IBM Security QRadar is stable and has great support. I advise others looking into using IBM Security QRadar that it is really helpful for building a SOC and to get a deep dive into your real threats at the earliest time. I have given this product a review rating of 10.
IBM Security QRadar is capable of handling much of the market requirements. It's comparable to any other SIEM tool without standing out significantly. It's fairly open for custom integrations, but it depends on what type of logs we are receiving and what kind of parsing we are getting done. The integrations are totally based on the skill sets if third-party or custom integrations are required. When it comes to log management, it's fairly easy to manage and the log rotate is really good compared to any standard SIEM tool. It just gets the work done. I rate IBM Security QRadar an 8 out of 10.
We are thinking about moving outside of IBM Security QRadar ecosystem due to cost and the belief that some functionalities of new SIEM platforms are surpassing IBM Security QRadar. We think they are not keeping pace with SIEM, which makes it harder for them to differentiate their product or compete against others that are cheaper and easier to deploy. If you had asked me this question five or seven years ago, I would have given it a solid 10, maybe a nine, but today I believe they are losing track of that. The overall rating for IBM Security QRadar is seven out of ten. We were partners when they were under IBM. We've been in an IBM program of MSSP for Latin America, so we were partners of IBM Security QRadar when it was within IBM. However, with the selling to Palo Alto this year, we lost that partnership and are now just customers of a reseller. We operate the platform for our customers. We don't have IBM Security QRadar for our own use.
Cyber Security Intern at a retailer with 1,001-5,000 employees
Real User
Top 10
Aug 29, 2025
I deal with products such as IBM or Elastic solutions. I have experience with IBM Security QRadar, but not with Elastic; however, we are trying to get into Elastic. We use many different cloud providers as our main cloud provider. AWS is one of those. We did not purchase the IBM Security QRadar product through AWS Marketplace; that's handled by our IT team. I work in a dealership industry, specifically in home hardware. It is easy to use; I wasn't familiar with it, but after getting one-on-one training with my senior, I was able to use it very efficiently and learned it quickly. We use IBM Security QRadar's Risk Manager, but I don't use it directly as it's related to my senior. I investigate it, but those procedures are based on my senior's decisions. I have not used IBM Security QRadar's analytics engine for automating SOC tasks. The integration of third-party technologies with IBM Security QRadar's open architecture is good; it integrates with other solutions efficiently. I have used it with many different platforms such as SentinelOne and ExtraHop, and it integrates effectively. My company are customers with IBM. The overall rating for IBM Security QRadar is 9 out of 10.
This implementation process receives a rating of six. In UAE, we have strict restrictions regarding compliance, particularly NIST compliance. Most companies should have local LLM, not public. Most SIM solutions or SOAR don't have the capability to build or need custom connectors for using AI with internal LLM, rather than cloud-based solutions ChatGPT or Gemini. Overall, I would rate IBM Security QRadar an eight out of ten.
My advice is to understand your infrastructure first. Assess the size before sending any protocol requests or RFPs to adjust licensing costs. You may procure licenses less or more than needed, impacting finances. Analyzing your infrastructure is crucial, considering the logs and security issues you will set. Trained personnel are necessary. Without them, usage is challenging. Overall, the product rating is eight out of ten.
Network and Security Architect at Deutsche Telekom
Real User
Top 10
Jan 3, 2025
All technologies are advancing towards AI integration. It is essential to integrate AI capabilities into devices to keep pace with future technologies and integrations. We should configure AI technologies in these products, though we currently lack experience and information. My overall rating for this solution is nine out of ten.
Architect of Cybersecurity at ASSIST - Software Services
Real User
Top 20
Jan 2, 2025
In the middle of evaluating, I am looking for some information about comparison boxes or licenses, products, and so on. I am interested in this issue, but I will not purchase it personally. We have a plan for internal projects for this. Product rating: five out of ten.
RETAIL BANKING AND AML/KYC MANAGER at National Bank of Pakistan
Real User
Top 5
Aug 1, 2024
IBM Security QRadar enhances threat detection and incident response in our specific industry. The threat intelligence is somewhat different in Pakistan. We also have to deploy other open-source solutions and integrate them with the new system. We have IBM X-Force, and the solution provides threat intelligence releases for global incidents. Basically, we have CTM360, which helps with the threat intelligence part. We are actually using both with the solution. I think IBM X-Force complements our challenges, but it is not up to the mark we require. We have to collaborate with different solutions as well with CTM360. The tool's anomaly detection was useful with respect to application integration. We use a use case where we recently implemented the tool with respect to business applications where we define a rule set, and the system perfectly identifies and triggers an event against the rule set we define, so it is related to business applications. Our use cases are related to the event. An incident was caused a couple of days ago due to the Log4j vulnerability. For such vulnerabilities, the use case will also be helpful. It is easy to integrate with different solutions or different databases like MySQL and Oracle. It has the edge over other solutions, like open-source solutions like Wazuh and Splunk, so IBM Security QRadar is very much refined with respect to these solutions. Regarding the tool's ability to maintain high-security standards, I rate it ten out of ten. So far, we haven't used any AI feature in the tool, or it may not be available in the version we use. Overall, I recommend the tool to others. We are currently recommending it to peer banks and peer colleagues who need to make a decision to buy a product. Maintenance is not required, but we regularly check the tool's health reports. If any event occurs monthly or quarterly, then we need to maintain it. Otherwise, no maintenance is required. I rate the tool an eight out of ten.
