Try our new research platform with insights from 80,000+ expert users

IBM Security QRadar vs Securonix UEBA comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM Security QRadar
Ranking in User Entity Behavior Analytics (UEBA)
1st
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
208
Ranking in other categories
Log Management (6th), Security Information and Event Management (SIEM) (4th), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (11th)
Securonix UEBA
Ranking in User Entity Behavior Analytics (UEBA)
15th
Average Rating
10.0
Reviews Sentiment
7.0
Number of Reviews
4
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the User Entity Behavior Analytics (UEBA) category, the mindshare of IBM Security QRadar is 11.9%, down from 17.3% compared to the previous year. The mindshare of Securonix UEBA is 2.3%, down from 4.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
User Entity Behavior Analytics (UEBA)
 

Q&A Highlights

DC
Feb 18, 2020
 

Featured Reviews

Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.
YT
User threat notification and behavior analysis have been enhanced through effective AI-based monitoring
My primary use case for Securonix UEBA is user threat notification and user behavior analysis The most valuable features of Securonix UEBA include insider threat monitoring, which provides complete visibility of user activities, and next-gen AI-based behavior analytics. The customizable…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I really like the feature we have with the logs, that if there are any credit card numbers being used, like a PII, you can just use rejects and you can mask it. This is a really good feature in QRadar."
"Providing real-time visibility for threat detection and prioritization - QRadar SIEM provides contextual and actionable surveillance across the entire IT infrastructure."
"I would rate IBM Security QRadar nine out of ten."
"The solution is reliable."
"This is a good tool to have because it gives you the ability to track what is currently happening in your environment."
"The pre-canned rules and reports in this product are a huge plus."
"The UBA feature is the most valuable because you can see everything about users' activities."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"The feature dashboard is very well organized and intuitive to use. It organizes information on a timeline which is exactly what we need for insider threat future-analysis."
"The most valuable features of Securonix UEBA include insider threat monitoring, which provides complete visibility of user activities, and next-gen AI-based behavior analytics."
"The most valuable features of Securonix UEBA include insider threat monitoring, which provides complete visibility of user activities, and next-gen AI-based behavior analytics."
"One of the most valuable features is UEBA. It's pretty helpful for us to make sure of our thresholds for any of our clients."
"Their user and entity behavior analysis algorithms are the most valuable features."
 

Cons

"There should be more opportunity for community kind of distribution where, for example, if there was a zero-day threat targeting companies."
"Integration could be better. They should make it easy to integrate with other solutions."
"The dashboard is pathetic and it takes a long time to perform a search."
"For the common needs of clients to fulfill requirements, a real integration with Blueworks Live (BPA modeling tool also from IBM) and a more suitable BPM on cloud solution for midsize customers."
"The costing part could be improved."
"The user interface is a bit clunky, a bit hard to find what you need."
"The solution is difficult to understand in the beginning and has complex management configurations that can be improved."
"I don't give it a 10 because it is something we have to request. I would love it if UBA was included out of the box like Microsoft."
"The support system is not very good as of now."
"The integration with other tools, like EDRs and other technology tools, can be improved."
"The area that needs improvement is reporting."
"There is room for improvement in the algorithms. Although I said that we have a very solid starting point - our existing library is already very comprehensive - we constantly find areas where we need to develop new algorithms. That is common across platforms. Any vendor with a solid starting point would still need to continue to evolve."
"When compared to others, if you look at the integration aspect, I believe that some aspects of integration can be enhanced."
 

