We performed a comparison between IBM Security QRadar and Secureworks Taegis ManagedXDR based on real PeerSpot user reviews.
Find out in this report how the two Managed Detection and Response (MDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Binary Defense has a human service department that provides live monitoring for our systems."
"The customization has been the most valuable aspect and was really the reason we ended up selecting Binary Defense. They worked with us to provide exactly the level of support, features, response, and collaboration we needed."
"Binary Defense's most valuable feature is the 24/7 monitoring and threat hunting. Their team checks the latest breaches and how they're done."
"The best part about Binary Defense MDR is that it runs on everything, and they keep an eye on things 24/7."
"The case interface is Binary Defense MDR's most valuable feature."
"The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."
"The most valuable feature is reviewing tickets and the notes added by technicians."
"With Binary Defense, we don't just get an alert, but also a detailed rundown of why they're alerting us on it. They tell us what was executed, or the username, script, or IP. That way, we're not wasting time investigating."
"QRadar shows very effective correlations. If you combine all the logins plus user behavior and the current intelligence, it gives a very good correlation for business. I think it reduces the false positives in user activity monitoring because there is a lot of social information to correlate with other data."
"The most valuable feature is user behavior analytics (UBA)."
"The rule engine is very easy to use — very flexible."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"This is a distributed application, meaning that a customer can stack small and then scale it so that they can expand pretty effectively. You can use, basically, the same product in an SMB or a large enterprise."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"It is a scalable solution."
"The visibility it gives you into your infrastructure has been great."
"There are some patent pending detectors within the platform that provides a lot of value."
"It provides more visibility and more control over endpoints. It reduces the noise. It clears things and only shows things that are really important. It only shows those things that need to be looked at or need to be investigated further. Other similar solutions give you a lot of alerts and other things, but Secureworks gives you a defined or less noisy view so that you can work or focus on things that are important in terms of investigation, response, and remediation."
"The most valuable feature is the fast alerting and response time."
"The initial setup was very straight forward."
"The pricing is flexible."
"We can easily isolate affected machines in the network."
"The solution definitely made us way more aware of the possibilities out there."
"This solution gathers the information logs from all devices and correlates all the information. It notifies us of any critical events taking place across our networks which has been valuable."
"The current reporting system could benefit from improvement."
"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."
"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."
"We should be able to isolate devices faster. They should shorten the time between clicking on a device to contain it and carrying out the action. That would be a welcome improvement."
"I would like to see more frequent check-ins with our security status."
"We found a couple of bugs in the user interface."
"I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine."
"Binary Defense MDR could be even better with additional features, like automatic scans and file quarantine."
"They have to build more quantitative monitoring, profiling, and make it more predictive."
"QRadar's performance has room for improvement because it cannot handle the volume. I need massive amounts of logs from various devices in our existing network architecture. IBM needs to improve QRadar's capacity to handle more logs."
"I have noticed the interface has room for improvement."
"Right now, if you look at the compatibility, if you need to deploy QRadar in a physical appliance you have only two choices of server, their own or a Lenovo server. In today's world, you cannot keep something tied to such a big brand. Clients want to be able to use whatever type of server they want."
"There should be more opportunity for community kind of distribution where, for example, if there was a zero-day threat targeting companies."
"The solution is expensive compared to other products."
"While the interface is easy to use, it could be a little more responsive."
"Search capability and indexing still lag behind competitors. We also need to see improved rule based access controls and rule/event tuning."
"Dell Secureworks is for higher-end customers and it's not quite as straightforward to implement or to get up and running as some of the other solutions."
"Tamper-proofing or tamper protection is still pending in Secureworks. Tamper protection will make it more secure. If I'm an admin of a device, I can uninstall an agent without the knowledge of the security or Secureworks admin. If someone gets hold of one endpoint with admin credentials, he can remove anything, and an organization will lose visibility. They need to work on providing more visibility across endpoints. A couple of times it has happened that the cloak agent is there, but it did not get activated, or there were some issues. The machine was restarted, but the cloak agent didn't run. In such cases, you have to troubleshoot. It is a big issue if a cyber attack is happening, and your machine is rebooted, but the events are not captured."
"It would be nice if the solution were a little more affordable."
"The integration would look better with other products, with other EDRs, with other firewalls, with other older versions of firewalls, and the versions of software and hardware."
"Secureworks Taegis ManagedXDR's query language and stability need improvement."
"Dell Secureworks could improve its integration with other third-party solutions."
"The integration with the Carbon Black sensor could be better. ManagedXDR doesn't seem to know how to extract the forensic data from an endpoint that was quarantined by Carbon Black."
"We did a PoC of their next-gen antivirus product, but it wasn't ready yet. It was underdeveloped and caused a lot of issues. We'd like to move away from Carbon Black, but they said that it's probably still not to a point where we'd be happy with it. Carbon Black and RedCloak seem to work fine for us."
More Secureworks Taegis ManagedXDR Pricing and Cost Advice →
IBM Security QRadar is ranked 10th in Managed Detection and Response (MDR) with 198 reviews while Secureworks Taegis ManagedXDR is ranked 8th in Managed Detection and Response (MDR) with 13 reviews. IBM Security QRadar is rated 8.0, while Secureworks Taegis ManagedXDR is rated 7.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Secureworks Taegis ManagedXDR writes "Offers proactive threat hunting and actively examines our environment". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Secureworks Taegis ManagedXDR is most compared with CrowdStrike Falcon Complete, SentinelOne Vigilance, Rapid7 MDR, Arctic Wolf Managed Detection and Response and EY MDR. See our IBM Security QRadar vs. Secureworks Taegis ManagedXDR report.
See our list of best Managed Detection and Response (MDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.