Sign in
Categories
Migration Mapping Assistant Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

IBM QRadar Security Intelligence Platform Managed Host (BYOL)

IBM Security | QRadar MH v7.3.1 Patch 7 IF1

Linux/Unix, Red Hat Enterprise Linux RHEL-7.5 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

36 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Alessandro D.

The best SIEM Available

  • November 13, 2019
  • Review provided by G2

What do you like best?
Great tuning capability, intelligence service allows to automatically generate offenses and the capability of adapting to any kind of infrastructure.
What do you dislike?
Visually is not the best, the web browser offers an intuitive GUI but some functions are not presented really well.
What problems are you solving with the product? What benefits have you realized?
Monitoring customers infrastructure from deployment to full installation, giving also SOC service.


    Education Management

QRadar helping university IT department with the many threats that are bombarding it

  • October 22, 2019
  • Review verified by G2

What do you like best?
I like QRadar's intuitiveness and ease of use. As a member of the IT department I use QRadar daily to look for anomalies and troubleshoot issues. QRadar helps all our staff from the systems and network teams to the security analysts.
What do you dislike?
There are some search features that are disappointing. If I put a filter on a search, but make a mistake with it, I have to delete the filter and then add the proper one instead of just editing the one I made the mistake in.
What problems are you solving with the product? What benefits have you realized?
We have it daily for troubleshooting network issues. Looking for troublesome users, bots, malicious actors and much more. As a University we have to look at threats coming from the outside world, as well as troublesome students trying things out due to curiosity or unfortunately the occasional one who is being malicious.
Recommendations to others considering the product:
Don't expect it to be the tool that will save your day by just turning it on. It takes time to tune the product. It is a little bit of rinse and repeat. You tune QRadar and let it sit for a bit and then you find some offenses that aren't really offenses and you tune some more. Overall QRadar is exactly what you put into it. If you spend the time investigating issues and tuning rules you will get a clean set of offenses for you to investigate.


    Banking

Good security system

  • October 14, 2019
  • Review verified by G2

What do you like best?
The security system we just started to use. it helps identify and prioritize many threats. menu seems a bit complicated, but you can filter by yourself. All available in offenses
What do you dislike?
everything looks nice now. We did not encounter any problems.
What problems are you solving with the product? What benefits have you realized?
To be aware of the advanced threats such as security of all devices in our corporate network, opening user account other than information outside of working hours, long-term usage of VPN.


    Computer Software

Excellent tool for SIEM Technology

  • September 29, 2019
  • Review provided by G2

What do you like best?
The ability to write complex rules with lot of ease. It helps correlate lot of log sources and can help write/define better rules which can help address complex rules. The features to add multiple apps from various vendors to better represent the dashboards and various lookup integrations. Incident Management and Automation for the script triggers and having them integrated with tools like IBM Resilient which helps managing the incident response process.
What do you dislike?
There is nothing much to dislike in the system, however the Dashboard options and representation can be better. Pulse has some compensation however, we need to share those JSON files and all which is complex and not user friendly again.
Also the support for OT environment related log sources can be looked into as well. However, the dashboards and reports are the main concern points which we have seen with multiple customers.
Also multiple threat intel features can be recommended just like the IBM Resilient free threat intelligence options, instead of just keeping the TAXI/STIX feeds available, it would be great if you can recommend the customer on what and how to use them based on the open feeds that are actively available in opem.
What problems are you solving with the product? What benefits have you realized?
Complex rule monitoring. Multiple Correlation rules. Automatic Trigger of Incident Response tickets. Better visibility to the network and event logs.


    Banking

QRadar SIEM Review and Comparision

  • September 28, 2019
  • Review provided by G2

What do you like best?
QRadar App Exchange
Log Source Integration and Custom Content Extraction from raw event
QRadar Network Insight
ADE - Anomaly Detection Engine
What do you dislike?
No correlation Rule can be written if log sources integrated with different event processors
Support (Specially Indian support) is not much technical and not able to resolve issues on timely manner
What problems are you solving with the product? What benefits have you realized?
Traffic profiling and triggering alerts for abnormalities
Recommendations to others considering the product:
I have worked on multiple SIEM Tools and found QRadar SIEM is stable, flexible and have more features compared to other SIEM Tools I worked including RSA SA, Symantec SSIM, ArcSight, McAfee Nitro.


    Hospital & Health Care

QRadar

  • September 23, 2019
  • Review provided by G2

What do you like best?
Monitoring the bulk amount of servers and bulk amount of request like ga generated in those servers
What do you dislike?
Not much, it was great experience in working in IBM QRadar
What problems are you solving with the product? What benefits have you realized?
Monitoring the servers, monitoring who are accessing the application from which locations, can be able to trace the requestor through IP and location as country, monitor the logs in one place in one interface
Recommendations to others considering the product:
Monitor the request logs in a radar range


    E-Learning

Simply the best!

  • September 20, 2019
  • Review verified by G2

What do you like best?
Powerful tool that can monitor almost anything. Happy that they offer free training on it as well. It works well with the entire Security immune suite from IBM. It's rated number one in gartner's magic quadrant for SIEM's. Brilliant product.
What do you dislike?
It can get complicated and difficult to understand at time. licencing is very expensive and can limit what you want to use Qradar for. It's difficult to get practical experience due to the lack of test environments. There's not a big footprint in Africa. customers lack the skills and it can be difficult to get to the to offer support and training.
What problems are you solving with the product? What benefits have you realized?
single point to manage Security Event Information Management. Love how flexible the product is and how easy it is to integrate. Threat intelligence and full protection in terms of the kill chain analysis. Network traffic, events and offenses can be query from a single console. very nice indeed
Recommendations to others considering the product:
Power product, It's simply the best


    Government Relations

the most competent SIEM

  • September 16, 2019
  • Review provided by G2

What do you like best?
all in one, integrations, scalability.
It is the most competent product on the market with many thing out of the box and easy to build own integrations
What do you dislike?
pricing, the pricing by EPS and Flows can be very very expensive, its hard for a small company to invest in this product
What problems are you solving with the product? What benefits have you realized?
Normalizing by many different products


    🇮🇳 Tapan J.

QRadar CE v7.3.1

  • September 13, 2019
  • Review provided by G2

What do you like best?
Integration with quite a lot of other software suites. The Microsoft DSM is already installed in this version. Integration with Xforce Threat Intelligence as well we can integrate plugins from Exchange platform also.
What do you dislike?
Nothing up till now. QRadar has nothing to dislike as compared to other SIEMS. But consumes a lot of memory, which in a way is quite beneficial for very good hardware that requires to protect critical infrastructure. But more memory usage turns out to be laggy a few times.
What problems are you solving with the product? What benefits have you realized?
Helps me detect Threats and Intrusions in my network. QRadar is simply superb.!


    Computer & Network Security

Most comprehensive and security focused SIEM

  • September 13, 2019
  • Review provided by G2

What do you like best?
Most broad variety of features. Every feature is done with security monitoring focus.
What do you dislike?
Some features could be more configurable.
What problems are you solving with the product? What benefits have you realized?
Improved SOC operations.