Pricing and Cost Advice

"think the pricing is quite flexible."
"It is a perpetual license that we have for the event collector. The licensing is done based on the number of events and flows that you receive on this particular device. These are perpetual licenses, which means once you purchase them, they don't expire, which means that the support to IBM is definitely renewed after every one year. We have an enterprise agreement with IBM, which puts the cost in a totally different category as compared to someone who is not an IBM partner and is approaching IBM for this solution. We were able to get massive discounts. To give you an idea, we recently purchased 30,000 event licenses, and it costs around $480,000. It is definitely not a cheap product. We have licenses for about 270,000 events per second and 3 million flows per second. All the appliances and their events and flows are basically clubbed together and charged or rather calculated through a single source. The console receives all the details from all the event processes that we have globally. So, the license that we have is a single license for 270,000 events per second and 3 million flows per second, but that can be managed centrally. I was only part of the secondary purchase, which was 30,000 events per second for about $480,000. You can calculate how much we paid for 270,000 events. Reducing its price would be a compromise. We have already used a lower-priced product in the form of NNT, but we had to get rid of it because it was not doing the job that we actually wanted to do. You get what you pay for."
"I think that the price is fair, but we can always say that the price could be cheaper."
"Pricing and licensing are competitive. Their new licensing options allow logs to bypass the correlation engine for a flat rate, which is also appealing for log data that is compliance-driven for a small amount of money."
"In terms of additional costs, it depends on the subscription that you choose. There are plenty of options to choose from."
"There is a license required for this solution."
"The pricing needs to be such that they are more competitive with other vendors."
"There are additional costs, such as the cost associated with the different hardware required for implementation and deployment. Along with the add-on apps, these are all additional costs, and they require licensing as well."
"Their pricing is pretty comfortable. They will work with you on the cost."
"The cost is approximately $50 per user per year."
"When compared to other solutions, it is less expensive."
report
Use our free recommendation engine to learn which User Entity Behavior Analytics (UEBA) solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Answers from the Community

DC
Feb 18, 2020
Feb 18, 2020
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information ingested) but with a firm on 10k+ I wouldn't be so sure that this means a better price. The total cost of ownership would be more linear though. On the other hand QRadar is by far a better SIEM solution...
See 2 answers
it_user900120 - PeerSpot reviewer
Feb 17, 2020
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information ingested) but with a firm on 10k+ I wouldn't be so sure that this means a better price. The total cost of ownership would be more linear though. On the other hand QRadar is by far a better SIEM solution and if your use-cases lean towards that, then I would suggest looking towards Qradar. Qradar does have a steeper learning curve but that's purely because of the richer feature set, it just takes more time to take it all in.
Chetankumar Savalagimath - PeerSpot reviewer
Feb 18, 2020
All three security solutions are defined and different smartness they hold it all depends on how is your requirement. Securonix UEBA is a Hadoop bases UEBA technology tool the tools understand the infrastructure and users and then work accordingly. (Wide Customer industry support) (Average cost) IBM QRadar is a SIEM with all in the composite tool can bring in UEBA and other security solution. (Wide Customer industry support) (Average cost) Exabeam is a mathematical bases security solutioning tool, it learns infra and then provides a solution, it's a bit noisy in some instances. (Medium Customer industry support) (Costly) If you tell us what exactly you require or how id your infra set up, then it would good to suggest a tool.
 

Top Industries

By visitors reading reviews
Educational Organization
24%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
Computer Software Company
18%
Financial Services Firm
12%
Manufacturing Company
10%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
The cost depends. The price I negotiated varies by region and relationship with the OEM. Cost is not shared due to another procurement team handling negotiations, but it was reasonable as far as I ...
What needs improvement with Securonix UEBA?
The integration with other tools, like EDRs and other technology tools, can be improved.
What is your primary use case for Securonix UEBA?
My primary use case for Securonix UEBA is user threat notification and user behavior analysis.
What advice do you have for others considering Securonix UEBA?
I recommend using Securonix UEBA as it reduces the time for deployment and offers a customizable UEBA analytics dashboard covering most use cases. Overall, I would rate Securonix UEBA eight out of ...
 

Also Known As

IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
Securonix User and Entity Behavior Analytics
 

Overview

 

Sample Customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Pfizer, McKesson, BNY Mellon, New York Life
Find out what your peers are saying about IBM Security QRadar vs. Securonix UEBA and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.