Try our new research platform with insights from 80,000+ expert users

IBM Security QRadar vs SolarWinds Security Event Manager comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM Security QRadar
Ranking in Security Information and Event Management (SIEM)
4th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
207
Ranking in other categories
Log Management (6th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (11th)
SolarWinds Security Event M...
Ranking in Security Information and Event Management (SIEM)
21st
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
26
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of IBM Security QRadar is 8.7%, down from 9.7% compared to the previous year. The mindshare of SolarWinds Security Event Manager is 0.6%, down from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.
Alex Kinyanjui - PeerSpot reviewer
A stable and scalable solution that provide 24/7 monitoring
We have to protect customer data, including any PII, accessed via the internet terminal. Additionally, we need to monitor events from network devices and servers that may raise suspicion, allowing us to analyze them and determine what is occurring. SolarWinds affected your overall security costs. Considering the nature of our traffic, it has been very effective. We have proactively identified and addressed issues before they escalate into incidents. I've noticed a reduced investment in handling event-related cases with SolarWinds Security Event Manager. This reduction includes reducing human resources and the time required for teams to provide 24/7 monitoring. Consequently, there has been a significant decrease in costs. Additionally, the platform enables us to address issues before they escalate into incidents, thus preventing revenue leakage. As a result, the organization experiences reduced costs and avoids revenue leakage. Since the SolarWinds Security Event Manager implementation, the total budget allocated to security has been reduced by close to five percent. Initially, there was a heavy investment in that aspect, but we have observed this reduction in the allocated budget for the security team. Since implementing SolarWinds Security Event Manager, the team members' pressure has been reduced. They can now concentrate on more critical tasks and development, promoting growth within their department rather than solely focusing on incident monitoring. I recommend the solution. Overall, I rate the solution an eight out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"What I like the most about it is that you can very easily install and configure it. As compared to other SIEM solutions, for which you need to know and do a lot more to prepare your SIEM environment, QRadar is much simpler to install and configure. There are various options in the Admin console. In the Admin tab, you can design dashboards and view various graphs. It has a lot of attractive features, and you don't need to configure everything on your own."
"I like the graphical interface. It's so good and easy."
"IBM QRadar is great help from its security event monitoring to data center and NOC troubleshooting of issues hard for other departments to spot."
"IBM QRadar Advisor with Watson is a stable solution."
"Network-Based Anomaly Detection (NBAD): Using NetFlow, JFlow, SFlow, or QFlow (all 7 layers), offenses are detected as a response when a rule is triggered."
"I like that it's easy to use and the performance is good."
"We get events and make the correlation, or rules. In IBM, we can implement our customer's rules. We can have very clear status threats and severity of antigens."
"The most valuable aspect of the solution is the integration capabilities on offer."
"The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."
"SolarWinds is effective for server, network, and log monitoring. It's also good for IP address management. We also have a patch manager, but we're still working on getting that operational."
"It's easy to build rules and actions based on the logs and event types we collect with the software."
"SolarWinds' stability is fine. I don't think we've had any software issues."
"This tool is simple to use."
"SolarWinds Security Event Manager has been generally working well."
"It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects."
"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."
 

Cons

"IBM QRadar has a margin for development, for out-of-the-box use cases. It can be enhanced with better support and automate the use cases for that."
"Each module requires a separate license and a separate cost."
"The solution is expensive compared to other products."
"I would like for them to develop a detection management solution. It does not have a detecting management solution in it, you have to buy it as it is, on top of the extended solution."
"Dashboards and reports could provide better visualization of SIEM activity."
"A lot of information that we receive for the devices is IP-based, but it would help if we could have a default dashboard in which we can add more details about the assets for which we are receiving the information. For example, if it is a Windows or Linux device, we only get the IP for that particular device. We don't really get the name and other details of that particular device. For that, you have to drill down into your own asset management system. It would be good to have a place where we can probably add this information so that we don't have to look into other tools."
"QRadar needs a lot of fine tuning"
"It is not app based."
"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."
"It can be difficult for users who are inexperienced with the solution."
"There is no correlation made between log entries, so no threat information is presented."
"I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis."
"It is a very technical program. They can simplify it so that it isn't so hard to deal with."
"I don't think SolarWinds is scalable enough. It is somewhat limited when I need to deploy it across multiple environments in a distributed architecture."
"We'd like more customization capabilities."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
 

Pricing and Cost Advice

"There is a license required for this solution."
"The cost of this product is expensive."
"Licensing is very expensive, IBM QRadar is a very expensive solution. If you want to minimize costs then IBM QRadar is not for you."
"The licensing is also overly complex, as there is a need to buy the work load performance monitoring separately."
"There is a license to use this solution, which is paid annually. However, there are subscription options available."
"It is very expensive."
"A good approach would be to begin with an On Cloud subscription, then later on do a more exact sizing."
"They can give us some scalability and flexibility on pricing. If its pricing can be reduced, it would help a lot of customers in bringing in a new SIEM environment and grow business in the market. If I start a license today and take around 10,000 EPS, and after a month, there is an increase in the number of clients on my platform, I can increase the number of licenses. I can add 5,000 EPS on a yearly basis."
"Licensing is on devices, so if you have many, then this may be high."
"Licenses can only be purchased in blocks of fifty at a time."
"The pricing model would benefit from having package deals with other SolarWinds products."
"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."
"The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten."
"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."
"The price of SolarWinds Security Event Manager is reasonable."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Educational Organization
23%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
Educational Organization
78%
Computer Software Company
4%
Financial Services Firm
3%
University
3%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
The cost depends. The price I negotiated varies by region and relationship with the OEM. Cost is not shared due to another procurement team handling negotiations, but it was reasonable as far as I ...
What do you like most about SolarWinds Security Event Manager ?
The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers.
What is your experience regarding pricing and costs for SolarWinds Security Event Manager ?
The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten.
What needs improvement with SolarWinds Security Event Manager ?
I think the customization area in the tool can be considered as an area of concern where improvements are required In the future, I want to see the tool have better customization abilities with som...
 

Also Known As

IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager
 

Overview

 

Sample Customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.
Find out what your peers are saying about IBM Security QRadar vs. SolarWinds Security Event Manager and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.