IBM Security QRadar Reviews

The first thing that we implemented for user behavior was to find out whether somebody is logging in at odd hours. It studies user behavior.

My favorite thing is that it comes with good usability.

It has a powerful GUI where you can put together your use cases, and don't have to write your own scripts.

The price of this solution is a little bit expensive, so if it were cheaper then it would help.

While the interface is easy to use, it could be a little more responsive. It can be a bit sluggish at times.

I have been using IBM QRadar for about a year.

We have not experienced any issues with stability.

Scalability has not been a problem, although our environment is not very big. Perhaps at a later stage and with a bigger environment, we might have issues.

I have been in contact with technical support on one or two occasions. The experience was good and we are satisfied.

I also have experience using Splunk.

The initial setup is really straightforward. It's a bonus point of this solution.

I would rate this solution an eight out of ten.

Most of the features are good. It is an excellent solution. 

Some of the features should be more cooperative but other than that, everything is okay.

I have been using IBM QRadar User Behavior Analytics for a year. 

It is very stable. 

It is also scalable. 

Our team handles its own support. We are capable of doing our own technical support but we also have IBM to get their help as well.

The initial setup is not straightforward but of medium complexity. It's not simple but not so complex. It usually takes two to three weeks to deploy. 

The price is very high. Some of our customers cannot afford it. 

IMB should reduce the pricing, or reduce some of the features for a more economical solution for the customer.

I would rate it an eight out of ten. They should reduce the pricing. 

We used QRadar SIEM over Juniper Secure Analytics platform. 

The company profile is telecom. The infrastructure has a large geographical spread.

IBM QRadar is great help from its security event monitoring to data center and NOC troubleshooting of issues hard for other departments to spot.

• It has a logical, user-friendly GUI. 
• Very easy to drill down in offenses and get to the bottom of raw data.

Dashboards and reports could provide better visualization of SIEM activity. 

An executive or CISO dashboard would be nice to have by default.

The tool gets better value in the hands of an experienced security analyst. 

What is valuable is that we're using it through IBM's MSS services, and that they're doing a really good job of keeping us alerted of what events are hitting, and adapting for it.

It benefits us from a standpoint that we're very immature in our review of how security should be approached, and it's really helped us move up to modern awareness of what's going on on the internet.

I'd like to see, and they're getting there, is more integration; tighter integration with some of the other IBM Security products. They're moving a lot tighter to BigFix. BigFix has a lot of power in it, and MaaS360 also has a lot of power in it. I'd like to see those more tightly integrated.

We have not had any stability or scalability issues. We're a little concerned about the latest version and the fact that it cannot be upgraded, that it requires a clean install.

We have not really used technical support, because it's a managed service, so we call the SOC and they help us. They are very helpful.

We just really sold our CIO and CTO on the fact that we need to do better than we are, where we're at today. We had a lot of virus challenges, like most companies, and malware, so we had to figure out how to reduce that.

I was involved in the initial setup. Well, IBM did it, since it was a managed service. It was pretty straightforward.

We looked at numerous other players. We chose IBM because it has a lot of power, and you can grow it as much as and however you want it to.

When I am looking for a vendor, I don't look for a VAR, I look for a partner.

If you're going to implement it, implement it using managed services, because it's too complex of a product to try to do yourself.

I find that the dashboards are the most helpful to get an overview of traffic flow and issues.

We find that reviewing Q1 Radar is very helpful to pinpoint configuration issues, as well as go back and find traffic flows from comprimised hosts.

No.

None.

N/A

N/A

N/A

QRadar UBA's most valuable feature is the risk rating of users depending on their behavior.

QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month. In the next release, I would like to be able to do a historical search of user scores.

I've been using QRadar UBA for two and a half years.

QRadar UBA is quite stable.

QRadar UBA's price is a little more than street price and could be reduced.

I would rate QRadar UBA seven out of ten.

I think this is a good product for enterprises because of the performance and out-of-the-box rules and use cases. If they want to reach the maturity level early, they can use these out-of-the-box rules and use cases. That will help them a lot.

IBM QRadar User Behavior Analytics is good, but I think the functionality should be much more integrated. You should have easy access to the artifacts if you are doing a particular investigation. It's good, but other team solutions like LogRhythm are actually merging the functionality. So, I think that is something IBM can work on. 

We have been using IBM QRadar User Behavior Analytics for about four years.

Stability is good, but the investigation system should be better.

IBM QRadar User Behavior Analytics is scalable. You have the EPS and closed license. I think scalability is not an issue because it is available on both the hardware and the software. You can install the software plans if you want, and there is also a hardware plan.

Their technical support is good. I have not faced any issues before, and the technical support is good.

I will recommend this solution to potential users.

On a scale from one to ten, I would give IBM QRadar User Behavior Analytics a seven. 

We are looking for the entire QRadar spectrum but it has many products. QRadar is a kind of program, we are looking for system modelling, point modelling, network side modelling similar to QRadar network inside, and the capability to correlate between the network and endpoint. Most of the SIEM's have to rely on when it comes to network side third party or separate network traffic analysis. When it comes to QRadar, they can do the correlation and not only in networks but also endpoints. This is one of the good features that we have noticed.

Since we have not used the solution very long my information is limited when it comes to improvements. I have noticed the interface has room for improvement.

I have been using the solution for two years. However, my company has not deployed the solution yet and we are in the early stages of testng.

The solution has a good technical team.

The installation is complex. There is some overloading that happens, this could be simplified and made easier by allowing all key features on the first level dashboard to be viewed.

When it comes to the initial pricing there can be a huge discount from there side and also I think they are open to competing with other products. Even though the price can be a little high sometimes there product is number one. They have a wide range of products.

We have compared Securonix and many other solutions to this one.

I rate IBM QRadar a nine out of ten.