I am generally satisfied with the product. Considering that there is still room for improvement and that the vendor could improve it to be made faster than it is at the moment, it is still a good product. I rate the tool an eight out of ten.
QRadar supports connectivity with a 2800 vendors, including Cisco and Fortinet FortiGate. These integrations encompass various platforms such as VMs, Linux distributions like Red Hat and CentOS, and Symantec and Microsoft Windows for CRM databases and other server functionalities. Cloud technologies such as Office 365 are also supported. The tool is flexible and I recommend it. Overall, I rate the solution a nine out of ten.
Head of Cybersecurity at a computer software company with 51-200 employees
Real User
Nov 1, 2023
My company takes care of the maintenance part of the solution for our clients who use IBM Security QRadar in their environments. Nine engineers and one manager take care of the maintenance process of IBM Security QRadar. My company has a lot of certified employees to take care of IBM Security QRadar's maintenance. My company can be considered a powerhouse when it comes to products from IBM. I recommend the solution to those who plan to use it. Splunk and IBM are leaders as per Gartner Magic Quadrant. I believe that IBM Security QRadar should be fairly priced for SMEs. I rate the overall tool an eight out of ten.
I give the solution a seven out of ten. We have around 20 users. The solution is of good quality and can be implemented successfully. However, in order to fully utilize its benefits, one must possess expertise in Python programming.
Information Security Manager at a financial services firm with 1,001-5,000 employees
Real User
Feb 13, 2023
The version of IBM QRadar User Behavior Analytics, which my company uses, is a little outdated from 2013. That version doesn't have the log collection feature. My rating for the version of IBM QRadar User Behavior Analytics I'm using is a seven overall.
Vice President - Technology & Managed Security Services at Valuepoint Systems
Real User
Jan 13, 2023
I rate this solution a six out of ten. Regarding advice, using this solution purely depends on the use case. If it meets your use case, then IBM QRadar is good, but other solutions like Securonix are much better.
Principal Cybersecurity Consultant (Architecture, Engineering, Operations) CISO VCISO at a financial services firm with 10,001+ employees
Consultant
Oct 18, 2022
I give the solution an eight out of ten. The solution is fairly easy to maintain and the learning curve is reasonable compared to other products to customize the workflow dashboards and get meaningful insight as far as what is happening within our organization. The solution is also fairly straightforward to integrate with different data log sources. The solution requires three to five people to maintain including one analyst, an engineer, and an architect. I suggest before using the solution you know what your process is, know what your logging sources are, and plan well because It's really a leadership challenge. The solution is better deployed than other models.
I would advise potential users to read the manual or the workbook before going forward with the deployment. Try to match the requirements with the company's needs to avoid facing issues in the future. But if you get stuck, you can always ask the community for help. On a scale from one to ten, I would give IBM QRadar Advisor with Watson a nine.
Cyber Security Specialist at a tech vendor with 10,001+ employees
Real User
May 12, 2022
The version we use depends on when the customer is onboarded. Whenever recent onboarding takes place, we use the most up-to-date versions. However, there are customers that we have been facilitating for the past two or two and a half years and they might be using the previous versions. There are proper version upgrades that happen on a quarterly basis. I'd rate the solution seven out of ten.
IM Operations Manager at a tech services company with 1,001-5,000 employees
Real User
Apr 25, 2022
My advice to others is to shop around because IBM QRadar Advisor with Watson is not for small enterprises, it's aimed at your larger environments that have a multitude of infrastructure and networks that are hybrid across different environments. It integrates into quite a few tools, such as your email system, and file systems. This tool is not for everybody. IBM doesn't have the sort of tool that helps a five, ten, or twenty user environment. This is not advisable to go and invest in the solution. There are other tools that you could possibly look at that do probably some of the functions in terms of monitoring your playbooks and integration points that are a little bit easier to map to. However, that is not a tool for every organization out there. The solution is targeting major enterprises. I rate IBM QRadar Advisor with Watson a seven out of ten. There are quite a few areas they could improve, such as they have a lot of technical manual configs and orchestration could be better.
