Try our new research platform with insights from 80,000+ expert users

IBM Security QRadar vs SolarWinds Security Event Manager comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024
 

Categories and Ranking

IBM Security QRadar
Ranking in Security Information and Event Management (SIEM)
4th
Average Rating
8.0
Number of Reviews
204
Ranking in other categories
Log Management (6th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (18th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (10th), Extended Detection and Response (XDR) (14th)
SolarWinds Security Event M...
Ranking in Security Information and Event Management (SIEM)
20th
Average Rating
7.8
Number of Reviews
26
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of IBM Security QRadar is 9.5%, up from 9.3% compared to the previous year. The mindshare of SolarWinds Security Event Manager is 0.6%, down from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Muzzamil Hussain - PeerSpot reviewer
Aug 1, 2024
Is easy to integrate and doesn't require maintenance
One major drawback we are facing is in the area of IBM Security QRadar integration with flat file databases. IBM Security QRadar does not support flat file database integration. We are currently facing an issue with respect to the database, which you normally call a NoSQL database. There is no direct integration mechanism available with IBM Security QRadar. We have to approach IBM and generate a ticket so that they can develop a custom method for the integration. In database integration, we are facing issues with IBM Security QRadar. The solution does not support the integration of flat file databases. Certain organizations have flat file databases. IBM does not support direct integration with some databases. We had to create a plug, and we requested IBM to develop a parser, but it is taking IBM a couple of months to develop it. I think a flat-file database should be supported directly instead of developing a parser plugin. There should be a more refined threat intelligence platform, and cross-integration should be possible with locally available threat intelligence platforms.
Alex Kinyanjui - PeerSpot reviewer
May 24, 2024
A stable and scalable solution that provide 24/7 monitoring
We have to protect customer data, including any PII, accessed via the internet terminal. Additionally, we need to monitor events from network devices and servers that may raise suspicion, allowing us to analyze them and determine what is occurring. SolarWinds affected your overall security costs. Considering the nature of our traffic, it has been very effective. We have proactively identified and addressed issues before they escalate into incidents. I've noticed a reduced investment in handling event-related cases with SolarWinds Security Event Manager. This reduction includes reducing human resources and the time required for teams to provide 24/7 monitoring. Consequently, there has been a significant decrease in costs. Additionally, the platform enables us to address issues before they escalate into incidents, thus preventing revenue leakage. As a result, the organization experiences reduced costs and avoids revenue leakage. Since the SolarWinds Security Event Manager implementation, the total budget allocated to security has been reduced by close to five percent. Initially, there was a heavy investment in that aspect, but we have observed this reduction in the allocated budget for the security team. Since implementing SolarWinds Security Event Manager, the team members' pressure has been reduced. They can now concentrate on more critical tasks and development, promoting growth within their department rather than solely focusing on incident monitoring. I recommend the solution. Overall, I rate the solution an eight out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is really helpful to us from the compliance point of view."
"Providing real-time visibility for threat detection and prioritization - QRadar SIEM provides contextual and actionable surveillance across the entire IT infrastructure."
"There are other third-party plugins that we can use."
"An engineer can live-monitor all the flow happening in real-time. This would help us a lot while investigating a case, and it would even help us with preventive actions."
"In addition to using this solution for our security operations center, we are using it for our other customers."
"It is incredibly easy to deploy. All the appliances are flexible in the roles that they serve and are all managed the in the same way."
"There is a single dashboard that gives us a complete overview of what is happening around the globe."
"The scalability is very good. It's not a problem."
"The solution helps me to go back in time and search for different events. For example, if you wanted to know who activated an account; you could go back in time and find out."
"The most valuable feature of this solution is the visibility into both attempted and failed logins."
"We had to integrate with other teams, and the infrastructure deployment didn't take long. The integration involves learning with different teams, networking, and configuring various network devices and servers. Infrastructure deployment only took one or two days."
"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."
"The most valuable feature is the ease of use for the end user."
"It's easy to build rules and actions based on the logs and event types we collect with the software."
"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."
"The product's most effective part in improving security stems from the fact that the solution is deployed for event management, log viewing, and information management."
 

Cons

"The API integration for AD is a problem when it comes to vulnerability management. If you want to incorporate multiple factor authentication it becomes a problem with the AD. It doesn't integrate well. That needs to be improved."
"IBM QRadar Advisor with Watson could be more user-friendly. You need some skills and understanding of what you're looking at, especially if you're going to draw down specific information."
"The IBM support can be better."
"You can scale IBM QRadar User Behavior Analytics, but it has room for improvement."
"The product does not have a team for investigating malware."
"There is room for improvement in IBM QRadar in integrating features for SOC maturity and security levels directly into QRadar."
"It's resource-intensive."
"I would like to see more integration in place after the security lock."
"I would like to have a more customizable dashboard."
"I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis."
"We'd like more customization capabilities."
"The company had to use a third party for the implementation of the solution."
"The only issue is the pricetag. SolarWinds is a costly solution."
"It is a very technical program. They can simplify it so that it isn't so hard to deal with."
"It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery."
"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."
 

Pricing and Cost Advice

"There is an annual license required for this solution."
"There are additional costs, such as the cost associated with the different hardware required for implementation and deployment. Along with the add-on apps, these are all additional costs, and they require licensing as well."
"The solution's pricing is based on the EPS model."
"Our licensing costs for this solution is on a yearly basis."
"It's too expensive."
"We pay approximately $40,000 to use the solution annually. This solution is a lot less expensive than Splunk."
"IBM QRadar is a little bit expensive compared to other products."
"IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much."
"The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten."
"Licensing is on devices, so if you have many, then this may be high."
"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."
"The pricing model would benefit from having package deals with other SolarWinds products."
"Licenses can only be purchased in blocks of fifty at a time."
"The price of SolarWinds Security Event Manager is reasonable."
"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
Educational Organization
75%
Computer Software Company
5%
Financial Services Firm
3%
University
2%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about IBM QRadar?
The event collector, flow collector, PCAP and SOAR are valuable.
What do you like most about SolarWinds Security Event Manager ?
The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers.
What is your experience regarding pricing and costs for SolarWinds Security Event Manager ?
The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten.
What needs improvement with SolarWinds Security Event Manager ?
I think the customization area in the tool can be considered as an area of concern where improvements are required In the future, I want to see the tool have better customization abilities with som...
 

Also Known As

IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar, IBM QRadar User Behavior Analytics, IBM QRadar Advisor with Watson
SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager
 

Learn More

 

Overview

 

Sample Customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.
Find out what your peers are saying about IBM Security QRadar vs. SolarWinds Security Event Manager and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.