Try our new research platform with insights from 80,000+ expert users
Software6a29 - PeerSpot reviewer
Software Trainee at a tech services company with 1,001-5,000 employees
Real User
Senses, tracks, and links significant incidents and threats
Pros and Cons
  • "Senses, tracks, and links significant incidents and threats."
  • "The tool is already automated in many ways, but there are some additional functions which should be automated, like sending an email, mobile notification, and integration of XFS."

    What is most valuable?

    Almost every feature is useful. In particular:

    • Sense and detect fraud, both insider and advanced threats.
    • Sense, track, and link significant incidents and threats.

    What needs improvement?

    The tool is already automated in many ways, but there are some additional functions which should be automated, like sending an email, mobile notification, and integration of XFS.

    For how long have I used the solution?

    Less than one year.

    What other advice do I have?

    Overall, I love this product.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user805179 - PeerSpot reviewer
    Solution Architect with 201-500 employees
    Real User
    Improved our organization's total cost of ownership
    Pros and Cons
    • "Improved our organization's TCO."
    • "GUI needs to be improved."

    What is our primary use case?

    • Users' behavior analytics
    • Monitor leakage for data
    • Payment card industry compliance
    • Integration with end points management system
    • Integration with Incident Response and Ticketing System

    How has it helped my organization?

    • Easy to deploy
    • Time to value
    • Total cost of ownership (TCO)
    • Deployment options for on-premise
    • SaaS
    • Hybrid

    What is most valuable?

    • X-Force feed
    • Watson for cyber security
    • App Exchange
    • Scalability and licensing model
    • Vulnerability and risk management on network topology

    What needs improvement?

    Needs to be improved:

    • Graphical User Interface (GUI) 
    • Multi-tenancy and domain(s) segregation.

    For how long have I used the solution?

    One to three years.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    IBM Security QRadar
    December 2024
    Learn what your peers think about IBM Security QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
    824,053 professionals have used our research since 2012.
    it_user5160 - PeerSpot reviewer
    IT Security Consultant at a tech vendor with 201-500 employees
    Vendor
    It captures and processes large volumes of event data, and scales to support them in a unified database. But, it'd be good to have a default configuration to meet PCI requirements.

    Valuable Features:

    It's very helpful in meeting compliance monitoring and reporting (PCI DSS, PA DSS, ISO, SOX) requirements.

    Improvements to My Organization:

    It captures and processes large volumes of event data, and scales to support hundreds of thousands of events in one unified database. 

    It also offers high-availability and disaster-recovery options. 

    There's very high quality in reporting suitable to all most all compliance requirements.

    Room for Improvement:

    We use it mostly for purchases and regulatory requirements of that process. It would be good, therefore, if there was a standard configuration by default that was offered or proposed during install or configuration to meet PCI requirements, e.g. log archive duration set by default to one year for each device added. 

    The event Information display might prioritize event ID, user, destination, source, and date/time as the first info gathered in the report.

    Use of Solution:

    We're only using the Log Manager.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    reviewer1382016 - PeerSpot reviewer
    Pre-Sale Consultant (Technical) at a tech services company with 51-200 employees
    Real User
    Easy to set up, but we have had some problems with the networking support
    Pros and Cons
    • "We are using the platform version, which I like."
    • "We have had problems with networking."

    What is our primary use case?

    We are a system integrator and IBM QRadar is one of the security and monitoring products that we implement for our clients. It is used for monitoring applications such as Windows virtual desktop access (VDA) and computer-managed instruction (CMI).

    What is most valuable?

    We are using the platform version, which I like.

    What needs improvement?

    We have had problems with networking.

    For how long have I used the solution?

    I have been using QRadar for about half a year.

    What do I think about the scalability of the solution?

    We have not tried to scale because it is installed all in one machine.

    How was the initial setup?

    The initial setup was easy and it took one day to install it.

    What other advice do I have?

    Overall, I like this product and I think that the features are good enough.

    I would rate this solution a seven out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free IBM Security QRadar Report and get advice and tips from experienced pros sharing their opinions.
    Updated: December 2024
    Buyer's Guide
    Download our free IBM Security QRadar Report and get advice and tips from experienced pros sharing their opinions.