IBM Security QRadar (recently acquired by Palo Alto Networks) is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which...
IBM Security QRadar is stable and has great support. I advise others looking into using IBM Security QRadar that it is really helpful for building a SOC and to get a deep dive into your real threats at the earliest time. I have given this product a review rating of 10.
IBM Security QRadar is capable of handling much of the market requirements. It's comparable to any other SIEM tool without standing out significantly. It's fairly open for custom integrations, but it depends on what type of logs we are receiving and what kind of parsing we are getting done. The integrations are totally based on the skill sets if third-party or custom integrations are required. When it comes to log management, it's fairly easy to manage and the log rotate is really good compared to any standard SIEM tool. It just gets the work done. I rate IBM Security QRadar an 8 out of 10.
I rate IBM Security QRadar 8.5 out of 10.
We are thinking about moving outside of IBM Security QRadar ecosystem due to cost and the belief that some functionalities of new SIEM platforms are surpassing IBM Security QRadar. We think they are not keeping pace with SIEM, which makes it harder for them to differentiate their product or compete against others that are cheaper and easier to deploy. If you had asked me this question five or seven years ago, I would have given it a solid 10, maybe a nine, but today I believe they are losing track of that. The overall rating for IBM Security QRadar is seven out of ten. We were partners when they were under IBM. We've been in an IBM program of MSSP for Latin America, so we were partners of IBM Security QRadar when it was within IBM. However, with the selling to Palo Alto this year, we lost that partnership and are now just customers of a reseller. We operate the platform for our customers. We don't have IBM Security QRadar for our own use.
I deal with products such as IBM or Elastic solutions. I have experience with IBM Security QRadar, but not with Elastic; however, we are trying to get into Elastic. We use many different cloud providers as our main cloud provider. AWS is one of those. We did not purchase the IBM Security QRadar product through AWS Marketplace; that's handled by our IT team. I work in a dealership industry, specifically in home hardware. It is easy to use; I wasn't familiar with it, but after getting one-on-one training with my senior, I was able to use it very efficiently and learned it quickly. We use IBM Security QRadar's Risk Manager, but I don't use it directly as it's related to my senior. I investigate it, but those procedures are based on my senior's decisions. I have not used IBM Security QRadar's analytics engine for automating SOC tasks. The integration of third-party technologies with IBM Security QRadar's open architecture is good; it integrates with other solutions efficiently. I have used it with many different platforms such as SentinelOne and ExtraHop, and it integrates effectively. My company are customers with IBM. The overall rating for IBM Security QRadar is 9 out of 10.
This implementation process receives a rating of six. In UAE, we have strict restrictions regarding compliance, particularly NIST compliance. Most companies should have local LLM, not public. Most SIM solutions or SOAR don't have the capability to build or need custom connectors for using AI with internal LLM, rather than cloud-based solutions ChatGPT or Gemini. Overall, I would rate IBM Security QRadar an eight out of ten.
I would rate IBM Security QRadar ( /products/ibm-security-qradar-reviews ) nine out of ten. The main reason for moving from this tool was the pricing.
My advice is to understand your infrastructure first. Assess the size before sending any protocol requests or RFPs to adjust licensing costs. You may procure licenses less or more than needed, impacting finances. Analyzing your infrastructure is crucial, considering the logs and security issues you will set. Trained personnel are necessary. Without them, usage is challenging. Overall, the product rating is eight out of ten.
All technologies are advancing towards AI integration. It is essential to integrate AI capabilities into devices to keep pace with future technologies and integrations. We should configure AI technologies in these products, though we currently lack experience and information. My overall rating for this solution is nine out of ten.
In the middle of evaluating, I am looking for some information about comparison boxes or licenses, products, and so on. I am interested in this issue, but I will not purchase it personally. We have a plan for internal projects for this. Product rating: five out of ten.
IBM Security QRadar enhances threat detection and incident response in our specific industry. The threat intelligence is somewhat different in Pakistan. We also have to deploy other open-source solutions and integrate them with the new system. We have IBM X-Force, and the solution provides threat intelligence releases for global incidents. Basically, we have CTM360, which helps with the threat intelligence part. We are actually using both with the solution. I think IBM X-Force complements our challenges, but it is not up to the mark we require. We have to collaborate with different solutions as well with CTM360. The tool's anomaly detection was useful with respect to application integration. We use a use case where we recently implemented the tool with respect to business applications where we define a rule set, and the system perfectly identifies and triggers an event against the rule set we define, so it is related to business applications. Our use cases are related to the event. An incident was caused a couple of days ago due to the Log4j vulnerability. For such vulnerabilities, the use case will also be helpful. It is easy to integrate with different solutions or different databases like MySQL and Oracle. It has the edge over other solutions, like open-source solutions like Wazuh and Splunk, so IBM Security QRadar is very much refined with respect to these solutions. Regarding the tool's ability to maintain high-security standards, I rate it ten out of ten. So far, we haven't used any AI feature in the tool, or it may not be available in the version we use. Overall, I recommend the tool to others. We are currently recommending it to peer banks and peer colleagues who need to make a decision to buy a product. Maintenance is not required, but we regularly check the tool's health reports. If any event occurs monthly or quarterly, then we need to maintain it. Otherwise, no maintenance is required. I rate the tool an eight out of ten.
