Try our new research platform with insights from 80,000+ expert users

IBM Security QRadar vs SolarWinds Security Event Manager comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM Security QRadar
Ranking in Security Information and Event Management (SIEM)
4th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
208
Ranking in other categories
Log Management (6th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (11th)
SolarWinds Security Event M...
Ranking in Security Information and Event Management (SIEM)
21st
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
26
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of IBM Security QRadar is 8.7%, down from 9.7% compared to the previous year. The mindshare of SolarWinds Security Event Manager is 0.6%, down from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.
Alex Kinyanjui - PeerSpot reviewer
A stable and scalable solution that provide 24/7 monitoring
We have to protect customer data, including any PII, accessed via the internet terminal. Additionally, we need to monitor events from network devices and servers that may raise suspicion, allowing us to analyze them and determine what is occurring. SolarWinds affected your overall security costs. Considering the nature of our traffic, it has been very effective. We have proactively identified and addressed issues before they escalate into incidents. I've noticed a reduced investment in handling event-related cases with SolarWinds Security Event Manager. This reduction includes reducing human resources and the time required for teams to provide 24/7 monitoring. Consequently, there has been a significant decrease in costs. Additionally, the platform enables us to address issues before they escalate into incidents, thus preventing revenue leakage. As a result, the organization experiences reduced costs and avoids revenue leakage. Since the SolarWinds Security Event Manager implementation, the total budget allocated to security has been reduced by close to five percent. Initially, there was a heavy investment in that aspect, but we have observed this reduction in the allocated budget for the security team. Since implementing SolarWinds Security Event Manager, the team members' pressure has been reduced. They can now concentrate on more critical tasks and development, promoting growth within their department rather than solely focusing on incident monitoring. I recommend the solution. Overall, I rate the solution an eight out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It can analyze event logs, event security, and give a good consult."
"The event collector, flow collector, PCAP and SOAR are valuable."
"It's a state-of-the-art product for security information and event management (SIEM)."
"There are a lot of features in QRadar. App Exchange is the most valuable feature. User behavior analytics (UBA) is also a very good feature. Watson is also there, but we are not currently using Watson. It is versatile and quite easy. It also has an all-in-one-box feature and good integration with AWS."
"The most valuable features would have to be the products' ability to customize vulnerability management settings."
"One of the most valuable features is its ability to integrate with other solutions. IBM has a lot of solutions and we have managed to make it work with IBM BigFix and MaaS360, and even Microsoft."
"This is a distributed application, meaning that a customer can stack small and then scale it so that they can expand pretty effectively. You can use, basically, the same product in an SMB or a large enterprise."
"It provides many options for searching. I can see devices from different vendors, like Cisco, in one interface, which is good for me."
"This tool is simple to use."
"The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace."
"SolarWinds is effective for server, network, and log monitoring. It's also good for IP address management. We also have a patch manager, but we're still working on getting that operational."
"SolarWinds Security Event Manager has been generally working well."
"The solution helps me to go back in time and search for different events. For example, if you wanted to know who activated an account; you could go back in time and find out."
"The most valuable feature of this solution is the visibility into both attempted and failed logins."
"It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects."
"It's easy to build rules and actions based on the logs and event types we collect with the software."
 

Cons

"I have noticed a few things while working on this. After the restart of the server, sometimes, the services misbehave, and you need to manually start or restart the service. I have seen that specifically with the Tomcat service. Sometimes, when you click on log sources, instead of opening the log source extension, it redirects you over the internet."
"QRadar log integration of various applications can be a tough job at times. There may be occasions when you will not find any QRadar guide on adding logs of a particular application. Even if you come across one, adding a log process is not an easy one."
"QRadar needs to be more specialized, along the lines of what other SIEM solutions are."
"The tech support is not that good."
"The solution is difficult to understand in the beginning and has complex management configurations that can be improved."
"The architecture could be improved. I got stuck for a long time trying to understand the architecture, as it is quite challenging."
"I would like to see more integration in place after the security lock."
"QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month."
"One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install, configure, and maintain."
"There are no multiple dashboards which would allow you to see information side-by-side."
"The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow."
"The reporting could be more robust. It can be a lot more granular and that will make it a lot more useful in comparison to how it is incorporated at the moment."
"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."
"It is a very technical program. They can simplify it so that it isn't so hard to deal with."
"I don't think SolarWinds is scalable enough. It is somewhat limited when I need to deploy it across multiple environments in a distributed architecture."
"The product should improve the ease with which you can create event alerts. They are not as hard now but you need to have an easier way."
 

Pricing and Cost Advice

"The price of this solution is reasonable."
"There is a license required for this solution and it is an annual payment. I have found all solutions in the category to be expensive, including Splunk."
"It is a perpetual license that we have for the event collector. The licensing is done based on the number of events and flows that you receive on this particular device. These are perpetual licenses, which means once you purchase them, they don't expire, which means that the support to IBM is definitely renewed after every one year. We have an enterprise agreement with IBM, which puts the cost in a totally different category as compared to someone who is not an IBM partner and is approaching IBM for this solution. We were able to get massive discounts. To give you an idea, we recently purchased 30,000 event licenses, and it costs around $480,000. It is definitely not a cheap product. We have licenses for about 270,000 events per second and 3 million flows per second. All the appliances and their events and flows are basically clubbed together and charged or rather calculated through a single source. The console receives all the details from all the event processes that we have globally. So, the license that we have is a single license for 270,000 events per second and 3 million flows per second, but that can be managed centrally. I was only part of the secondary purchase, which was 30,000 events per second for about $480,000. You can calculate how much we paid for 270,000 events. Reducing its price would be a compromise. We have already used a lower-priced product in the form of NNT, but we had to get rid of it because it was not doing the job that we actually wanted to do. You get what you pay for."
"It could be cheaper, but the value itself is far more important for us than the price. Typically, our clients have yearly subscriptions."
"It is very expensive."
"QRadar is quite expensive. It wouldn't be worth it for a small business..."
"The pricing is higher but cheaper than others and there are no additional costs."
"The solution comes with a high price tag, while some of the competitors provide identical functionality in their offerings at no extra cost."
"Licenses can only be purchased in blocks of fifty at a time."
"The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten."
"The price of SolarWinds Security Event Manager is reasonable."
"Licensing is on devices, so if you have many, then this may be high."
"The pricing model would benefit from having package deals with other SolarWinds products."
"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."
"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Educational Organization
24%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
Educational Organization
75%
Computer Software Company
4%
Financial Services Firm
4%
University
3%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about SolarWinds Security Event Manager ?
The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers.
What is your experience regarding pricing and costs for SolarWinds Security Event Manager ?
The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten.
What needs improvement with SolarWinds Security Event Manager ?
I think the customization area in the tool can be considered as an area of concern where improvements are required In the future, I want to see the tool have better customization abilities with som...
 

Also Known As

IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager
 

Overview

 

Sample Customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.
Find out what your peers are saying about IBM Security QRadar vs. SolarWinds Security Event Manager and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.