes and characters."
"I like that it's an AI-based platform. The most valuable feature is that it's a comprehensive solution. Most tools in the marketplace are comprised of miscellaneous items. They fail to provide real-time remediation features. However, with Seceon Open Threat Management Platform, anything you can think of in cybersecurity, like auto-remediation, real-time response, and even on-premise components, is available in a single platform. So, it's perfect for finance and healthcare who don't want to share their data with a third party like the cloud. You can have this on-premise as well. So, the expenditure will be lower as less human intervention is required."
"You can use different solutions in a single platform which is very easy and attractive for customers."
"It offers a holistic approach with multiple solutions blended into one platform."
"The solution is stable."
"The most valuable features are behaviour analytics, threat intelligence, endpoint detection, and response features."
"It is effective because it has threat intelligence from across the world and constantly checks and updates for new threats."
"The solution is very cost-effective compared to Splunk and LogRhythm."
"Seceon Open Threat Management Platform notifies only genuine alerts. It offers plenty of options that are suitable for MSPs."
 

Cons

"I would like to see a better GUI."
"Do your research before implementing it, because it is tough to implement."
"IBM Security QRadar lacks automated response. With this feature, there's no need to visit VirusTotal or other sites for IP reputation. There should be a small plug-in where users can click to retrieve details about the reputation and organization of public IP."
"The solution can be improved by lowering the cost and bettering their technical support."
"The user interface is a bit clunky, a bit hard to find what you need."
"There is a lot of manual configuration required in order for the product to run smoothly, and I think that it could be made more automatic."
"I don't give it a 10 because it is something we have to request. I would love it if UBA was included out of the box like Microsoft."
"I'd like them to improve the offense. When QRadar detects something, it creates what it calls offenses. So, it has a rudimentary ticketing system inside of it. This is the same interface that was there when I started using it 12 years ago. It just has not been improved. They do allow integration with IBM Resilient, but IBM Resilient is grotesquely expensive. The most effective integration that IBM offers today is with IBM Resilient, which is an instant response platform. It is a very good platform, but it is very expensive. They really should do something with the offense handling because it is very difficult to scale, and it has limitations. The maximum number of offenses that it can carry is 16K. After 16K, you have to flush your offenses out. So, it is all or nothing. You lose all your offenses up until that point in time, and you don't have any history within the offense list of older events. If you're dealing with multiple customers, this becomes problematic. That's why you need to use another product to do the actual ticketing. If you wanted the ticket existence, you would normally interface with ServiceNow, SolarWinds, or some other product like that."
"The product could be improved by including sandboxing capabilities in the next release."
"For future releases, integrating incident response tools and improving communication on incident reporting could be beneficial."
"It would be better if they offered global coverage."
"The product should improve the triggering rate."
"Certain features, such as DLP, need to be improved as they are superficial and not in-depth."
"The management console could use some enhancements."
"Seceon Open Threat Management Platform sells some add-ons as part of the whole suite but not individually. If they sold them individually, they could potentially attract more business."
"It is a standalone solution now. They need to make it into a cloud-based subscription model. It needs more compatibility for co-managed solutions. It can also have more threats and deeper integration with Microsoft."
 

Pricing and Cost Advice

"The cost of this product is expensive."
"The tool's on-premise version is expensive. However, it is cheaper than Splunk. The hybrid model offers shared instances for customers, which is not expensive. Customers with a limited budget can opt for it. You can get premium support with licenses. However, if you need customized integration, you need to buy it."
"IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much."
"The price of this product is high."
"IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much."
"It is expensive. It is not a product that I can provide for SMBs. It is a program that I can only provide for really large enterprises."
"You have a one-time payment, and you also can purchase it for one year as a subscription. We have it on-premise, and we have a permanent license for it. We have to pay for the support on a yearly basis. If you compare its cost with Sentinel for one year, QRadar would seem more expensive, but if you compare its cost over five or ten years, Azure Sentinel will be more expensive than QRadar. If you compare its cost with Sentinel for one year, QRadar would seem more expensive, but if you compare its cost over five or 10 years, Azure Sentinel can be more expensive than QRadar."
"Only enterprise businesses can afford the tool."
"The solution is cheap and very competitive. It offers good tuning in terms of the pricing. Other solutions like Palo Alto and IBM are more expensive."
"It has a per-asset model instead of an ingestion-based model, which gives predictable pricing. In terms of price, it is in the middle to lower range of SIEMs that it competes against. It is the most affordable solution that we have implemented so far. It was much more affordable than anything else I've implemented."
"The pricing is very competitive. It's not expensive."
"We used the solution's trial version for two months and later purchased it."
"I find Seceon OTM's pricing to be reasonable, not too high or low, just okay for the market standards. I can't disclose specific figures, we pay on a quarterly basis under a service model. I would rate it eight out of ten. As a customer, I always hope for better pricing options."
"The price is quite reasonable."
"Seceon Open Threat Management Platform is cost-effective because it's a comprehensive platform that offers high availability."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
Computer Software Company
28%
Financial Services Firm
14%
Educational Organization
6%
Construction Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about IBM QRadar?
The event collector, flow collector, PCAP and SOAR are valuable.
What do you like most about Seceon Open Threat Management Platform?
The algorithm used in Seceon OTM is clear and logical, categorizing events as needed. This helps us identify and respond to threats effectively.
What is your experience regarding pricing and costs for Seceon Open Threat Management Platform?
The pricing is in the mid-range. It's not very expensive, and it's not very cheap, but it's comparable to others. Sometimes, it's cheaper because of their beta pricing, and they give much more than...
What needs improvement with Seceon Open Threat Management Platform?
One drawback is that it becomes so easy to use that users may lose the habit of manual checks and balances. As a security person, you should always worry about potential threats. If you have a very...
 

Also Known As

IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar, IBM QRadar User Behavior Analytics, IBM QRadar Advisor with Watson
Seceon OTM, Seceon aiSIEM, aiSIEM, Seceon Open Threat Management
 

Learn More

 

Overview

 

Sample Customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Caduceus, SUNY
Find out what your peers are saying about IBM Security QRadar vs. Seceon Open Threat Management Platform and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.