I am generally satisfied with the product. Considering that there is still room for improvement and that the vendor could improve it to be made faster than it is at the moment, it is still a good product. I rate the tool an eight out of ten.
I prefer Splunk since it gives a lot more freedom and flexibility. I rate the overall solution a six out of ten.
I rate the tool a seven out of ten. It is a tough product.
I rate the overall product an eight out of ten.
QRadar supports connectivity with a 2800 vendors, including Cisco and Fortinet FortiGate. These integrations encompass various platforms such as VMs, Linux distributions like Red Hat and CentOS, and Symantec and Microsoft Windows for CRM databases and other server functionalities. Cloud technologies such as Office 365 are also supported. The tool is flexible and I recommend it. Overall, I rate the solution a nine out of ten.
My company takes care of the maintenance part of the solution for our clients who use IBM Security QRadar in their environments. Nine engineers and one manager take care of the maintenance process of IBM Security QRadar. My company has a lot of certified employees to take care of IBM Security QRadar's maintenance. My company can be considered a powerhouse when it comes to products from IBM. I recommend the solution to those who plan to use it. Splunk and IBM are leaders as per Gartner Magic Quadrant. I believe that IBM Security QRadar should be fairly priced for SMEs. I rate the overall tool an eight out of ten.
Overall, I rate IBM Security QRadar a nine out of ten.
In the future, my company would want the cloud version of the solution and not its on-prem version. I rate the overall tool a seven out of ten.
I am using the current version of the solution. We do not have a team to analyze malware. Overall, I rate the product a nine out of ten.
I give the solution a seven out of ten. We have around 20 users. The solution is of good quality and can be implemented successfully. However, in order to fully utilize its benefits, one must possess expertise in Python programming.
The version of IBM QRadar User Behavior Analytics, which my company uses, is a little outdated from 2013. That version doesn't have the log collection feature. My rating for the version of IBM QRadar User Behavior Analytics I'm using is a seven overall.
I rate this solution a nine out of ten.
I rate this solution a six out of ten. Regarding advice, using this solution purely depends on the use case. If it meets your use case, then IBM QRadar is good, but other solutions like Securonix are much better.
I would recommend tuning it to the maximum before going live. I would rate IBM QRadar User Behavior Analytics a seven on a scale of one to ten.
I would rate IBM QRadar User Behavior Analytics an eight out of ten.
I give the solution an eight out of ten. The solution is fairly easy to maintain and the learning curve is reasonable compared to other products to customize the workflow dashboards and get meaningful insight as far as what is happening within our organization. The solution is also fairly straightforward to integrate with different data log sources. The solution requires three to five people to maintain including one analyst, an engineer, and an architect. I suggest before using the solution you know what your process is, know what your logging sources are, and plan well because It's really a leadership challenge. The solution is better deployed than other models.
I would advise potential users to read the manual or the workbook before going forward with the deployment. Try to match the requirements with the company's needs to avoid facing issues in the future. But if you get stuck, you can always ask the community for help. On a scale from one to ten, I would give IBM QRadar Advisor with Watson a nine.
The version we use depends on when the customer is onboarded. Whenever recent onboarding takes place, we use the most up-to-date versions. However, there are customers that we have been facilitating for the past two or two and a half years and they might be using the previous versions. There are proper version upgrades that happen on a quarterly basis. I'd rate the solution seven out of ten.
My advice to others is to shop around because IBM QRadar Advisor with Watson is not for small enterprises, it's aimed at your larger environments that have a multitude of infrastructure and networks that are hybrid across different environments. It integrates into quite a few tools, such as your email system, and file systems. This tool is not for everybody. IBM doesn't have the sort of tool that helps a five, ten, or twenty user environment. This is not advisable to go and invest in the solution. There are other tools that you could possibly look at that do probably some of the functions in terms of monitoring your playbooks and integration points that are a little bit easier to map to. However, that is not a tool for every organization out there. The solution is targeting major enterprises. I rate IBM QRadar Advisor with Watson a seven out of ten. There are quite a few areas they could improve, such as they have a lot of technical manual configs and orchestration could be better.
We are a preferred partner of IBM. I'd rate the solution at a seven out of ten.