Try our new research platform with insights from 80,000+ expert users

IBM Security QRadar vs Securonix UEBA comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM Security QRadar
Ranking in User Entity Behavior Analytics (UEBA)
1st
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
208
Ranking in other categories
Log Management (6th), Security Information and Event Management (SIEM) (4th), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (11th)
Securonix UEBA
Ranking in User Entity Behavior Analytics (UEBA)
15th
Average Rating
10.0
Reviews Sentiment
7.0
Number of Reviews
4
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the User Entity Behavior Analytics (UEBA) category, the mindshare of IBM Security QRadar is 11.9%, down from 17.3% compared to the previous year. The mindshare of Securonix UEBA is 2.3%, down from 4.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
User Entity Behavior Analytics (UEBA)
 

Q&A Highlights

DC
Feb 18, 2020
 

Featured Reviews

Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.
YT
User threat notification and behavior analysis have been enhanced through effective AI-based monitoring
My primary use case for Securonix UEBA is user threat notification and user behavior analysis The most valuable features of Securonix UEBA include insider threat monitoring, which provides complete visibility of user activities, and next-gen AI-based behavior analytics. The customizable…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"This solution has allowed us to correlate logs from multiple sources."
"We have the abilities to monitor each instance which originates on the process along with the performance of each department."
"It protect us from multiple authentication values, unauthorized access and antivirus threats."
"Log correlation is very useful for processing alerts. It serves to follow up alerts in real-time, building an entire workflow."
"The ability to transition from microscopic to macroscopic view, instantly, is very good."
"Vulnerability detection is the most valuable feature. It's the tool that finds the threats."
"Improves visibility and has a great new dashboard."
"I think QRadar is stable and currently satisfies my needs."
"Their user and entity behavior analysis algorithms are the most valuable features."
"The feature dashboard is very well organized and intuitive to use. It organizes information on a timeline which is exactly what we need for insider threat future-analysis."
"The most valuable features of Securonix UEBA include insider threat monitoring, which provides complete visibility of user activities, and next-gen AI-based behavior analytics."
"One of the most valuable features is UEBA. It's pretty helpful for us to make sure of our thresholds for any of our clients."
"The most valuable features of Securonix UEBA include insider threat monitoring, which provides complete visibility of user activities, and next-gen AI-based behavior analytics."
 

Cons

"QVM is another instance where they need to revise the vulnerability scoring and the proper remediation details."
"The dashboards are all legacy and old."
"The solution lacks vendor support."
"I think that the search speed of this solution could be improved."
"The technical support can be improved a little bit, and the price could be cheaper."
"The advanced planning management (APM) features should be included."
"The custom rules could be simplified more or it should be possible to use a different language, other than the ones that the solution is already using. They should add other languages into the mix."
"Improving the integration with IBM Server for MetaMask for correlation rules would be beneficial. Currently, I use Sentinel in Azure, and I would prefer creating one rule to roll it out to both Sentinel and QRadar. However, this is not possible because QRadar lacks this capability."
"The support system is not very good as of now."
"When compared to others, if you look at the integration aspect, I believe that some aspects of integration can be enhanced."
"There is room for improvement in the algorithms. Although I said that we have a very solid starting point - our existing library is already very comprehensive - we constantly find areas where we need to develop new algorithms. That is common across platforms. Any vendor with a solid starting point would still need to continue to evolve."
"The area that needs improvement is reporting."
"The integration with other tools, like EDRs and other technology tools, can be improved."
 

Pricing and Cost Advice

"I think my company pays for the license yearly."
"It is expensive. It is not a product that I can provide for SMBs. It is a program that I can only provide for really large enterprises."
"I feel that the price is reasonable but compared to other products that are on the market, such as an offering by Microsoft, it is more expensive."
"The tool's on-premise version is expensive. However, it is cheaper than Splunk. The hybrid model offers shared instances for customers, which is not expensive. Customers with a limited budget can opt for it. You can get premium support with licenses. However, if you need customized integration, you need to buy it."
"You have a one-time payment, and you also can purchase it for one year as a subscription. We have it on-premise, and we have a permanent license for it. We have to pay for the support on a yearly basis. If you compare its cost with Sentinel for one year, QRadar would seem more expensive, but if you compare its cost over five or ten years, Azure Sentinel will be more expensive than QRadar. If you compare its cost with Sentinel for one year, QRadar would seem more expensive, but if you compare its cost over five or 10 years, Azure Sentinel can be more expensive than QRadar."
"Its price is good in terms of efficiency and the number of people required for implementing various things. You might pay more in terms of money, but you might save on the number of people. For example, if you are using Kibana, you have to pay more for people or experts, which is not the case with IBM QRadar."
"An X-Force feed is free with QRadar."
"QRadar UBA's price is a little more than street price and could be reduced."
"When compared to other solutions, it is less expensive."
"Their pricing is pretty comfortable. They will work with you on the cost."
"The cost is approximately $50 per user per year."
report
Use our free recommendation engine to learn which User Entity Behavior Analytics (UEBA) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Answers from the Community

DC
Feb 18, 2020
Feb 18, 2020
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information ingested) but with a firm on 10k+ I wouldn't be so sure that this means a better price. The total cost of ownership would be more linear though. On the other hand QRadar is by far a better SIEM solution...
See 2 answers
it_user900120 - PeerSpot reviewer
Feb 17, 2020
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information ingested) but with a firm on 10k+ I wouldn't be so sure that this means a better price. The total cost of ownership would be more linear though. On the other hand QRadar is by far a better SIEM solution and if your use-cases lean towards that, then I would suggest looking towards Qradar. Qradar does have a steeper learning curve but that's purely because of the richer feature set, it just takes more time to take it all in.
Chetankumar Savalagimath - PeerSpot reviewer
Feb 18, 2020
All three security solutions are defined and different smartness they hold it all depends on how is your requirement. Securonix UEBA is a Hadoop bases UEBA technology tool the tools understand the infrastructure and users and then work accordingly. (Wide Customer industry support) (Average cost) IBM QRadar is a SIEM with all in the composite tool can bring in UEBA and other security solution. (Wide Customer industry support) (Average cost) Exabeam is a mathematical bases security solutioning tool, it learns infra and then provides a solution, it's a bit noisy in some instances. (Medium Customer industry support) (Costly) If you tell us what exactly you require or how id your infra set up, then it would good to suggest a tool.
 

Top Industries

By visitors reading reviews
Educational Organization
24%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
Computer Software Company
18%
Financial Services Firm
12%
Manufacturing Company
10%
Real Estate/Law Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What needs improvement with Securonix UEBA?
The integration with other tools, like EDRs and other technology tools, can be improved.
What is your primary use case for Securonix UEBA?
My primary use case for Securonix UEBA is user threat notification and user behavior analysis.
What advice do you have for others considering Securonix UEBA?
I recommend using Securonix UEBA as it reduces the time for deployment and offers a customizable UEBA analytics dashboard covering most use cases. Overall, I would rate Securonix UEBA eight out of ...
 

Also Known As

IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
Securonix User and Entity Behavior Analytics
 

Overview

 

Sample Customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Pfizer, McKesson, BNY Mellon, New York Life
Find out what your peers are saying about IBM Security QRadar vs. Securonix UEBA and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.