Try our new research platform with insights from 80,000+ expert users

IBM Security QRadar vs Securonix UEBA comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM Security QRadar
Ranking in User Entity Behavior Analytics (UEBA)
1st
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
207
Ranking in other categories
Log Management (6th), Security Information and Event Management (SIEM) (4th), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (11th)
Securonix UEBA
Ranking in User Entity Behavior Analytics (UEBA)
15th
Average Rating
10.0
Reviews Sentiment
7.0
Number of Reviews
4
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the User Entity Behavior Analytics (UEBA) category, the mindshare of IBM Security QRadar is 11.9%, down from 17.3% compared to the previous year. The mindshare of Securonix UEBA is 2.3%, down from 4.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
User Entity Behavior Analytics (UEBA)
 

Q&A Highlights

DC
Feb 18, 2020
 

Featured Reviews

Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.
YT
User threat notification and behavior analysis have been enhanced through effective AI-based monitoring
My primary use case for Securonix UEBA is user threat notification and user behavior analysis The most valuable features of Securonix UEBA include insider threat monitoring, which provides complete visibility of user activities, and next-gen AI-based behavior analytics. The customizable…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The feature that I find the most useful is that IBM QRadar User Behavior Analytics is free of charge. It's a fully free product that can be installed on top of IBM QRadar SIEM."
"It is very stable. We have not faced interruptions in the past four and a half years."
"I am generally satisfied with the product."
"The tool's most valuable feature is log source management. It enables us to connect to various log sources, including content, authentications, or other customized integrations. These integrations can be tailored for use with other platforms that don’t already have built-in IBM add-ons."
"This solution has allowed us to correlate logs from multiple sources."
"My overall rating for this solution is nine out of ten."
"There are more than 120 extensions in QRadar, which are easy to install and configure. These can improve your analysis of events."
"The best part of this solution is having a third-party SOC."
"One of the most valuable features is UEBA. It's pretty helpful for us to make sure of our thresholds for any of our clients."
"Their user and entity behavior analysis algorithms are the most valuable features."
"The most valuable features of Securonix UEBA include insider threat monitoring, which provides complete visibility of user activities, and next-gen AI-based behavior analytics."
"The most valuable features of Securonix UEBA include insider threat monitoring, which provides complete visibility of user activities, and next-gen AI-based behavior analytics."
"The feature dashboard is very well organized and intuitive to use. It organizes information on a timeline which is exactly what we need for insider threat future-analysis."
 

Cons

"The user interface is a bit clunky, a bit hard to find what you need."
"I'd like them to improve the offense. When QRadar detects something, it creates what it calls offenses. So, it has a rudimentary ticketing system inside of it. This is the same interface that was there when I started using it 12 years ago. It just has not been improved. They do allow integration with IBM Resilient, but IBM Resilient is grotesquely expensive. The most effective integration that IBM offers today is with IBM Resilient, which is an instant response platform. It is a very good platform, but it is very expensive. They really should do something with the offense handling because it is very difficult to scale, and it has limitations. The maximum number of offenses that it can carry is 16K. After 16K, you have to flush your offenses out. So, it is all or nothing. You lose all your offenses up until that point in time, and you don't have any history within the offense list of older events. If you're dealing with multiple customers, this becomes problematic. That's why you need to use another product to do the actual ticketing. If you wanted the ticket existence, you would normally interface with ServiceNow, SolarWinds, or some other product like that."
"The threat detection needs improvement, they have many false positives."
"I would like the rule creation interface to be much more user-friendly in the next release."
"The playbook guide which specifies the rules for security use cases needs to be provided to support in case the organization needs help."
"There is a lot of manual configuration required in order for the product to run smoothly, and I think that it could be made more automatic."
"The advanced planning management (APM) features should be included."
"The solution is not as flexible as Splunk."
"When compared to others, if you look at the integration aspect, I believe that some aspects of integration can be enhanced."
"There is room for improvement in the algorithms. Although I said that we have a very solid starting point - our existing library is already very comprehensive - we constantly find areas where we need to develop new algorithms. That is common across platforms. Any vendor with a solid starting point would still need to continue to evolve."
"The support system is not very good as of now."
"The integration with other tools, like EDRs and other technology tools, can be improved."
"The area that needs improvement is reporting."
 

Pricing and Cost Advice

"This price is a little high, so it's an expensive product."
"It is costlier as compared to the other alternatives available in the market."
"The solution has a licensing model that is based on events per second so it scales to need and budget."
"When it comes to the initial pricing there can be a huge discount from there side and also I think they are open to competing with other products."
"The solution is costly and the price differs depending on the vendor you use."
"It's too expensive. The licensing is also a little bit difficult to understand because you have to license it per event and per number of flows."
"There are different types of subscriptions available. We were on an annual subscription, but our customers typically choose the two years subscription option."
"IBM QRadar is a little bit expensive compared to other products."
"When compared to other solutions, it is less expensive."
"Their pricing is pretty comfortable. They will work with you on the cost."
"The cost is approximately $50 per user per year."
report
Use our free recommendation engine to learn which User Entity Behavior Analytics (UEBA) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Answers from the Community

DC
Feb 18, 2020
Feb 18, 2020
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information ingested) but with a firm on 10k+ I wouldn't be so sure that this means a better price. The total cost of ownership would be more linear though. On the other hand QRadar is by far a better SIEM solution...
See 2 answers
it_user900120 - PeerSpot reviewer
Feb 17, 2020
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information ingested) but with a firm on 10k+ I wouldn't be so sure that this means a better price. The total cost of ownership would be more linear though. On the other hand QRadar is by far a better SIEM solution and if your use-cases lean towards that, then I would suggest looking towards Qradar. Qradar does have a steeper learning curve but that's purely because of the richer feature set, it just takes more time to take it all in.
Chetankumar Savalagimath - PeerSpot reviewer
Feb 18, 2020
All three security solutions are defined and different smartness they hold it all depends on how is your requirement. Securonix UEBA is a Hadoop bases UEBA technology tool the tools understand the infrastructure and users and then work accordingly. (Wide Customer industry support) (Average cost) IBM QRadar is a SIEM with all in the composite tool can bring in UEBA and other security solution. (Wide Customer industry support) (Average cost) Exabeam is a mathematical bases security solutioning tool, it learns infra and then provides a solution, it's a bit noisy in some instances. (Medium Customer industry support) (Costly) If you tell us what exactly you require or how id your infra set up, then it would good to suggest a tool.
 

Top Industries

By visitors reading reviews
Educational Organization
23%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
Computer Software Company
18%
Financial Services Firm
12%
Insurance Company
10%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
The cost depends. The price I negotiated varies by region and relationship with the OEM. Cost is not shared due to another procurement team handling negotiations, but it was reasonable as far as I ...
What needs improvement with Securonix UEBA?
The integration with other tools, like EDRs and other technology tools, can be improved.
What is your primary use case for Securonix UEBA?
My primary use case for Securonix UEBA is user threat notification and user behavior analysis.
What advice do you have for others considering Securonix UEBA?
I recommend using Securonix UEBA as it reduces the time for deployment and offers a customizable UEBA analytics dashboard covering most use cases. Overall, I would rate Securonix UEBA eight out of ...
 

Also Known As

IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
Securonix User and Entity Behavior Analytics
 

Overview

 

Sample Customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Pfizer, McKesson, BNY Mellon, New York Life
Find out what your peers are saying about IBM Security QRadar vs. Securonix UEBA and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.