IBM Security QRadar SIEM v7.3.2 P1 - Console (BYOL)
IBM Security | QRadar Console v7.3.2 Patch 1Linux/Unix, Red Hat Enterprise Linux RHEL-7.5 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Good SIEM product to use with impressive threat intel feeds
What do you like best about the product?
The threat intel feeds integrated with QRadar is excellent and very insightful.
The GUI of the tool is also really impressive and is well constructed for analysts.
The GUI of the tool is also really impressive and is well constructed for analysts.
What do you dislike about the product?
The license cost is really expensive and customisation requests and use cases that that are required to be configured cost extra each time. Support team take a long time to respond.
What problems is the product solving and how is that benefiting you?
IBM QRadar is a useful SIEM tool that helped add to our portfolio of offerings along with our MDR services. It also gives good insights into latest cyber threats and log types for monitoring team.
- Leave a Comment |
- Mark review as helpful
One of the best SIEM tool in the market
What do you like best about the product?
QRadar UI is very user-friendly. It doesn't require query-based search like other leading SIEM tools in the market. Its graphs and reports also provide detailed information about your Infrastructure.
What do you dislike about the product?
I don't find any downsides to QRadar. It might be because QRadar was the first SIEM tool I used in my career. Later I used other tools but found QRadar to be the best.
What problems is the product solving and how is that benefiting you?
With more than 40,000 computers and servers involved, it becomes difficult to track and prevent your infrastructure against security attacks. IBM QRadar makes soc teams' life easy by getting rid of false positives and providing detailed information about attacks.
One stop SIEM solution
What do you like best about the product?
QRadar can be a one stop SIEM someone with its capabilities to integrate with TI feeds and UEBA. Is very easy to use and takes the focus off of the tool to help focus on what's important- Security.
What do you dislike about the product?
The UI looks pretty outdated and boring and could be worked upon. Compared to its rivals like Splunk and other MDR tools that are now taking over the market, QRadar looks very bland.
What problems is the product solving and how is that benefiting you?
Helps deliver accurate and timely security alerts to our clients. Can also be used to perform proactive threat hunts to make sure that the clients are safe from security threats.
Perfect SIEM solution to depend against threats.
What do you like best about the product?
The flexibility that QRadar offers helps security team deduct, understand and prioritize threats to the environment. Also it performs in depth network forensics and store complete network logs.
What do you dislike about the product?
It could be complicated for beginners, prior knowledge is required to operate. Threat analysis could be more simplified and also managing the database of threat reports is not easy.
What problems is the product solving and how is that benefiting you?
It provides automative solution of threat protection. There are advanced search queries which are easy to understand which allows user to perform specific searches that really speed up the investigation.
In-depth network forensics and integration with other tools
What do you like best about the product?
It helps in threat detection and response solution to remediate the threat. It has open architecture to deploy on premises, on cloud or as a service. We can integrate EDR, SIEM, SOAR and other threat intelligence while leaving data where it is for to complete the XDR approach.
What do you dislike about the product?
The EPS cap limits the amount of logs that can be integrated in Qradar can generate many false positives. Not a much user friendly, a bit difficult to set the rules.
What problems is the product solving and how is that benefiting you?
It is a good solution to monitor,investigate detect and respond to threats on devices and endpoints of the environment. Logs retention capability is good. It collate large amount of data from the cloud and on-site sources.
I love Qradar for its reliability
What do you like best about the product?
We feel safer everyday. Qradar protects our IT infrastructure and in case of any threats it send alerts with reports and the likely possible outcome plus ways to mitigate the risk
What do you dislike about the product?
Qradar is a great and advanced solution that require documentation for beginners to use to learn the software
What problems is the product solving and how is that benefiting you?
What Qradar gives us everyday is complete protection from outside threats, protection from data leaks, and remote management of devices that are connected to the company
Can't prefer QRadar alone but prefer to use with SOAR concepts
What do you like best about the product?
It has variety of searches that you can easily do and correlation queries can be easily altered
What do you dislike about the product?
I am not a fan of Qradar View. when I see it I feel that's a pretty outdated view.
What problems is the product solving and how is that benefiting you?
When it is connected with XSOAR the user experience is better as alerts are directly linked and synced.
IBM security QRadar one of best enterprise wide solution for SIEM
What do you like best about the product?
Time to valuon on-primises qradar achived full operational status less then three month and it collect more logs , maintain controls and and qradar on cloud.
What do you dislike about the product?
Product is very slow .data proccing is very slow
What problems is the product solving and how is that benefiting you?
Security innovation event managment system is excellent
IBM QRadar
What do you like best about the product?
Its a good SOC tool, and comes with a lot of handy features and functionalitied.
Captures data from multiple resources over the network and auto generates red flags.
I feel its comparitively better than other tools like splunk and provides better working flexibility.
Captures data from multiple resources over the network and auto generates red flags.
I feel its comparitively better than other tools like splunk and provides better working flexibility.
What do you dislike about the product?
I feel lots of functionality in a tool makes it difficult to manage on the UI and a lot of unrequired features can be provided as an addon which could be installed whenever required.
What problems is the product solving and how is that benefiting you?
centralised tool to collect all infrastructure details, network details and security vulnerabilities as well and helps managing large chunks of data in an organised manner and which can be used in multiple ways.
Best SIEM for small to medium organizations
What do you like best about the product?
Easy to integrate with other tools, availability of extentions, simple rule creation, good customer support, large community to discuss queries, able to trigger alertsin real time
What do you dislike about the product?
Tool is very bulky due to this problems occurs during upgrading, search is slow if data is High, some time refrence set cause problem
What problems is the product solving and how is that benefiting you?
It is event management system, Central console to collect all events, you can build rules to trigger alerts for anomalies
showing 51 - 60